Hello Sonar Community!
It’s another busy week in the Sonar Community.
As @ganncamp told you last week, there’s a tradition at Sonar where we change our Slack handles to something Halloween-related in October. I don’t usually hop on the bandwagon but there have been some good suggestions:
- Colinfected
- E-Colin
- COL is coming from IN side the house
I’m not sold yet.
Onto the highlights! It’s been yet another busy week in the Sonar Community! Like every week we want to spend some time saying thanks to everyone who prompted interesting discussions and gave us feedback on Sonar products that will help us continuously improve.
Azure DevOps Extension Incident:
This week we released a new version of the Extension for Azure DevOps which created some issues for users like @Maxence_T, @Basit_Raza, @andreasfischer, @cba, @RagnarHal, and @godzkaya, @sbutler, @adam.aucamp, @marc0, @tedvanhaalen, @omerpinar and @Ebbelink. Thanks everybody for the reports and follow-ups. We’ve reverted the changes and we’re still tracking down some final cases.
SonarQube:
-
Thanks @kirkpabk for reporting an accessibility issue on the announcement message that SonarQube administrator can configure for their instance. Right now if it’s too long, it’s being truncated. We’ll work on that with SONAR-20692.
-
On the newest version of Sonarqube, you can’t filter for an external rule when also filtering by type. Thanks for the report @eugeniolt, we’ll work on that with SONAR-20764!
-
Thanks @vanhoutenbos for feedback on our helm chart to add common labels. You can track this ticket here: SONAR-20786
-
@Jonasandersson ran into a random-ish problem with DB authentication after his upgrade to 9.9.2. We had been working on it for a while (SONAR-19513), but needed confirmation of the fix, which he graciously provided.
SonarCloud:
- We don’t like noisy warnings anymore than you do. It’s time to kill the noise for logs like
Could not report issue with code highlighting, which users can’t do anything about. Thanks for leading us in that direction @mahmoud! SONARKT-365
SonarLint:
- Between @Nicolas_Roquebert, @algophren, @lopar, @eduardoseffairfilho, @wndtgl, @kalvintamas, and @Noelia_Iglesias, three bugs were reported on SonarLint for IntellIJ that can be tracked at SLI-1131, SLI-1134, and SLI-1135. Thanks al!
Rule / Language Improvements:
-
Thanks @J_Velz for pointing out a mistake in the rule description of
typescript:S1125– it’s fixed and will be shipped to SonarQube and SonarCloud soon. -
@FlorentP42 posted an issue that’s already being tracked at CPP-3608 where our C and C++ analyzer cannot properly reason about standard containers. Reports like this help us priortize existing issues in the backlog. Thanks!
-
Shoutout to @Connor_Balin for reporting an false-positive on
java:S2097. This rule should supportObjects.equals. We’ll work on that with SONARJAVA-4660. -
@ctamblay diligently reported a false-positive on
python:S4143– SONAPY-1521 is already merged and will be released soon! -
@jsinge did a deep dive into why caching wasn’t used more extensively during his C++ analyses and posted his findings to help others! We agree that what he found should be more widely visible, so we’ll be updating the docs CPP-4759.
Rule Suggestions:
- Kudos to @mathias_vetsch for suggesting a new rule to raise issues when Enums not marked with
FlagsAttributeuse theEnum.HasFlagmethod. Track this idea here!
Once more, we extend our thanks to everyone mentioned here - and those we may have missed - for their efforts in strengthening this community and enhancing our Sonar products.
Please leave your own recognitions below – whether for another community member or a SonarSourcer who assisted you this week. If there’s someone you think should be acknowledged in next week’s roundup, don’t hesitate to let us know.
Colin, Ann and Leith