Sonar Community Roundup, April 5 - April 11

Hi all!

As always, we are grateful for the feedback we’ve gotten this week, and for every time you give us feedback. So like every week, we want to spend some time acknowledging everyone who prompted interesting discussions and gave us feedback to help us continuously improve.

SonarQube Server & SonarQube Community Build:

• @Jonah_IntegraDev was right to inform us that v25.4 of Community Build hasn’t been published to maven central properly. Turns out the deployment failed and we have to get in touch with their support to redeploy it. This will be sorted soon. Thanks again for telling us

SonarQube for IDE:

• Unfortunately when we fixed SLCORE-1009 we didn’t fix it everywhere, and the same java.lang.IllegalArgumentException: Bad escape error is still popping up. Now we know how to fix it for good. Thanks @ddrpa!

Rule & Language Improvements:

• csharpsquid:S1481 should not raise on variables named _ as they are typically used to signal a discard and as such are expected to be unused. Thanks @TonyJ and @Corniel!

• typescript:S6754 could benefit from an exception with a variable stores a boolean and starts with is. We’ll look into it with JS-679. Thanks @jpikl-prgs!

• Thanks @PolyAlex for your feedback on java:S6204. It’s a rule we’re going to try and improve this year.

• It’s not super clear how issues from external analyzer reports map to SonarQube issue types/severities. We’re going to look into the feasibility of documenting this for each external analyzer support. Thanks @sonardroid

• Detecting commented out code is hard, but raising a false-positive on a license header is a little embarrassing! Thanks for the report @asm0dey. SONARJAVA-5438

Scanners:

• The attribute RunDeploymentRoot in .trx files (C# unit test result files) should be used to find coverage files. Thanks for the analysis @Pieter_Klijnstra. SCAN4NET-423

• When the Scanner for .NET introduced multi-language analysis, we added an analysis warning so users always using the latest version knew what happened when they were suddenly anlayzing more code. It has been long enough, so we will remove the warning. Thanks @davidkeaveny! SCAN4NET-428

Once more, we extend our thanks to everyone mentioned here - and those we may have missed - for their efforts in strengthening this community and enhancing our Sonar products.

Please leave your own shout-outs below – whether for another community member or a SonarSourcer who assisted you this week. If there’s someone you think should be acknowledged in next week’s roundup, don’t hesitate to let us know.