Hello Visual Studio community,
The SonarQube for IDE: Visual Studio version 8.19 is now available!
This release makes security hotspots easier to use so that no vulnerable code is left unchecked.
We have unified the two windows “SonarQube Local Security Hotspots” and “SonarQube Server Security Hotspots” into just one “SonarQube Security Hotspots”. You can open the list of security hotspots through SonarQube > Connected Mode > View Security Hotspots.
You can easily distinguish between hotspots found by local analysis or through SonarQube Cloud or Server by the icon in the first column: no icon means it’s a has been found locally.
For hotspots found after the code is pushed to the CI/CD pipeline, right-click on the issue to review it. You can easily mark it as Acknowledged, Fixed or Safe and the status will be synced in SonarQube Cloud or Server.
Additionally, we have added filtering capability by issue location (i.e. file in which is present) and by priority to easily order the issue in the way you prefer to tackle them.
You can find the full SonarQube for IDE: Visual Studio release notes here.
Thank you for your continued support!
Farah