severities=BLOCKER issues Coming On Sonar Newly, Though We Already Fixed Them

Hi Team,
Sonar ui is showing Blocker issues recently though we have already fixed them. Can you please let us know what might be the reason for this? 3 years old blockers also showing now.Below screen shot for your reference.

Thanks,
Revanth

Hi Revanth,

If you click into the issue, what do you see on its Activity tab?

 
Ann

Hi @ganncamp /Team,

Below scren shots for your reference, Also please note that its coming newly but we have already made them, as false positive.

Thanks,
Revanth

Hi Revanth,

Thanks for the screenshots. I’m asking about the Activity tab in the issue:

Selection_1784

 
Ann

Hi @ganncamp ,

Here you go.

Thanks,
Revanth

Hi Revanth,

Thanks for the screenshot.

You said in your initial post that you’ve already fixed these issues. Does that mean that the method that start on line 74 does not have an identical implementation?

 
Ann

Hi @ganncamp ,

This screenshot shows line number 70 but my question was we have already made them as False Positive and now why again that issue is reproducing as blocker issue.

Thanks,
Revanth

Hi Revanth,

The history on the example issue shows that it was freshly created on 10 March. Based on that, I suspect that:

  • on or before 9 Feb, analysis configuration changed such that the issue was no longer raised
  • issue status went from “False Positive” to Closed
  • after 30 days the Closed issues were purged from the DB
  • on 10 March or just before, analysis configuration changed back, and the issue was re-raised. If it had been raised before the issue purge, it would have been re-marked as False Positive, but since the old record had been purged it was re-raised as Open

Your best bet here (other than actually fixing the problems the issues point out
:wink:) is to use the Bulk Change option to re-mark these issues Won’t Fix.

 
HTH,
Ann

Hi @ganncamp ,

Thanks for the details, It was our projects cleanup or analysis configurations changes that resulted in this or was it something else that happened on server-side?

Thanks,
Revanth

Hi Revanth,

Sorry, but I really have no way of knowing.

 
Ann

Hi @ganncamp ,

Is won’t fix different from false positive?or its same?As you told in the previous conversation that Your best bet here (other than actually fixing the problems the issues point out
:wink:) is to use the Bulk Change option to re-mark these issues Won’t Fix.

Thanks,
Revanth

Hi Revanth,

They’re different technically, but have the same impact.

I suggested using Won’t Fix because by your admission the issues arent’ actually “false positives”.

 
HTH,
Ann

This rings a certain bell…

In my project, we also have a couple of sources with a particular issue that comes and goes randomly without even changing a bit of the code. Whenever it appears, I mark it as a false positive (because it is; SQ really cannot judge that particular case). Then at some later run sonarqube doesn’t find it any more, and “thinks” it was fixed nevertheless(despite marking), and next time it is seen again, it becomes a new issue with no relation to the old one.

As Sonarqube isn’t open source (afaik), my options for analysis there are limited. I cannot send them my code as well (for same reason), so there’s no progress…
Seems like I’m not alone with my on/off-issues.