Regulatory reports

Starting in Enterprise Edition, you can download a regulatory report for any permanent branch of a project. A permanent branch is one that has been set to Keep when inactive, see Maintaining project branches for details.

The report is a zip file containing a snapshot of the selected branch. It is comprised of a selection of .txt, .csv, and .pdf files containing:

• An overview of the selected branch of the project.

• Configuration items relevant to the project’s quality (quality profile, quality gate, and analysis exclusions).

• Lists of findings for both new and overall code on the selected branch. Only operational risks - reliability and security issues (bugs and vulnerabilities) and hotspots - are logged in the list of findings. Maintainability issues (code smells) are excluded from the list.

Depending on the configuration of your SonarQube Server instance, the regulatory report is generated with metrics either from Standard Experience or MQR mode. Some .csv files may contain metrics from both modes and they are marked accordingly.

To download the regulatory report of a project:

1. Retrieve your project. See Retrieving projects for more details.

2. In the top right corner of the project page, select Project Information.

3. In the Regulatory Report section, select the desired branch and click Download. The report will be dynamically generated and downloaded, which may take a few minutes depending on the project size.

Related pages

• Security reports

• PDF reports

• Portfolios

• Other issues