Multiple security issues detected just a week ago.
Surprisingly, just a week later all security issues disappeared on its own even though no security bugs were fixed.
I didn’t change any sonar rules and suddenly all security issues disappeared automatically. What’s happening? Please help.
Also, navigating to the specific project does show some security vulnerabilities and hotspot on the project dashboard
However clicking on those security stats doesn’t show any security issues in the new page. It shows an error message →
“We couldn’t find any results matching selected criteria.”
Also, the issues tab of the project doesn’t reveal any security issues either, even though non-zero security issues stats appear on project dashboard page.
Hi,
Welcome to the community!
I have a few questions.
First, you say you haven’t changed any rules between then and now, but did the code change?
Second, the project-specific screenshots show there’s an analysis warning. What is it?
Ann
First, you say you haven’t changed any rules between then and now, but did the code change?
There were no code changes.
Second, the project-specific screenshots show there’s an analysis warning. What is it?
This is what I see on clicking See details
Could this be causing the issue?
Please note that on rebuilding the project via jenkins CI pipeline (mvn sonar:sonar …) the issues re-appeared. Not sure why the issues got lost in the first place though. Do we need to re-build the project every now and then to bring back the lost issues even though there’s been no code changes?
Hi,
No, you don’t. I’m guessing there was a glitch with the Elasticsearch index that got cleared up with the re-analysis. Forcing a rebuild of the indices was going to be my next recommendation, but it looks like you’re past the problem already. This shouldn’t recur. If it does, we’ll need to force an ES reindex to verify that’s the problem and then figure out what’s going on with your indices. But for now, you’re good.
Ann
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.
