Introduction

When a coding rule is broken, an issue is raised. The issue affects one or more software qualities with a varying impact level, called severity, as inherited from the rule.

The following applies:

• A new issue is automatically assigned to the last committer on the issue line - the author - if the author can be correlated to a SonarQube Server user. You can reassign the issue.

• The issue context locates the issue in the code. The primary location is where the issue message is displayed. Secondary locations may be shown to help you understand the issue. Paths through the code (execution flows) are shown from the source to the destination (sink) when the issue originated upstream.

• An issue is assigned a status that changes during its life cycle. In particular:

  • You can accept an issue to fix it later (status: Accepted).

  • With the corresponding authorization, you can set an issue to False positive if you think the analysis is mistaken.

• Depending on the metrics mode, you can customize a severity level for a given software quality or type. See Software qualities for more information.

• You can tag and comment on issues.

Related pages

• Issue management solution This page explains how SonarQube Server identifies, assigns, and synchronizes issues, the issue lifecycle, and issue-related features.

• Retrieving issues This page explains how to retrieve and filter issues.

• Reviewing issues This page explains how to view and understand your issues in the SonarQube Server UI.

• Editing issues This page explains how to accept, mark as a false positive, reopen, assign, tag, or comment on an issue.

• Fixing issues This page explains how to get suggested fixes for your issues.

• Issues reported in DevOps platform This page explains how to view and manage the security issues reported by SonarQube Server in your GitHub or GitLab instance.

• Subscribing to notifications This page explains how to configure your account to receive email notifications for issue-related events.