SonarLint for VS Code 4.3 - New possibility to fix issues and to detect secrets in the IDE

Hello VS Code users,

The release 4.3 of VS Code is out!

The new version of SonarLint for VS Code delivers a new possibility to switch as quickly as possible to investigate and fix issues in the IDE from SonarQube. Indeed, when a developer tries to open a SonarQube issue in the IDE without having the connected mode set up, Sonar offers now a 1-click option to set it up automatically. It includes automatic connection setup and project binding.

To benefit from this functionality, you’ll need to:

  • Use the very last SonarQube version (10.4)
  • Use the latest SonarLint version (4.3)

With this new release, you will be able to detect custom secrets in your IDE so that you can avoid leaking them into repositories, from the custom rules based on your own secret patterns that you defined on SonarQube. Note that the latest version of SonarQube is required (10.4+) in Enterprise Edition or Data Center Edition (not available on SonarCloud).

With the latest SonarLint release in connected mode with SonarCloud or SonarQube 10.4+, you also have the possibility to mark an issue as ‘Accepted’, meaning that it becomes part of your technical debt.

You’ll find a lot more about this release (new rules including 8 new Kubernetes rules, support for TS 5.3, improvements, and bug fixes) in the release notes.

Enjoy

Alexander

1 Like

A post was split to a new topic: VS Code 4.3 fails to install