Run existing issues through a new quality profile sonarqube

0
votes

For my app in sonarqube I extended the existing OWASP Zap quality profile to change the severities of several issues. I have set this as the quality profile for the project/app, and run the app through sonar's tests again.

When I do this it finds the same issues as expected, but the severity remains as what it was categorized by the original quality profile. As best as I can tell the new quality profile is used to categorize any new issues introduced but any that were found previously maintain their severity.

Is there any way to force sonarqube to run all issues through the new quality profile whether the issue is brand new or has been existent for a while?

1
sonarqube

1 Answers

0
votes

To change the existing issues, you’ll have to change the issues themselves; they don’t automatically change when you change the Quality Profile. You can do this via a bulk change from the Issues tab of your SonarQube instance:

  • Navigate to Issues
  • Open up the Rules filter and select or search for the rule(s) that you’re interested in
  • Add more filters, for example if you want to limit this change only to certain projects
  • Click on the checkbox at the top of the page next to Bulk change; this will select all the issues currently displayed
  • Now click on Bulk change and change the severity