Hello Sonar Community!
Like every week we want to spend some time saying thanks to everyone who prompted interesting discussions and gave us feedback on Sonar products that will help us continuously improve.
SonarQube:
- @Udo_Pape-Kampmeier pointed out that the Gitlab CI analysis tutorial in the Community Edition of SonarQube referenced a feature (and API endpoint) only available in commercial editions. We’ll fix that with SONAR-21530. Thanks!
- Thanks @anon67236913 for raising an interesting discussion about JaCoCo and private constructors throwing an exception. I’ll vote for your GitHub issue.
- Thanks @Jonah_IntegraDev and @Nicolas_Alcaraz for your reports that SonarSource/orchestrator stopped working in your custom plugins after we disabled anonymous usage/authentication to our JFrog. We’re working to unblock you. ORCH-487
- SonarScanner for Maven is intended to streamline analysis configuration for Maven projects, but @Vinod_Singh had just the opposite experience when analysis failed after he specified sonar.projectKey in his root pom. MSONAR-205 will fix it.
SonarCloud:
-
A big thanks to @ADGB for reporting a bug where pull requests targeting a non-main branch weren’t using the analysis cache of the main branch (as expected). The fix has already been deployed on SonarCloud!
-
A big thanks also to all those who reported problems with their automatic analysis this week. Those reports helped us realize that an upgrade to the JS/TS analysis engine meant that more memory was needed to analyze some projects, as experienced by @nathan-jaji [1], @tc-eric [2], and @nathannovaes [3]. That fix has been deployed already. On Monday we’ll deploy another autoscan fix, this time for new encoding errors, as reported by @bsup [4] and @quest313 [5].
SonarLint:
- Thanks @znerd for telling us that SonarLint isn’t playing nicely with IntelliJ IDEA 2024.1 EAP! SLI-1251
Rule & Language Improvements:
- Thanks @ivaniesta14 for reporting a false-positive on
java:S2694on local classes. We’ll fix that up with SONARJAVA-4829. - Kudos to @Paul_Noferi for reporting an issue with java:S1948, which led us to raise a ticket specifying that the rule should not raise issues on final fields. SONARJAVA-4814
- This same rule got some feedback from @Vladyslav_Vodianytsk where issues are being raised when using Lombok’s @Value or @FieldDefaults(level = PRIVATE). SONARJAVA-4536
- @Take helped us figure out that the build-wrapper doesn’t capture compiler invocations from Xcode 15. We’ll fix that later this year in CPP-4941.
Once more, we extend our thanks to everyone mentioned here - and those we may have missed - for their efforts in strengthening this community and enhancing our Sonar products.
Please leave your own recognitions below – whether for another community member or a SonarSourcer who assisted you this week. If there’s someone you think should be acknowledged in next week’s roundup, don’t hesitate to let us know.
Colin, @ganncamp, and @leith.darawsheh