search
Start Free

Issues reported in GitLab

SonarQube Server reports analysis summary comments in your GitLab merge requests and security issues in GitLab vulnerability report.

hashtag
Pull request decoration

SonarQube Server sets up the report of your quality gate status and analysis metrics directly to your GitLab merge requests. Inline annotations are not supported.

circle-info

Pull request decoration requires that pull request integration be correctly configured for your project. See Setting up GitLab integration for your project.

hashtag
Vulnerability report

When you analyze a project in SonarQube Server, the detected security issues are displayed on the GitLab interface as security vulnerabilities if set up in GitLab CI/CD. See Reporting vulnerabilities in GitLabfor more information. When you change the status of a security issue in the SonarQube Server interface that status change is immediately reflected in the GitLab interface.

circle-exclamation

If you change the status of a security vulnerability in GitLab, that change is not reflected in SonarQube Server.

To view the security vulnerabilities:

  • Go to the GitLab > Vulnerability report page.

circle-info

If your issues appear duplicated (it may be the case after the modification of a file), we recommend using the Activity > Still detected filter.

PreviousIssues reported in BitbucketNextIssues reported in Azure DevOps

Was this helpful?