Hello SonarLint users,
with this new version of SonarLint for IntelliJ we want to bring plenty of new value to different developer communities.
For Java developers: we want to help fixing more easily and quickly the issues that SonarLint finds while you are coding. This is why we’ve decided to introduce quick fixes in SonarLint:
- in this version, you will find quick fixes available for around 40 Java code quality issues; more will come in future versions.
- you will be able to apply a quick fix by mousing over a SonarLint issue, or by using the configured IDE keyboard shortcut for quick fixes (typically ALT+Enter on Windows or Linux, ⌥⏎ on MacOS)
You can find more details about quick fixes here.
EDIT: Please keep in mind that, if you use SonarLint in connected mode with SonarQube, then your SonarQube should be updated to at least version 9.1 in order for quick fixes to work.
For C and C++ developers: if the target of your applications is Linux but you develop on Windows, you are probably familiar with WSL (Windows subsystem for Linux) and remote toolchains. This SonarLint version brings support for both options in CLion, so that you’ll be able to find code quality and security issues while developing remotely built application, the same way SonarLint works for locally built ones.
For applications connecting to cloud environments, we are relasing new rules to help you keep your applications secure by detecting hardcoded secrets, like credentials, API tokens etc.
You may remember we released the first version of our Secrets Detection feature a couple months ago, covering AWS (Amazon Web Services) secrets. We’re now complementing it with new rules covering the following Cloud providers:
- Google Cloud
- Microsoft Azure Cloud
- IBM Cloud
- Alibaba Cloud
And as usual, we are shipping plenty of improvements to our analyzers, you can learn more by taking a look at the release notes.
We sincerely hope you’ll enjoy this new version and the new features coming with it. As usual, we’re eager to listen to your feedback!