Introduction
SonarQube Cloud issues are potential errors found in your code base. Understanding how to review your analysis is the first step to establishing code security and maintainability.
Overview and workflow
An analysis detects an issue as a problem in your code. When a coding rule is broken, an issue is raised. Each issue affects one or more software qualities with a varying impact level, called severity, as inherited from the rule. The following applies:
A new issue is automatically assigned to the last committer on the issue line - the author - if the author can be correlated to a SonarQube Cloud user. You can reassign the issue.
The issue context locates the issue in the code. The primary location is where the issue message is displayed. Secondary locations may be shown to help you understand the issue. Paths through the code (execution flows) are shown from the source to the destination (sink) when the issue originated upstream.
An issue is assigned a status that changes during its lifecycle. See Issue management solution for more details. In particular:
You can change the status of an issue from Open to Accept to fix it later.
Set an issue to False positive if you think the analysis is mistaken.

You can tag and comment on issues.
If you are a member of an organization that is part of an Enterprise you can view a list of issues from across all your projects at the organization level. See Retrieving issues for more information.
Permissions
Retrieving and managing issues is based on the permissions assigned to your profile on the project level.
You can view issues on all public projects.
On private projects, you need at least Browse permission to view issues, change an assignee, comment on issues, apply bulk changes, and change tags.
In addition to the Browse permission, the Administer Issues permission enables you to change an issue’s status.
See Retrieving issues for more information about how to retrieve, view, and filter issues.
To learn more about how to set project permissions, see Setting user permissions.
Related pages
The Issue management solution page describes how SonarQube Cloud identifies, assigns, and synchronizes issues; the issue lifecycle.
The Retrieving issues page describes how to retrieve and filter issues.
TheReviewing issues page describes how to view and understand your issues in the SonarQube Cloud UI.
The Editing issues page describes how to accept, mark as false positive, reopen, assign, tag, or comment on an issue.
The Fixing issues page describes how to get suggested fixes for your issues.
The Jira Cloud integration page describes how to integration SonarQube Cloud with Jira Cloud and create Jira Cloud work items from SonarQube issues.
The Subscribing to notifications page describes how to configure your account to receive email notifications for issue-related events.
Last updated
Was this helpful?