Last updated
Was this helpful?
Last updated
Was this helpful?
Issues in standalone branches are treated separately. The status can only be transferred if the Develop branch is a comparison or pull request branch using ProductionReady as the target.
This error either occurs if it’s out of memory or when multiple analyses have been triggered at the same time. The analysis triggered last gets completed first.
CodeScan is based on SonarQube™, an open-source reporting platform for coding languages. The Background Tasks that occur when an analysis report is run have been added by SonarQube™ to allow administrators to view technical details about why the processes fail.
To learn more about background tasks, please see the .
Why is my Commit and Merge failing with the following SonarScanner error but still allowing submission: 'Language of file force-app/main/default/permissionsets/abc_filename.permissionset-metaxml' cannot be decided as the file matches patterns of both sonar.lang.patterns.mule: **/*abcd,**/*xml and sonar.lanq.patterns.sfmeta: **/*profile-meta.xml.**/*permissionset-meta.xml.**/*settings-meta.xml.**/*object-metaxml.z*/*field-meta.xmll*s/*flow-meta.xml.**/*sharingrules-meta.xml.**/*workflow-meta.xml**/*profilesessionsetting-meta.xml **/*profilepasswordpolicy-meta.xml.**/*.profile,**/*.permissionset,**/*.settings.**/*.object.**/*.flow,**/*.sharingrules,**/*workflow**/*.profilesessionsetting,**/*.profilepasswordpolicy'?
Environment configuration checklist
Configure the Mule setting (Key: sonar.mule.file.suffixes) with values ".abcd" and ".xml," which are causing errors. Navigate to the project where this error occurs in CodeScan. Go to Project Settings > General Settings, and search for "mule" in the search box. Remove ".xml".
By adjusting these settings in CodeScan, the SCA will not fail.
Errors such as Expired Token on your Project Analysis page can sometimes be fixed by resetting the link to your code repository. CodeScan Cloud allows you to do this without erasing the historical data present in your project.
To fix the above errors, follow the steps below to delete the Analysis Project:
Go to your Project and navigate to the Project Settings > Project Analysis page.
Click on Delete Analysis.
Make sure you do not have the "Delete this project also?" box checked. This will delete your history and is not reversible. Click Delete Analysis.
Now, use the Attach Analysis Project button at the top right of the screen to add the link.
You will now see a new popup window. Select the required option from the options given.
Rerun the request.
Sometimes, an "Inactive user" error may appear at the start of an analysis:
This could be caused because the user who created the project and provided credentials for it:
Is no longer a member of the team and was removed.
Had their permissions changed in CodeScan.
Had their permissions changed in the repo/environment that is scanned.
To resolve the “Inactive user“ issue, you need to reattach the project—without deleting its history.
Follow these steps:
Delete the project analysis:
Important! Do not select the checkbox to 'Delete Project also?' if you want to keep the current project and its history:
Reattach analysis:
Provide repo/environment credentials:
Rerun the SCA; it should succeed.
The IP restricted issue can be solved by relaxing the IP restrictions for the CodeScan connected app in the org you are trying to scan.
To do this follow the below steps:
Log in to the org you are trying to scan.
Go to Setup and search for Connected Apps OAuth Usage.
Install the app that is making the scan (CodeScan Cloud or CodeScan Quick Reports).
Click Manage App Policies and then Edit Policies.
Under IP Relaxation select Relax IP Restrictions.
Rerun the scan.
While analyzing the project, you may encounter a “Packfile is truncated” error. Initially, access to CodeScan was denied on GitHub.
Check Access: Verify if you have the necessary access to CodeScan in GitHub.
Grant Access: If access is denied, request and obtain the required permissions for CodeScan.
Retry Analysis: After granting access to CodeScan in GitHub and integrating it with CodeScan, start the connection, then reattempt the project analysis. The error should no longer appear. The repositories should be synced. CodeScan should indicate the analysis was triggered, and the user should see the issues.
For branches created outside the CodeScan Cloud, such as ARM, Flosum, or Copado, project reports are not yet accessible. Only the branch chosen during the initial integration setup with CodeScan Cloud can have reports fetched in CodeScan.
In the Edit Project section, select “Attach Analysis Project,” and choose the project type as “Webhook.”
After this step, project reports will be accessible.
The Salesforce Enhanced Domains feature was rolled out to Sandboxes on August 26, 2022, and available on September 9 for all environments.
If your CodeScan Cloud Salesforce project was linked to a Sandbox or Org that this feature is enabled in, you will need to reattach your project analysis.
To fix the above errors, first you need to delete the Analysis Project, to delete follow the steps below:
Go to your Project and navigate to the Project Settings > Project Analysis page.
Click on Delete Analysis.
Make sure you do not have the "Delete this project also?" box checked. This will delete your history and is not reversible. Click Delete Analysis.
Now use the Attach Analysis Project button at the top right of the screen to re-add the link.
Configure the project and run the analysis.
In CodeScan Cloud, the default setting for unit test timeouts is 1 hour (3,600 seconds). For Orgs and Sandboxes with a large number of tests, this can be insufficient. To increase the timeout, click on your project and then navigate to Overview > Project Settings > General settings.
In General Settings, click on the CodeScan tab on the left and edit the timeout under the Unit Test timeout.
If the steps above were completed but the issue persists, contact .
allows you to do this without erasing the historical data present in your project.
