Yo Ho, Ho! (And a Bottle of Rum) 
Ho Ho Ho! 
The holidays are almost here, which will see @ganncamp on a well-deserved holiday until the new year, while I’ll still be popping in from time to time over the next two weeks. Thanks for your patience during this holiday season (we hope you’re taking a break too).
Like every week we want to spend some time saying thanks to everyone who prompted interesting discussions and gave us feedback on Sonar products that will help us continuously improve.
SonarQube:
-
A little late on this one – but thanks to @mbastardo.excentia and @Arnaud_Huet for reporting an issue with SonarQube v10.3 where users can’t be created using the UI. This is a bug we will address in SONAR-21118
-
It’s not clear in our documentation that the build-wrapper-macosx-x86 used for C/C++/Objective-C analysis also supports macOS on ARM. We’ll update our documentation to make that more clear. Thank for the report @Stephen_Widup
-
@jsinge gave us feedback that our database backup documentation is… sparse. We’lll look into improving that.
-
GET api/issues/search is returning a 400 under certain (weird) conditions. We’ll fix that with SONAR-21243. Thanks for the report @Donald_Renner!
-
@cornelius.wild found that his build worked fine alone, but crashed with the build-wrapper. We’ve created CPP-4885 to address it.
SonarCloud:
-
SonarCloud faced an unexpected outage earlier this week which rightly called into question some of our monitoring and incident reporting. We are taking this seriously. Thanks for the reports @groogiam, @Andrew_122, @Oleksiy_Dyachok, @Scott_Rice, @Eugene_Loveres, @Anjaneya_Datla, @Gulzar_Hussain, @Carlos_Martinez, @Daniel_Correa, @jws8709, @jeffville, and @justinfidler.
-
@HaroonSaid was struggling to get coverage reported in his project, and eventually reported back that he’d tracked it down to caching by AWS CodeBuild. We’re planning to update the docs with that valuable nugget.
-
After a report from @miq, we realized notifications aren’t sent for newly-created, backdated issues. We’ve put it on the list.
-
Setting a PAT for your Azure DevOps project is all very well, but it still doesn’t work if the PAT-user doesn’t have Contributor rights on the project. Thanks @KristoffCloudFuel. We’ll add that to the docs.
Rule improvements:
-
Thanks @parkenf for reporting a false positive on
java:S4968. We’ll work on this with SONARJAVA-4736. -
csharpsquid:S3712is reporting a false positive when subtracting a delegate via switch statement with pattern matching. Thanks @JJoensuu! You can track this issue at SonarSource/sonar-dotnet #8467 -
With new support for .NET 8 comes some adjustments we need to make to existing rules. Thanks @DominikTouring for reporting this conflict between
csharpsquid:S3925andSYSLIB0051regarding ISerializable. -
When you paginate results without ordering them, you risk duplicate entries on subsequent pages if you’re using SpringBatch. @Max_well pointed that out, resulting in SONARJAVA-4737 to create a new rule for it.
-
@Kuga2 provided valuable feedback on S1772, which raises a False Positive when a method that returns a constant is used on the left side of an equality test. We’ve added it to the list of things to take into account when considering the future of the rule.
Once more, we extend our thanks to everyone mentioned here - and those we may have missed - for their efforts in strengthening this community and enhancing our Sonar products.
Please leave your own recognitions below – whether for another community member or a SonarSourcer who assisted you this week. If there’s someone you think should be acknowledged in next week’s roundup, don’t hesitate to let us know.
Colin, @ganncamp, and @leith.darawsheh