We’ve encountered an issue where SonarQube is reporting a violation of rule java:S1161 (i.e., Override should be used on overriding and implementing methods) under “New Code”, even though the affected file was last modified 5 years ago.
Here are some relevant details:
- File path:
WebSphereCommerceServerExtensionsLogic/src/com/salmon/cms/render/helpers/headersocialcommerce/HeaderWithSocialCommerceDataBean.java - Last modified:
The file was checked-in in 2019, during the migration from ClearCase to GitLab. - Rule ID:
java:S1161 – this rule has been published for over 10 years and is not new. - SonarQube behavior:
The issue is being marked as “introduced 9 hours ago” on the SonarQube UI (screenshot attached), even though no actual changes were made to this file recently (GitLab shows the file unchanged for 5 years). - SonarQube version:
We’re using the SonarQube Community Edition, as used in the Boots project.
Our concerns / questions:
- Why is SonarQube marking this as a “New Code” issue despite the file being untouched for years?
- Could this be related to how new code baselines are being determined in the Community Edition?
- Is this behavior expected in Community Edition, or is it a known limitation not present in Developer or Enterprise Editions?
- What steps can we take to prevent such false “New Code” detections from affecting our quality gates in the future?
Any guidance or confirmation would be greatly appreciated.
The upgrade sequence for SonarQube and PostgreSQL which we followed is as follows:
Upgrade SonarQube sequentially from v7.7 to v7.9 LTA, then to v8.9.10 LTA.
Upgrade PostgreSQL from v10 to v12, then to v13.18.
Update SonarQube to v9.9.8 LTA, followed by PostgreSQL v15.
Finally, upgrade SonarQube to v10.8 and PostgreSQL to v16, ensuring compatibility and integration at each step.
Sonar Community Build v24.12.0.100206
Thanks in advance!