Versions:
- SonarQube 9.4 (build 54424)
- SonarQube Gradle plugin 3.2.0
Deployment option: Helm
Trying to achieve: new code correctly detected in main branch after the development branch is merged and some of its commits are older than the latest analysis on main.
Steps to reproduce:
- have a
mainbranch with some code in it, let’s say the last commit iscommit1 - have a development branch created from
mainusinggit checkout -b development_branch - in SonarQube have New Code setting set to “Reference branch: main” for Project, and to “Previous version” for
mainbranch - make some changes in the development branch and commit them (creating
commit2) - make some changes in
mainand commit them (creatingcommit3) - trigger analysis on
mainusinggradle sonarqube -Dsonar.projectVersion=main@commit3 - made some more changes in the development branch and commit them (creating
commit4) - merge development branch into
main(creatingcommit5), have a following commit history:* commit5 Merge branch 'development_branch` into main |\ | * commit4 * | commit3 | * commit2 |/ * commit1 - trigger analysis on
mainusinggradle sonarqube -Dsonar.projectVersion=main@commit5 - observe that only the changes from the
commit4are considered New Code whilecommit2is ignored, even though it is a new code formainbranch
After reading this topic and a bit of SonarQube source code, I now know that the New Code detection logic does not use git diff but instead compares previous version timestamp with the modification timestamps of the code lines being scanned. However, I’m nor sure I understand the motivation behind this approach. Yes, it is (relatively) simple but it also seems to be not complicated enough to handle relatively trivial use cases.
Also, I still don’t see what I can do to make New Code detection work as expected in my situation. I would appreciate if anyone could suggest a solution.