SonarLint for IntelliJ 9.1 - Focus on new code, new secret types, quick fixes preview

Hello,

The SonarLint 9.1 release for IntelliJ IDEs is packed with new functionality and detections! :partying_face:

To begin with, it introduces Clean as You Code in the IDE! If you follow the Clean as You Code approach, your focus is always on new code (code that has been added or changed according to your new code definition), and that enables you to ensure the code you write is clean and safe; if you use SonarQube or SonarCloud you’re probably familiar with the Quality Gate conditions on new code.

With this release, SonarLint is pairing up with SonarQube and SonarCloud to help you focus on new code from the very moment you are writing your code: if you activate the “Focus on new code” feature (see how in our documentation), SonarLint will only report the issues that fall in the new code definition configured in SonarQube or SonarCloud.

Please keep in mind that this functionality is not activated by default and for now, it can only be activated if you use SonarLint in connected mode, you can read more here.

Also, be aware that if you use connected mode with SonarQube, you may experience some glitches meaning that some issues may be erroneously reported as part of new code (mainly after setting up and analyzing a new project for the first time, or when activating new rules for your Quality Profile), due to a bug in SonarQube that we’re working to fix within the 10.3 release.

The 9.1 release also adds 42 new rules to detect secrets (API tokens, passwords, etc) for your cloud applications. SonarLint helps you detect those secrets in your code immediately when you add or copy/paste them before you even commit and push them into a repository so that you avoid exposing them. Together with those we added in last month’s release, we’re now able to detect a total of 110 different types of secrets for 60 cloud providers.

To complement the quick fixes capability, this release adds the possibility to preview the changes that will be generated in your code if you apply it.

Here are a few more highlights of this release:

  • We’ve added 8 Python rules (and 3 quick fixes) to help you write clean scientific code using NumPy
  • We’ve added 12 new rules to write intentional and consistent Dockerfiles

Here are the release notes.

Marco

1 Like