Hello,
the latest SonarLint for VS Code releases enables you to interact with the status of an issue or a Security Hotspot without leaving your IDE. If you are connected to SonarQube or SonarCloud, you’ll be able to:
- Resolve an issue as Won’t Fix or False Positive (learn more about issues resolutions here)
- Mark a Security Hotspot as Safe or Fixed following the review (learn more about Security Hotspots review here)
For the time being, this feature is only available for issues and hotspots already detected by a previous branch analysis in SonarQube or SonarCloud - we plan to extend this feature to new issues detected in local code over the next few releases.
When you change the status of an issue or hotspot in the VS Code, then the new status will be synced with SonarQube, SonarCloud, and all other contributors using SonarLint in connected mode.
By the way, starting with this release, the synchronization of status changes from SonarQube into the IDE is now happening in real-time also for hotspots, in addition to issues.
Some more news from us: we’re introducing Cobol analysis, as many of you asked! You can already try it with this release, please keep in mind that the feature is in Beta for now - and we’re particularly interested in hearing your feedback on this!
The cobol analysis only works if you are connected to SonarCloud or to SonarQube (Enterprise edition or higher). You can see more about the requirements for Cobol analysis here.
Finally, I’d like to mention that this release adds TypeScript 5 support and 5 new rules for core JavaScript and TypeScript concepts.
The release notes are linked here.
Enjoy!
Marco