Single Line Change - Issues All Over File

Hello,

we recently had the issue that SonarCloud brought up “old” issues on a PR because a single line of a file was edited.
The same file was edited a week before without SonarCloud bringing up any of those issues.

I would expect it to bring up issues for the same line (and maybe adjacent lines) but those where lines all across the file.
Then i thought it might be a new Check/Rule being introduced now triggering but that is also not the case.

I thought it might be because of the “New Code - Previous version” setting we have but SonarCloud is saying that we are on the same version for 4 months.

I know the description is rather vague and probably not very helpful for anyone trying to help me, but
I am trying to understand why this happend and if possible how we can prevent this in the future.

Hey there.

What CI are you using to run your analysis?

We are using the github integration (not a ci flow but the one provided natively by sonarcloud)

Thanks. Super weird, since this usually has to do with git clones.

I’ll reach out to you for some private details.

1 Like

Hi @stabl-gjn ,

Thanks for reporting this issue!
Getting back to our internal logs, I see many errors related to Git when analyzing this pull request.
The process failed to clone some submodules due to network errors.

Since our scanner relies on the Git history to detect the lines that changed, a broken Git history can trigger what you observed, issues triggered all over the place and not only on the changed lines.

I apologize for the inconvenience. This is not something you can do anything about, it is internal. I’ll continue to dig in case we could define some improvement of our infra from this event.

Hope that helps,
Claire

Hey @Claire_Villard, thanks so much for looking into this.

Yeah we have a few git-submodules which are also private (we clone them with ssh) so that might be one/the issue.
For our other github ci runs, we just clone them with a token but i don’t think it’s possible to specify this in sonarcloud.

Is this log you are talking about visible in the UI somewhere?

In the mean time, please let me know if i can help out with any data/information.

Hi,

Thanks for the details.
Indeed, it is not possible to clone private submodules on SonarCloud at the moment.

The logs are not visible in the UI. Improving the Automatic Analysis user experience is something we actively work at now, to improve that kind of situation.
Thanks for reporting it, it will enrich our product!

Claire

1 Like