which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension) v9.9.6 (build 92038)
how is SonarQube deployed: Docker
I have new code as specified as compared to branch main. So I have a current branch that not only has changed code, but mostly new files added, and sonarqube says there is 0 lines added, and obviously no new issues. If I go to the Measures tab, and size. new code=0, and says “New Code: Compared to main”, main is at least scanned daily, and I can see the differences just browing in sonarqube under code tab, but why isn’t the new code being detected correctly? This is C/C++ code.
This is more than likely about the SCM data that’s available to analysis.
Can you share your analysis log?
The analysis / scanner log is what’s output from the analysis command. Hopefully, the log you provide - redacted as necessary - will include that command as well.
I do not have permission to post logs, but can post snippets if you let me know what to look for. The scm is git, and do get warning about missing blame, but wouldn’t think that is the problem. Also see this in the logs, note that is the correct hash for the main branch. What else can I check?
15:08:04.712 INFO: SCM Publisher 0/171 source files have been analyzed (done) | time=139ms
15:08:04.712 WARN: Missing blame information for the following files:
...
...
15:08:05.045 INFO: SCM writing changed lines
15:08:05.056 INFO: Merge base sha1: 2eeb590a1e03d9b50ff3317126524b01387d4bc4
15:08:05.232 DEBUG: SCM reported changed lines for 0 files in the branch
15:08:05.232 INFO: SCM writing changed lines (done) | time=187ms
Analysis needs the SCM metadata to understand what’s new. If you look, there’s likely something about missing SCM data at the top of the analysis log too.
Ok first I think I found the blame issue. My git project has most of the code as submodules, so ‘git blame …’ from the project root doesn’t work.
That being said, are you sure that new code detection requires ‘git blame’ ? Since now I see in settings that I can actually turn off ‘blame detection’
Code it be the submodule issue breaking the new code detection also?
Yeah… you can turn it off. But it’s not a good idea.
A few years ago we did implement an “at best” algorithm to decide what’s new based on … filesystem dates? I forget the specifics, but you’re much better off with actual blame data if you can get it.
That said, we don’t - unfortunately - currently support Git submodules. There’s a ticket for it:
GFB-6 - Collect blame information from git submodules
But for now it looks like the ‘at best’ algo - which doesn’t seem to be all that great for you - is what you’re stuck with for now.
I’ll let folks know you’re one more vote to prioritize the feature.
Is there a page that details the various ways that sonarqube detects “new code” ? I don’t mean the settings of new code like Defining new code , but how sonarqube physically compares the versions under the hood?
There isn’t really. The preference is SCM data. The ‘at best’ algo was implemented - IIRC - for dating issues. I don’t think determining new code was really even a consideration.
Ok I went through the process of just for the scan to create a git repo that exists with the working branch and the main branch, so git blame, diff works. But still get “SCM reported changed lines for 0 files in the branch” Anyway to know git command that cli is using to determine this?
ok I was able to pare down the analysis, and include the log file. Basically the branch bhw_expert_systems added 2 new directory of files. And they don’t show up as new files in sonarqube. The only thing that shows up as new is a python file in the root directory. sonarqube.log (189.4 KB)
Do the two new directories show up in the analysis on SonarQube? And if so, what dates do you see when you click the left margin to see the blame data? And what’s the branch’s New Code definition?