Hi,
Can you share your analysis log?
The analysis / scanner log is what’s output from the analysis command. Hopefully, the log you provide - redacted as necessary - will include that command as well.
This guide will help you find them.
Once we have the analysis logs, I suspect we’ll see that they reflect a lack of SCM metadata to determine what’s in the PR and what’s not.
Yes, you’ve got fetchDepth: 0, which is a crucial first step, but the prerequisites also need to be in place.
Ann