Hello Eclipse users,
this release introduces a new format for the SonarLint Rule Descriptions that aims at helping you eliminate issues faster with contextualized guidance and to help you dodging them in the future.
We’ve recently introduced this new format across all IDEs supported by SonarLint; for the rules already migrated to the new format, you will find the following information in separate tabs:
- Why is this an issue: to explain you why we’re raising this and why is it important to fix it (for example, how a vulnerability can be exploited by a malicious user)
- How can I fix it: it provides instructions and examples with just the information you need right now, in your context, to solve this issue. You’ll notice for example that the contents are fine-tuned for the library or framework you’re using in your code.
- More info: Allows you to go deeper and learn more about this or similar issues, including generic Clean Code principles, to improve your skills as a developer and avoid introducing similar issues in your code in the future.
The new rule format is already available for a selection of rules including the top 15 security vulnerabilities and we’re progressively rolling it out for the remaining rules.
There are also plenty of interesting detections added in our analyzers, for example:
- a new Java rule that advises to use when appropriate the static methods introduced in Java 19 to initialize hash-based collections in order to allocate the requested capacity at construction time
- several new rules for TypeScript (more details here)
- 6 new Python rules for the Django framework and 3 new quick fixes (more details here)
The release notes are here.