Understanding new issues on old code

It’s entirely possible for legitimately new issues to be raised in old code. For instance, let’s say you update methodA, which couldn’t previously return null, so that it can now return null . Old calls to methodA must now null-check return values before dereferencing. If they don’t, new null pointer issues will legitimately be raised on those old calls.

Another case where new issues can show up on old code is when your analysis configuration changes. Let’s say your analysis configuration changed so that dependencies that were previously unavailable to analysis are now included. Those newly-provided dependencies give a deeper understanding of the code, which allows previously overlooked issues to be newly raised. And for languages where version-sensitive rules are available, bumping your target version, e.g. from Java 11 to Java 17, could activate rules that were previously irrelevant for your code (and thus suppressed).

You may think that some of these issues should be backdated, but issues are only backdated in certain circumstances. The docs explain how issues are determined to be new, and when they’re backdated.

1 Like