Showing issues on old code

Iam getting issues on my java code which is not touched from years, why is it like that ?
someother branches are passing which has same lines of code

Hi @js-techie

Your screenshot is a bit “light” to get help there, but if you are scanning a project, you’ll have issues raised on old code as well, not only on the new code.
Is your screenshot from a branch or a project page?
Can you also send us screenshot of your Quality Gate there?


Hii, i will explaine
i have a long lived branch release-1.0.0 and it is passing the quality gate,
I created a branch from above one call release-2.0.0 the only difference between those two branches is we changed version in package.json (“version”: “release-2.0.0”).
and yes the screen shot taken from branch.

one more issue is first analysis always showing none

  • projectStatus: {
    • status: “NONE”,

    • conditions: ,

    • periods:

why is it like that ?

OK, 1 topic = 1 thread so in case this is another question, you should open another thread on this community forum.
For the “branch” question, can you please share screenshots of your 1st branch and 2nd one, and additional screenshot of your Quality Gate please?

Just to be sure,
1st project is scanned: 8 New major issues have been detected → QG failed (1st analysis, so everything is “New Code” there)
New Code period starts after that 1st scan
You defined a new branch out of this 1st project (which means that your 8 New major issues are now part of the Overall Code) → Your QG passed.
I don’t see why there is a problem for you here in the analysis.

even though there were issues in first branch which is old branch it is successful,
when i create another branch from it, it showing error.
my question is if source branch has issues, why is it passing?
can you clear my doubt:
if a old branch which is succeeded sonar analys. If i create a branch from new old branch does sonar assume the whole code in the new branch is new code and analyse it from scratch ?
FYI : we are using sonar-scanner-

@Carine_Bayon we want know to which rule or what is causing the issue. why analysis of two branches with same code throwing issue on old code. difference between two branches is just version updated in package. is there any specific rules for new branches.
in pacakge.jsone “version”: “1.0.0” changed to “version”: “2.0.0”

1 branch was scanned: 8 security issues found but QG passed.
2nd branch created from 1st branch.
2 branch was scanned: same 8 security issues highlighted as major issues then QG failed.

I think you can follow this thread as well: Quality Gate failing despite no code change - #8

You may have done 0 change on your current code, but you may have changed stuff in other files that are related to this one, and made it fail the QG now. As Ann explained in this post.

Thank you so much!
i will go through it