9.9.6 LTA release notes

Make sure to tell us:

  • What version are you upgrading from? Upgrading from 9.9 LTA
  • System information (Operating system, Java version, Database provider/version) Postgresql 14.12

I’m now in the process of upgrading to 9.9.6 LTS, what does it mean by this release notes “In your GitHub integration configuration, when you update the GitHub URL, you must now clear the secret beforehand, and provide it again after the URL update.”

Current version of my sonarqube is 9.9 LTA and it’s working seamlessly with Github Enterprise. I just got this release notes from [SONAR-22366] Security fix (SSF-571) - Jira (atlassian.net)

It just means you cannot reuse the secret by changing the GitHub URL (let’s say, for example, the URL of your GitHub Enterprise instance changed). You must delete the secret, update the URL, and then add the secret again. It’s a very minor change that likely won’t affect you.

Hi Colin,

This github secret that you’re saying is in the Sonarqube side? Thanks for replying!

Yes. It’s just saying that if you update the GitHub API URL, you must also update the private key at the same time.

It’s me again, so am I correct in my understanding. As long as the github instance remains solid there shouldn’t be any issues with the current configuration? Am I correct?

The only time that you need to change github secret is if the github instance (e.g. since the instance got changed, then the API of the URL should be changed as well) has been changed.

That’s correct. It’s a really minor change.