For Bug, Vulnerability and Code Smell
New issues are automatically assigned during analysis to the last committer on the issue line if the committer can be correlated to a SonarQube user. Note that currently, issues on any level above a file, e.g. directory / module / project, cannot be automatically assigned.
For Security Hotspot
Issues are automatically assigned only when the Security Hotspot is transformed into a Vulnerability through the "Detect" action.
Login and email correlations are made automatically. I.e. if the user commits with her email address and that email address is part of her SonarQube profile, then new issues raised on lines where she was the last committer will be automatically assigned to her.
Additional correlations can be made manually in the user's profile (see "SCM accounts" in Authorization for more).
If the SCM login associated with an issue is longer than 255 characters allowed for an issue author, the author will be left blank.