- ALM used: Azure DevOps
- CI system used: Azure DevOps
- Languages of the repository: Typescript
The execution time of SonarCloud analysis increased from around 4-5 minutes to around 23-24 minutes for my project.
It was working ok on 17 July, we started getting these slow runs from 18 July.
The main problem is that it takes almost 20 minutes for JsSecuritySensor to do the scan. Before it was about 15-20 seconds to finish.
What is interesting, that the number of elements on which the analysis is performed seems to be doubled between those two runs, although there were almost no changes to our codebase on that day.
Here’s the log for the run from 17 July:
2023-07-17T09:43:30.9897329Z INFO: 11:43:30.987107089 Building Runtime Type propagation graph 2023-07-17T09:43:32.0740209Z INFO: 11:43:32.072092494 Running Tarjan on 69967 nodes 2023-07-17T09:43:32.2577388Z INFO: 11:43:32.256604708 Tarjan found 69949 components 2023-07-17T09:43:32.6474250Z INFO: 11:43:32.645865303 Variable type analysis: done 2023-07-17T09:43:32.6511699Z INFO: 11:43:32.650591542 Building Runtime Type propagation graph 2023-07-17T09:43:33.8979256Z INFO: 11:43:33.896959271 Running Tarjan on 69967 nodes 2023-07-17T09:43:33.9761808Z INFO: 11:43:33.975081912 Tarjan found 69949 components 2023-07-17T09:43:34.2071080Z INFO: 11:43:34.206188109 Variable type analysis: done 2023-07-17T09:43:34.2176067Z INFO: Analyzing 8852 ucfgs to detect vulnerabilities. 2023-07-17T09:43:40.5641067Z INFO: Taint analysis starting. Entrypoints: 1651
And from 18 July:
2023-07-18T11:35:31.1903694Z INFO: 13:35:31.188292576 Building Runtime Type propagation graph 2023-07-18T11:35:34.2476289Z INFO: 13:35:34.245361725 Running Tarjan on 152280 nodes 2023-07-18T11:35:34.5879947Z INFO: 13:35:34.586999605 Tarjan found 152262 components 2023-07-18T11:35:35.3503676Z INFO: 13:35:35.349561216 Variable type analysis: done 2023-07-18T11:35:35.3532967Z INFO: 13:35:35.352662865 Building Runtime Type propagation graph 2023-07-18T11:35:36.7502486Z INFO: 13:35:36.749438164 Running Tarjan on 152280 nodes 2023-07-18T11:35:36.8682743Z INFO: 13:35:36.867443923 Tarjan found 152262 components 2023-07-18T11:35:37.3859547Z INFO: 13:35:37.385221878 Variable type analysis: done 2023-07-18T11:35:38.1273466Z INFO: Analyzing 8870 ucfgs to detect vulnerabilities. 2023-07-18T11:35:52.2078957Z INFO: Taint analysis starting. Entrypoints: 1668
Did anything change on SonarCloud side on that day?