Hello Sonar Community!
It’s been a big week here in the Community, with lots of help and guidance from you, our members, to improve our products and your experience with them. We’re grateful when you take the time to do that, so like every week we want to spend some time acknowledging everyone who prompted interesting discussions and gave us feedback to help us continuously improve.
SonarQube:
-
Sometimes WAFs (Web Application Firewalls) can get in the way of SonarScanners pushing analysis to the server. This is worth documenting. Thanks for the push @Necip
-
We’re also going to improve documentation for how to pass analysis parameters after feedback from @Tushar_Srivastava!
-
The SonarScanner for .NET has been noisy in the presence of source-generated projects that don’t have valid GUIDs. We’re going to kill the noise with SonarSource/sonar-scanner-msbuild #1899! Thanks @chaoticnadirs, @HenrikSommer-eng, and @Paul_Meems
SonarCloud:
-
Thanks to @Akash_Jaiswal and @sohara for helping us nail down an issue with SonarCloud projects when a GitHub organization name changes. A workaround is documented here and there are a few improvements we have in mind.
-
Thanks also to @huyz and @Latz who pointed out that we’ve forgotten to update the default GitHub Actions template for analysis. SCSCANGHA-1
SonarLint:
The release, late last week, of SonarLint for IntelliJ 10.4.2 and this week’s release of SonarLint for VS Code of 4.4.2 seem to have solved most of the problems users were facing in the newer versions. We really regret the unanticipated growing pains you all experienced in the last few weeks. We tried something new here, with a unified engine across IDEs. It sets us up to go faster in the future, and we appreciate everyone’s continued patience and support and error reports(!) as we iron out the last few kinks.
Rule and Language Improvements
-
It took us too long, but thanks to @ChristopheS for suggesting these four improvements to our HTML analyzer. SONARHTML-221, SONARHTML-222, SONARHTML-223 and SONARHTML-224 have been created!
-
javascript:S6819is raising false positives in the presence of SAP UI5 React Components. Thanks for the heads-up @gitgdako. SonarSource/SonarJS #4647 -
Kudos to @reitzmichnicht for suggesting a new rule for Spring Boot about
@Transactionalannotations on methods. SONARJAVA-4926 -
@Corniel once again went above and beyond, not just reporting a false positive in S2094 on primary constructors for
records, but also providing a PR to fix it. It was already in our backlog, but maybe this will get us moving.
Once more, we extend our thanks to everyone mentioned here - and those we may have missed - for their efforts in strengthening this community and enhancing our Sonar products.
Please leave your own recognitions below – whether for another community member or a SonarSourcer who assisted you this week. If there’s someone you think should be acknowledged in next week’s roundup, don’t hesitate to let us know.
Ann, @Colin, and @leith.darawsheh