Sonar pull Request Analysis is scanning entire code instead of changed files

There is inconsistent behavior in the Pull Request Analysis scanning process. Specifically, sometimes the analysis scans the entire codebase instead of focusing solely on the changed files when a new patchset is uploaded to the same repository.

SonarQube Version - Enterprise Edition Version 9.9
Sonarscanner -

Despite configuring the analysis to target only the changed files in the pull request, it appears that SonarQube is scanning the entire codebase in some instances, leading to redundant analysis and longer processing times.

If there are any specific configurations or adjustments that we need to make to ensure consistent and accurate Pull Request Analysis, please provide guidance on how to implement them.

Expected Results

Our goal is to ensure that the Pull Request Analysis accurately targets only the changed files, as intended, to streamline the code review process and maintain efficiency.

Actual Results

SonarQube scanning the entire codebase instead of only the changed files.
Longer processing times due to the analysis of unchanged files.
Inconsistencies in the behavior of Pull Request Analysis.


Welcome to the community!

It’s normal in some cases for PR analysis to have to analyze the full code base (e.g. when caches aren’t available). What shouldn’t be happening is that it reports on the entire code base, which I’m guessing is what your second screenshot (with ‘4.8k New Lines’) shoes.

In that case, we’re looking at a problem detecting new code. You should make sure the prerequisites are met. If they are, then please share your analysis log.

The analysis / scanner log is what’s output from the analysis command. Hopefully, the log you provide - redacted as necessary - will include that command as well.

This guide will help you find them.