Code analyzer for C# and VB.NET projects
This release focused on improving the precision of existing rules. We fixed a lot of False Positives, False Negatives, and bugs in Code Fixes.
We also reduced our memory footprint by reducing allocations in the hot path. Thank you @sharwell, for reporting this in #7439 and #7440.
Special thanks to our contributor @nalka0 for the correction of our rule documentation in #7587
This release introduces 3 new security-related rules for VB.NET and improves the precision of their existing C# versions by migrating them to the new symbolic execution engine. This version also includes a new code fix and fixes for false negative issues. Kudos to @Corniel for his contribution by implementing a codefix for S125 (https://github.com/SonarSource/sonar-dotnet/issues/313)
Release 9.5 introduces 9 new rules for C# and VB.NET developers, providing guidelines and best practices for handling date and time operations within their applications. These rules cover a wide range of topics, including time zone conventions, common pitfalls, date parsing and formatting, time arithmetic, and more.
This release includes also one additional security rule and introduces fixes for false negatives and false positives.
Thanks to @Corniel for his contribution by implementing a new codefix for S6610 (#7517) and fixing a FP in S6354 (#7504).
DateTime(Offset).UnixEpoch
instead of pointing to that date using the constructorDateTimeOffset
instead of DateTime
DateTime.Now
for benchmarking or timing operationsDateTimeKind
when creating a new DateTime
objectDateTime.Parse
overloads with an IFormatProvider
parameterTimeZoneInfo.FindSystemTimeZoneById
instead of TimezoneConverter
DateTime
instantsRelease 9.4 brings one new rule for C# and four new rules for VB.NET. It also brings improvements by migrating two more rules to the new symbolic execution engine, fixing false positives, and improving memory allocation.
Thanks to @sharwell for his contribution by reporting 7438. Thanks to @Corniel for his contribution by implementing new rule S2925 in 7342.
This release brings a new implementation of S3949 rule, that is now part of SonarWay again.
Release 9.1 brings a set of rules that help users avoid performance pitfalls.
Release 9.0 changes the target framework from net46 to netstandard2.0. Thus the minimal support version is .NET Framework 4.6.2 now.
Thanks to @Corniel for fixing an FP in S2049.
Release 8.56 is here and it brings a whole lot of improvements. We implemented S3900 and S3655 for VB.NET and at the same time, we also got improvements to the C# versions of S3900, S3655, S2222, and S2259. Special kudos to @Corniel who contributed new rule S5856 and several other enhancements.
is
is not considered as null-checkcreatedNew
parameter on Mutex constructoris null
check on generic typeValidatedNotNullAttribute
in extension methodThis version contains the prerequisite to support sonar.exclusions
, sonar.inclusions
, sonar.global.exclusions
, sonar.test.exclusions
, sonar.test.inclusions
and sonar.global.test.exclusions
parameters when the analysis is run inside SonarLint for Visual Studio. Stay tuned, the second and final part of the feature will be implemented soon by the SonarLint team.
In the meantime, if you are wondering what these parameters are, you can find more information about them in our documentation.