Short lived branch analysis


We are using Sonarcloud with Azure DevOps integration. When we make a vulnerability fix in our feature branch which is a short lived branch, I would like to know if the fix resolves the sonarcloud vulnerability before merging to the long running branch.

However, I have noticed that short lived branch does not appear to show all vulnerabilities even if those are present. So, my question is how do I reliably know if the fix resolves sonarcloud issue before merging it to the long running branch


You can’t, unfortunately.

You can analyze as a long-lived branch, which will show all issues on the branch.

Otherwise, you’ll want to vote on this roadmap item