Since upgrading our on-prem SonarQube instance from 7.9LTS to 8.4.2 we have encountered an issue with significantly increased build times for one of our C# .NET 4.5.2 projects.
We are using the SonarScanner for MSBuild 4.10 and the project in question is 43K LOC.
Under 7.9 the total build time for the project was < 3m, but since updating to 8.4 the build time has increased to around 20m. By adding the
/p:reportanalyzer=true option we can see that the bulk of the increase in build time is down to the
SonarAnalyzer.Security analyzer (over 18m - see attached log) .
I have also tested the project using our test instance which is on SonarQube 8.5 and the build time remains the same.
Does this point to a genuine issue with the analyzer or is it potentially just a result of the changes from 7.9 to 8.x? Is there anything else we can do to help further diagnose the issue?
Thanks in advance,
Samsonar analyzer report.txt (27.4 KB)