Hey all!
The year is wrapping up and we won’t see @ganncamp again until the new year! I’ll be here though. Hopefully we don’t see too much of you all, not because we don’t want to see you, but because we hope you’re spending the end of the year with loved ones. SonarQube is important, but it’s not that important.
We’re grateful every time you give us feedback, so like every week we want to spend some time acknowledging everyone who prompted interesting discussions and gave us feedback to help us continuously improve.
SonarQube Server:
-
When browsing issues at a project-level, the file filter is pretty unusable. Thanks @Wiebke! SONAR-24052
-
Thanks @gquerret for reporting an issue with SonarSource/sonar-custom-plugin-example and browser content security policies (CSP). A fix is being merged and can already be integrated into custom plugin projects. SONAR-24045
-
We’re going to improve the logs when preprocessing files to help us track down issues with preprocessing. Thanks @passbyval! SONAR-24067
SonarQube Cloud
- Thanks @kaufmo for your report that it’s not possible to disable GitHub Member Sync after moving to the new SonarQube Free plan. We’re on it!
SonarQube for IDE:
- We found out pretty quickly after releasing some new versions that there was a regression that caused Connected Mode authentication to fail for SonarQube Server versions between v10.0 and v10.4. Now, these are EOL versions of SonarQube, but it shouldn’t just break from one day to the next without some fanfare. A new version of SonarLint for VSCode is out and other bug fix releases are on the way. Thanks for the reports @Alsiri0n and @ppanchal-mobiz! SLVSCODE-978
Scanners:
- Thanks @patrick-dedication for reminding us we have some work to do to support Gradle 9. SCANGRADLE-135
Rule & Languages Improvements:
-
java:S103(URLs shouldn’t be too long) makes an exception when asSeetag is used, but this isn’t working when the comment is spread across multiple lines. Thanks @Nico.Strecker! SONARJAVA-5252 -
Inlining of
std::sortandstd::ranges::sortcauses false-positives forcpp:S3519, a complex rule with no shortage of open issues. We’ll work on that with CPP-5928. Thanks @giles45! -
cpp:S105raises an issue when tabs are used instead of spaces, and for some reason instead of raising a file-level issue, it raises an issue on the first line where the forbidden indent is used. This gets especially confusing when that line hasn’t changed (but the issue is reported as new). Anyways, with CPP-5926 we will adjust this rule to raise a file-level issue. Thanks for the report @kkroier! -
kotlin:S6634is raising issues on all plugins that have the prefixorg.gradle, but not all such plugins are core plugins that have short notation. Thanks @throup for the report! SONARKT-421 -
java:S2699ought to considerorg.assertj.core.api.BDDAssertionslikethenNoException. Thanks @lbenedetto! SONARJAVA-5256 -
php:S836should not raise an issue when a variable is initialized with null coalescing assignment. Thanks @timur-hilmutdinov! SONARPHP-1601 -
Our documentation for writing custom Java rules could be improved to better describe how to test with external dependencies. Thanks for leading us in that direction @pepgrifell! SONARJAVA-5253
-
Wouldn’t it be nice for .NET code if when you exclude an entire project from code coverage in your
.csproj, that exclusion makes it to SonarQube? @Michael_Sendow thinks so and now it’s in our backlog. Thanks!
Once more, we extend our thanks to everyone mentioned here - and those we may have missed - for their efforts in strengthening this community and enhancing our Sonar products.
Please leave your own recognitions below – whether for another community member or a SonarSourcer who assisted you this week. If there’s someone you think should be acknowledged in next week’s roundup, don’t hesitate to let us know.
Happy holidays.