New Code Definition
Setting up the right new code definition for your project is an important step in getting the most out of SonarCloud. When you do an analysis on your main branch (or other long-lived branches) SonarCloud uses the new code definition to determine which issues you should focus on fixing and highlights these as issues in new code. This helps you to use the Clean As You Code methodology to improve your code quality and code security in a manageable and efficient way.
New code options
There are four new code options:
Issues in new code are those that have appeared since the most recent version increment of the project. The current version of a project is determined in different ways depending on the build system being used:
- If the analysis is done using the SonarScanner for Maven then SonarCloud reads the version from the
- If the analysis is done with the SonarScanner for Gradle then SonarCloud reads the version from the
- In all other cases, the version must be explicitly specified by setting the analysis parameter
sonar.projectVersion. Do not use your build number as
SonarCloud cannot automatically determine the version of a project from repository-level version information. For example, GitHub lets you give version numbers to releases but SonarCloud cannot currently read this information. To provide that information to SonarCloud, you would have to use one of the above three options.
Issues in new code are those that have appeared since a specific, defined version of the project. The version of a project is determined in the same way as for the previous version option, above. SonarCloud defines the start date of the new code period as the date when the project was incremented to the specified version.
Number of days
Issues in new code are those that have appeared since the specified number of days.
Issues in new code are those that have appeared since the specified date.
How the new code definition affects your analysis results
During analysis of the main branch or other long-lived branches what counts as a new code issue is determined as follows:
- SonarCloud calculates the start date of the new code period based on the new code option chosen.
- In the case of the previous version and specific version options, this is the date when the project was first incremented to the version in question.
- In the case of the number of days option, it is the current date minus the specified number of days.
- In the case of the specific date option, it is simply the specified date.
- All lines of code in all files under analysis that have changed since the start date of the new code period are marked (and displayed in yellow in the SonarCloud interface).
- All issues with one or more of the marked lines as primary or secondary locations are categorized as new code issues.
The set of new code issues, in turn, affects many aspects of your results:
- The default quality gate applies conditions only to new code issues.
- New code metrics are separated from overall code metrics in the main branch overview and the overviews of the other branches.
- The Measures panel separates new code vs overall code data.
- The Issues page has a creation date facet where you can select to see only issues in new code vs issues in overall code.
- The activity graphs separate activity in new code from activity in overall code.