I’m Unable to scan my whole code again , only new codes are being shown I want to be able to reset my past code scan as I made to mark some false positives
but I want to reset all these and scans once again, kindly let me know
Hello @varo_thaya ,
Welcome to the community!
I am not sure I fully understand the problem. Could you provide a link or a screenshot of where only new code is being shown, and what updates you would like to see?
Hi Martin ,
thanks much for responding, I have a codebase . Got it scanned and received a report of some issues
but I marked quite a few false positives .
now whenever a new code is committed the sonarcube only detects the new codes that were committed.
how can I make the sonarcloud scan my full source code so it can detect the same issues again and hilight to me again. I need to do this at least for few times before I let your new feature “clean code” to work.
Is this a private or public project? If it is a public one, could you send me a link? That would make it a bit easier to help out.
Hi Martin ,
it’s a private project, basically I’m wondering how I can make the project be scanned with whole source ,
I’ve also tried but it did not show any new detention or did not seem to redetect the bugs
For long-living branches (e.g. your main branch), the full source code should already be scanned. We just split the view so that you can easily focus on the new code first. If you are on your main branch summary in the SonarCloud user interface, you should be able to switch to the overall code as well.
This is a bit different for pull requests, where we only display the results of code that has changed.
Hi Martin,
Noted.but I’ve created a branch and I want the branch and I want that branch to be scanned with the whole code every time. is that not possible?
full scan is only valid with a master ?
Hello @varo_thaya ,
This is possible as well. We distinguish between short-lived and long-lived branches. Short-lived branches behave similar to pull requests and thus only results from changed code will be reported. Long-lived branches are very close to your main branch, where you will be able to look at the overall results as well.
You can find the configuration of the pattern we use for this distinction on your branches page on the top right. After setting this up to your liking, you have to remove the branch (the one that should switch from short-lived to long-lived) from SonarCloud and run the analysis again. Now you should be able to see the results both for new code and overall code as well.
Thank you for this topic!
However, I am still confused about how to scan the entire code. The concept of new code suggests that only new code is scanned.
Let’s assume the new code is set to 10 days. I make changes on the 1st of June, but never scan them, then I made additional changes on the 25th of June, and then I scanned the branch/pull request at the end of June. would the changes made on the 1st of June (more than 10 days ago) be scanned?
To guarantee that all the code is scanned (maybe some old code is not scanned), I need to run a FULL scan and make sure the whole repository is scanned at least once a year. How can I do that?
Hello @Ali_hassan ,
For this, it kind of depends on what is being analyzed. If you created a pull request or a short-living branch, then only the changes will be analyzed. If you’ve been working on your main branch or another long-living branch, then we analyze all the code but encourage our users to focus on the new code. In this case you will have the option to switch between the two views (you can find an open-source example here):
If you’ve made changes on the 1st of June, and pushed them to your repository, then they should have been analyzed right away.
1 Like
Actually having the same problem.
Code smell was merged to master long time ago(90+ days, while New code definition is 90) and not visible in Overall Code for master now.
However same code smell still visible in PR branch analysis and related code still exists in master codebase.
How can I rescan entire project (master) to see ALL issues in master?
Hello @pavlo_skorodziievsky ,
Welcome to the community!
If you are using CI-based analysis, you can re-run your CI/CD pipeline to trigger a new analysis. But this should not bring different results on the overall code.
Could you check if the code smell shows up if you change the filter to show “Won’t fix” and “False Positive” issues?
Re-triggering didn’t helped. Issues were not in “Won’t fix” and “False Positive”, this was my first check.
In case if anyone will have similar problem I solved it by cloning the master branch as separate PR and replacing
mvn ${MAVEN_CLI_OPTS} -B sonar:sonar
-Dsonar.token=${SONAR_TOKEN}
-Dsonar.pullrequest.base=master
-Dsonar.pullrequest.key=${{ github.event.pull_request.number }}
-Dsonar.pullrequest.branch=${{ github.event.pull_request.head.ref }}
-Dsonar.organization=REPLACED -Dsonar.projectKey=REPLACED
-Dsonar.host.url=https://sonarcloud.io/ -Dsonar.branch.name=${{env.GITHUB_HEAD_REF}}
with
mvn ${MAVEN_CLI_OPTS} -B clean verify sonar:sonar
-Dsonar.login=${SONAR_TOKEN}
-Dsonar.organization=REPLACED
-Dsonar.projectKey=REPLACED
-Dsonar.host.url=https://sonarcloud.io/
-Dsonar.branch.name=master
@Martin_Bednorz do you know if any related change was applied on Jan15-Jan16 on Sonar side ?
Our code wasn’t changed, but code issues for master ‘Overall Code’ dropped on Jan 15 - Jan16
And after workaround above it’s back to normal:
The only change that could be related was a rollback of our JavaScript analyzer on that day (see here). What languages does your project consist of?
Hi @Martin_Bednorz ,
I will gladly share all the details, but can we keep it in private conversation or via email?
I was able to get all project scanned again, but 85% of results are lost again from Master ‘Overall Code’ section after 1 liner commit was merged…
Thanks