Hi all,
Not much going on this week (although my peonies are gorgeous and my irises have started too. 
) As an administrative note, you may notice our email subject lines changing soon. Discourse is adding an option to drop all the brackets, and Iāll turn it on as soon as itās available to me.
And even though - because - it was a quiet week, weād like to take a moment to recognize you, the users, for the time you took to give us precious feedback to help improve the ecosystem for everyone by sparking valuable discussions and providing feedback to drive continuous improvement in our products.
SonarQube Cloud
-
Belated thanks to @basweitjens, who also reported the monorepo configuration crash we covered last week. The fix was deployed last week, and sorry we missed you!
-
@Adam_BigChange worked through how to keep Azure DevOps PR decoration working after migrating Gradle builds from Azure Pipelines to Bitrise, finding the undocumented
sonar.pullrequest.vsts.*properties in our source code. Impressive detective work! Weāre updating the docs to make this easier for others. -
The āMore Actionsā button in the Intended Architecture UI can be hard to discover, as @amoriki pointed out. Weāll improve its visibility.
-
@Corniel reported that the
HelpLinkUrlfrom external Roslyn rules isnāt displayed on rule pages. Weāll start surfacing those links.
Scanners
- @ericornelissen flagged that v7.1.0 of the
SonarSource/sonarqube-scan-actionGitHub Action doesnāt produce reproducible build output, and @Jarek_Potiuk went above and beyond by opening a PR with a fix thatās now been integrated. Thanks to both for making our supply chain more trustworthy!
Rules & Languages
-
@Donald_Renner asked about porting Spring-based Java rules like
java:S4488andjava:S3749to Kotlin. Weāre tracking the idea, though itās not yet a priority. -
JS/TS security analysis was running out of memory on large TypeScript monorepos, as @ThatOneBro and @Thamulansar reported. Thanks @ThatOneBro for the beautifully thorough report! Weāve resolved the issue and the fix will roll out with upcoming releases.
Thanks again to everyone mentioned here - and to anyone we may have missed - for your ongoing contributions in making this community stronger and helping us improve Sonar products.
If youād like to give a shout-out to someone, whether a community member or a SonarSourcer who helped you, please do so below. And if thereās someone you think we should acknowledge next week, let us know!
Ann