Hi all,
Next week finds the community team packing our bags for Austin, Texas—where we’ll be eating a lot of breakfast tacos and presumably saying “y’all” a lot. But before we saddle up and head west, we wanted to take a moment to say goodbye to someone special.
Today is @leith.darawsheh’s last day as our Director of Community and DevRel. We’re going to miss him. 
But we’re excited to see what he does next!
As always, we want to take a moment to recognize everyone who sparked interesting discussions and gave us valuable feedback to drive continuous improvement.
SonarQube Server & Community Build:
- A confusing “bind project” button appeared in SonarQube Community Build even though DevOps Platform binding is a Developer Edition feature, leading to error messages when users tried to use it. We’ll remove the misleading button entirely from Community Build with SONAR-25899. Thanks @Marc_Kruzik_MAF!
SonarQube for IDE:
- Multiple users (@bruno.mendola, @surecloud-jleite, @rhartinger, @FreddySquall, @lg2de, and @Stephane_Robin) reported a
NoSuchMethodErrorwhen upgrading to SonarQube for IntelliJ version 11.2.0, occurring during password storage migration. The team created SLI-2290 to make the migration smoother. Thanks for the reports!
SonarQube Cloud:
-
Tuesday was something of a dark day for SonarQube Cloud, with multiple incidents causing widespread disruptions across the platform. We sincerely apologize for the impact this had on your workflows and pipelines. While there are too many affected users to thank individually, we’re grateful for your patience and the detailed reports that helped us identify and resolve the issues.
-
Scans run in Bitbucket Pipelines stopped auto-detecting project keys and organization keys starting around September 4th, as @act-mreeves, @antigravitygoat, and @jmiser discovered. We identified that a permissions check was only looking at project-level “Execute Analysis” permissions, not org-level. The fix has been deployed! Thanks for helping us track this down!
-
Analysis crashes plagued users like @asd_asdasd and @Philippe.L who configured “Ignore issues on blocks” with only a start pattern (like
@Generated) but no end pattern. The configuration caused 500 errors on the /analysis/analyses endpoint. A fix was deployed. Thank you for the report and investigation
Rule & Languages Improvements:
githubactions:S7637’strustedPrefixesparameter wasn’t being respected in custom quality profiles, as @andyn-ff discovered when trying to add internal organization prefixes to avoid false positives. The issue was caused by a missingString.lowercase()call when splittingtrustedPrefixes. SONARIAC-2302 was created to fix this properly. Thanks for the report!
SonarQube MCP Server:
-
The
get_component_measurestool isn’t returning coverage data values, as @harshbpatil discovered while trying to fetch PR branch coverage metrics. The tool returns metric definitions but not actual values. MCP-138 was created to address this. Thanks for testing the MCP server! -
The
search_sonar_issues_in_projectstool gained a severity filter after @hkeil requested the ability to filter issues by severity. The feature was quickly added!
Thank you again to everyone mentioned—and to those we may have missed—for your ongoing contributions in making this community stronger and helping us improve Sonar products.
If you’d like to give a shout-out to someone, whether a community member or a SonarSourcer who helped you, please do so below. And if there’s someone you think we should acknowledge next week, let us know!