With this new SonarLint release, we’re introducing Clean as You Code in the IDE!
If you follow the Clean as You Code approach, your focus is always on new code (code that has been added or changed according to your new code definition), and that enables you to ensure the code you write is clean and safe; if you use SonarQube or SonarCloud you’re probably familiar with the Quality Gate conditions on new code.
With this release, SonarLint is pairing up with SonarQube and SonarCloud to help you focus on new code from the very moment you are writing your code: if you activate the “Focus on new code” feature (see how in our documentation), SonarLint will only show markers for the issues that fall in the new code definition configured in SonarQube or SonarCloud.
Please keep in mind that this functionality is not activated by default and for now, it can only be activated if you use SonarLint in connected mode, you can read more here.
Also, be aware that if you use connected mode with SonarQube, you may experience some glitches meaning that some issues may be erroneously reported as part of new code (mainly after setting up and analyzing a new project for the first time, or when activating new rules for your Quality Profile), due to a bug in SonarQube that we’re working to fix within the 10.3 release.
The 8.1 release also adds 42 new rules to detect secrets (API tokens, passwords, etc) for your cloud applications. SonarLint helps you detect those secrets in your code immediately when you add or copy/paste them before you even commit and push them into a repository so that you avoid exposing them. Together with those we added in last month’s release, we’re now able to detect a total of 110 different types of secrets for 60 cloud providers.
Here are a few more highlights of this release:
- We’ve added Python rules to help you write clean scientific code using NumPy
- We’ve added plenty of new React rules
You can read more about this version in the release notes.
Last but not least, let me mention that we are running a survey to learn more about your experience with SonarLint in Eclipse; that will greatly help us to keep improving the product. SonarLint will prompt you once to answer the survey, and we’d be very grateful if you could dedicate 5 minutes of your time to it. You can also access the survey directly from this link.