Hi everyone,
We just released new versions of our extension for Azure DevOps:
- 3.0.1 for SonarCloud
- 7.0.1 for SonarQube.
These releases fix an issue in the 7.0.0&3.0.0 versions we published yesterday.
They are a major version because they offer new v3 versions of the tasks that target the newest versions of our scanners:
- Scanner CLI 6.2.1
- Scanner for .NET 9
To take advantage of these new features, you will need to upgrade your pipelines.
Both scanners bring the new JRE auto-provisioning capability to the Azure DevOps extension, which means you no longer need to install a compatible JRE on your agents to run the analysis.
However, if you prefer to stick with your current setup and use your agent’s installed JRE, you can set the sonar.scanner.skipJreProvisioning analysis property to true.
Please note that, if you use the dotnet analysis and you configured certificates in the machine’s JRE trust-store, then auto-provisioning will fail to find these certificates. If that is your case, we recommend that you either use the SONAR_SCANNER_OPTS environment variable, as described in the documentation.
The scanner for .NET v9 brings multi-language analysis. This means that, if you have for example a separate JavaScript or TypeScript-based frontend project in a sibling directory to your .NET code, the scanner will find it for you automatically.
This feature supports JavaScript, TypeScript, HTML, CSS, YAML, PL/SQL, and T-SQL.
If you find we analyze files you would rather keep out of the analysis, you can use the sonar.exclusions and sonar.test.exclusions properties to do so.
If you want to opt-out of the feature completely, you can set the sonar.scanAll property to false.
You can learn more about that specific feature in the corresponding scanner annoucement.
Please also note that the allowed values for the scannerMode property has changed. If you are analyzing dotnet code, you should now use dotnet instead of msbuild.
Finally, I would like to apologize to all of you who experienced issues due to a bug in the first release of the extensions (3.0.0 & 7.0.0) yesterday. The bug was detected and corrected, and these fixed versions were published. Still, this caused disruption to many of you. The incident is being reviewed to understand how this happened and take steps to prevent such an issue from arising again.
Denis