Template for a good bug report, formatted with Markdown:
SonarQube server, developer edition, 220.127.116.11448
SonarJS 6.1 (build 11503) installed
Deleting an unused function from a .js file (with no new code being added/changed) appears to trigger an entire rescan of the file. Thus failing quality gates and similar for old issues that haven’t been addressed yet.
The logs show:
WARN: File '/var/lib/jenkins/workspace/_ITSVC-4330-this-ticket-is-a-lie/includes/form_functions.php' was detected as changed but without having changed lines WARN: File '/var/lib/jenkins/workspace/_ITSVC-4330-this-ticket-is-a-lie/portal/js/global.js' was detected as changed but without having changed lines
The php file scans as expected (no new errors found, etc) however the .js file finds 1 new bug, 119 new code smells, etc.
- Do an initial scan of a legacy project that includes .js code. Preferably, legacy code that would fail current/modern quality gates… But it will “pass” because it’s the initial scan. (in our case, it was php and js)
- After that scan, create a new branch. delete some functions or other code from the .js, do not make any other changes (don’t fix typos, don’t add comments, nothing else new/changed)
- Run a new “branch aware” scan.
You’ll find the above warnings in the log. the PHP files will show as epxected (no new errors/vulnerabilities/smells) but the .js file will show all of the issues as “new”