Hi all,
SonarSource is proud to announce the release of SonarQube 9.7, with faster analysis for JavaScript/TypeScript Pull Requests, and much more. Details in the official announcement.
In addition, there are a few other items to note in the release:
- You now need Node.js >= 14 to analyze JavaScript, TypeScript or CSS code. More information in the announcement here.
- We’ve updated telemetry to send data on a daily basis and to include per-project and per-user anonymous information in order to get more regular and precise data about how SonarQube is used. (SONAR-17195, SONAR-17197).
- We’ve made a significant effort to reinforce the security of SonarQube, adding HTTP security headers, cookie flags, and more checks. (SONAR-17343, SONAR-15513). As usual, this version also includes some important security fixes.
- It’s now easier for you to connect SonarLint to SonarQube. The token configuration can be made in a few clicks. This is already available for VSCode, with the other IDEs coming soon. (SONAR-17436).
- We’ve made a lot of accessibility improvements on various project pages. (SONAR-17181, SONAR-16852, SONAR-16906, SONAR-16973, SONAR-17433, SONAR-17257).
- We’ve stopped providing the “PSR-2” or ”Drupal” Quality Profiles as default profiles for PHP, and recommend using the ‘Sonar Way’ profile. (SONARPHP-1324).
- To help you set up external authentication, we’ve reorganized the global administration section and improved the documentation a lot with more details for SAML. (SONAR-17232).
You’ll find more details in the upgrade notes and full details in the release notes. Please open new threads for any questions you have about these or other features.
As usual, download is available at sonarqube.org. Docker images are also available on Docker Hub.
Vivek & Chris