Sonarcloud Quality Gate failed for old code

I’m using SonarCloud for Analyzing the Projects.
The quality gate rules are default Sonar way.
I have set new code definition as Previous Version

In one analysis, the analyzer reported bugs in older code(2 years older code) due to which the quality gate failed.

Why Sonar Quality gate is reporting bugs in older code even though quality gate rules are only for new code?

Regards,
Tejas

Hi @tejas.shah ,

can you share screenshots of your Quality Gate and of your project which failed?

Thanks,
Carine

Hi @Carine_Bayon ,

Quality Gate and new code definition settings :
For new code definition we have set for Previous Version and the quality gate rules are copy of Sonar Way.

new_code_definition

Failed Project :
The quality gate fails for Reliability Rating since it is reporting bugs in old code.

Are we misconfiguring something ?

Regards,
Tejas

Can you add a screenshot of your project homepage please? (with the QG status and conditions failed) ?

Thanks,
Carine

The QG is failing for a feature branch due to multiple conditions. But seeing the Reliability Rating report, it has marked a bug in an older code.

sonar_failed_QG

bugs_in_branch

Regards,
Tejas

Hi @tejas.shah

When was analyze you latest version ? What does show the activity tab of your base branch ?

Thanks.

Hi @mickaelcaro , There is ongoing development process,
so after every few hours there might be a new analysis version.
Following is the activity tab of main branch (develop)

Regards,
Tejas

And before this today’s version, when was the previous one on develop ?

This Project was on-boarded on SonarCloud on 3rd March, 2021. This is the first version that is on-boarded. Since then, this version hasn’t been changed.

Regards,
Tejas

Ok, so it looks like it’s normal : A baseline is established : since you’ve created a version, from now on, those issues will not appear again.

This sounds like typical Sonar behaviour to me. If the code you start with is already failing, you’d better hope you never have to change it, not even to make improvements, because as soon as you try to make one improvement in the code, the quality gate will kick you in the balls for not fixing every other issue in the same area.

Some classic examples of this from recent memory:

  1. I removed a warning suppression and Sonar failed the quality gate complaining about suppressing warnings.
  2. I made a line of code shorter and Sonar quality gate complained about the line of code being too long.
  3. I fixed the indenting on a line and Sonar quality gate complained about some existing issue that happened to have code on the same line.

I think Sonar is just not current designed in a way to encourage people to improve code quality because most of the time, when trying to do so, the quality gate prevents you making the change.

Rather than doing warning accounting on a line by line basis, it should be looking at the total warnings before and after and only complaining if the total went up.