Sonar Community Roundup, January 20 - January 26

Colin · January 26, 2024, 4:00pm

Hello Sonar Community!

Like every week we want to spend some time saying thanks to everyone who prompted interesting discussions and gave us feedback on Sonar products that will help us continuously improve.

SonarQube:

@RyanH and @smanning both reported an issue with SonarQube v10.3 where permissions/visibility where set incorrectly on new projects. This will be fixed by SONAR-21504 in the upcoming SonarQube v10.4 release!
@x3ntrix let us know about some limitations in using Azure AD with SonarQube when a user belongs to more than 150 groups. We’ll document this limitation with SONAR-21527. Thanks!

SonarCloud:

Thanks @NSeydoux for your two pieces of feedback about SonarSource/sonarcloud-github-action – specifically that a new version was released unsigned and adding a new major version tag. We’ve already addressed both pieces of feedback!
@lfairbanks_mcgh reported an issue with Helm analysis on arm64 machines. We’re looking into this with SONARIAC-1279.

SonarLint:

@jervin and @mbojoly notified us of a harmless (but annoying) error when closing a project. We’ll fix that up with SLI-1236. Thanks!

Rule Improvements:

Thanks @StreamingGuy for reporting a false-positive on csharpsquid:S6444 when REGEX_DEFAULT_MATCH_TIMEOUT is set through the AppDomain. SonarSource/sonar-dotnet #8613
Kudos to @elin for asking us why javascript:S3827 isn’t available for Typescript, and showing us an example where this rule would be useful (and isn’t caught by Typescript’s type checker). SonarSource/SonarJS #4514
Thanks @lunarlandis for reporting a false-positive on typescript:S6479 where the rule fails to account for keys that include other values with an index. SonarSource/SonarJS #4510

Once more, we extend our thanks to everyone mentioned here - and those we may have missed - for their efforts in strengthening this community and enhancing our Sonar products.

Please leave your own recognitions below – whether for another community member or a SonarSourcer who assisted you this week. If there’s someone you think should be acknowledged in next week’s roundup, don’t hesitate to let us know.

Colin, @ganncamp, and @leith.darawsheh

anon67236913 · January 26, 2024, 4:22pm

Hi Colin,

@markluebbehuesen informed us about this bug in Sonarqube

Gilbert