Sonar Community Roundup, April 13 - 19

Hello Sonar Community!

It’s been a big week here in the Community, with lots of help and guidance from you, our members, to improve our products and your experience with them. We’re grateful when you take the time to do that, so like every week we want to spend some time acknowledging everyone who prompted interesting discussions and gave us feedback to help us continuously improve.

Issue with SonarScanner CLI Docker Image

On Tuesday evening, we pushed a bad version of SonarSource/sonar-scanner-cli-docker. Not only was it a bad version, but we overwrote an existing version. Everywhere that used that version broke. We are sorry, and we’re figuring out how to make sure it doesn’t happen again. We can’t thank everyone who reported the issue (across many platforms), but thanks to the participants of this thread: @Alex_Lo, @sveinse, @jrich523, @arrmansa, @viniciusczar, @rafael-loggi, @david-percent, @Tim_Nordloh, @cromerohdz, @ianhgraham-rr, @jwhy89, @vandal, @dsayling, @davidcroda, @rathpc, @mccaffers, @lingfang-zhu, @mattbangert, @Henrique_Oliveira, and @GreyTeardrop



  • Kudos to @thomas-jakemeyn for pointing out that the “Accepted Issues” links on SonarCloud project dashboards are pointing to the Accepted Issues on New Code no matter whether you’re browsing New Code or Overall Code. We’ll fix that.

  • And thanks to @lrozenblyum for showing us an example of SonarCloud cutting off metrics in the Activity tab. We’ll fix that too.

  • Thanks @HermannGruber for walking us through an OutOfMemory error. It really makes sense to include troubleshooting steps for this in our Scanner for Maven/Gradle docs. Changes are on the way!

  • Using sonar.qualitygate.wait=true on the first analysis is misleadingly failing – since the QG of a first analysis is always NONE. We’ll improve the user experience here. Thanks @francescom412!


Rule & Languages Improvements:

  • Thanks @Patrice_Scribe for suggesting that S1093 should allow <li> elements inside <menu> elements. This aligns with the HTML spec, and we’ll fix it with SONARHTML-248!

  • @DanielVinkSpotler’s report made us realize that the enabled taint rules for JS/TS are displayed in a non-deterministic order in the logs, which can be confusing, so we’re going to fix that. Thanks!

Once more, we extend our thanks to everyone mentioned here - and those we may have missed - for their efforts in strengthening this community and enhancing our Sonar products.

Please leave your own recognitions below – whether for another community member or a SonarSourcer who assisted you this week. If there’s someone you think should be acknowledged in next week’s roundup, don’t hesitate to let us know.

@ganncamp, @Colin, and @leith.darawsheh