Hello dear C and C++ users.
Here are some exciting improvements for your C and C++ analysis.
Long-lived and legacy C++ projects come with their challenges that can lead to specific issues. We added 7 new rules to help you avoid those pitfalls:
- S7116: The first element of an array should not be accessed implicitly
- S7118: Don’t use unnecessary C indirections when querying string content
- S7119: Globals should not depend on possibly not yet initialized variables
- S7121: Calls to c_str() should not implicitly recreate strings or string_views
- S7127: “std::size” should be used to determine the size of arrays
- S7129: String literal should not be assigned to mutable char pointers
- S7132: std::string_view::data() should not be passed to API expecting C-style strings
We have also strengthened our runtime bug detection and it can now:
- detect some problems arising when manually null-terminating C strings
- find bugs when using wchar_t strings
- find file-related bugs when using the win32 file open/close API
All these will be available with SonarQube 10.8 starting from Developer Edition. They will be available shortly on SonarCloud and soon on SonarLint.
As always, you can see what’s coming next and vote for C and C++ features you would like to see in SonarQube , SonarCloud , and SonarLint .