Hello,
I understand the reasoning, and I’ve already added the projects to Travis pipeline where this issue doesn’t exist. However I’d guess that almost everyone will run Sonar locally before going through the trouble of updating their CI pipeline, and it’s a nasty surprise to notice that something unintended is public on the Internet.
Returning an error if untracked are files present under folders being scanned would be better behavior in my humble opinion. As you said yourself, the expected use-case is running the scanner on a clean repository where this issue doesn’t exist. I’m also having hard time coming up with a use-case where user would actually want to upload their untracked files instead of adding those files to source control first.