SonarJS Versions Save

What's Changed

• Use Java 17 by @saberduck in https://github.com/SonarSource/SonarJS/pull/4575
• Upgrade Sonarsource/vault-action-wrapper to latest version by @Wohops in https://github.com/SonarSource/SonarJS/pull/4577
• Use more memory for the CI: 10cores/40GB and set the Jest maxWorkers to 8 (#cores-2) by @saberduck in https://github.com/SonarSource/SonarJS/pull/4583
• Align S6850 documentation with the RSPEC one by @ericmorand-sonarsource in https://github.com/SonarSource/SonarJS/pull/4581
• Fix vulnerabilities: bump commons-compress version to 1.26 by @ericmorand-sonarsource in https://github.com/SonarSource/SonarJS/pull/4588
• Remove performance monitoring code by @vdiez in https://github.com/SonarSource/SonarJS/pull/4576
• Update orchestrator to 4.9.0.1920 by @saberduck in https://github.com/SonarSource/SonarJS/pull/4585
• Fix issues related to Java v17 bump by @ilia-kebets-sonarsource in https://github.com/SonarSource/SonarJS/pull/4589
• Fix quality gate by @saberduck in https://github.com/SonarSource/SonarJS/pull/4590
• Update DEV doc: use Java 17 by @vdiez in https://github.com/SonarSource/SonarJS/pull/4593
• Perf test with JMH by @saberduck in https://github.com/SonarSource/SonarJS/pull/4578
• Fix S5332: Add reserved domain patterns to EXCEPTION_TOP_HOSTS list by @vdiez in https://github.com/SonarSource/SonarJS/pull/4597
• Change log level of line Failed to parse file ... from error to warn by @ericmorand-sonarsource in https://github.com/SonarSource/SonarJS/pull/4602
• Disable type-checking for Vue.js by @vdiez in https://github.com/SonarSource/SonarJS/pull/4595
• Remove getObjectExpressionProperty in favor of getProperty by @zglicz in https://github.com/SonarSource/SonarJS/pull/4601
• Remove support for Node.JS 16 by @saberduck in https://github.com/SonarSource/SonarJS/pull/4606
• Fix engines in package.json after dropping Node.JS 16 support by @saberduck in https://github.com/SonarSource/SonarJS/pull/4607
• Analysis should not fail when highlighting has invalid text range by @saberduck in https://github.com/SonarSource/SonarJS/pull/4604
• Update usage of Stylelint, although without moving to v16 by @zglicz in https://github.com/SonarSource/SonarJS/pull/4608
• Use previously implemented YAML predicate to ignore Helm Chart YAML files by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4610
• Improve synchronization between Node.js parent process and worker thread by @vdiez in https://github.com/SonarSource/SonarJS/pull/4603
• Do not count LOCs for CSS files indexed as test files by @vdiez in https://github.com/SonarSource/SonarJS/pull/4617
• Resolve issue #3667 - CSS parser error on invisible character <0x200b> by @ericmorand-sonarsource in https://github.com/SonarSource/SonarJS/pull/4605
• Update TypeScript 5.4 and typescript-eslint 7.3.1 by @saberduck in https://github.com/SonarSource/SonarJS/pull/4613
• Add additional logs when embedded Node.js is not available by @zglicz in https://github.com/SonarSource/SonarJS/pull/4618
• Reduce log severity to warning for unfound ESLint reports by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4622
• Skip embedded Node.js runtime deployment if sonar.nodejs.executable is set by @ilia-kebets-sonarsource in https://github.com/SonarSource/SonarJS/pull/4616
• Resolve issue #4459: Fix FP S2699 (Tests should include assertions): global expect() aren't detected by @ericmorand-sonarsource in https://github.com/SonarSource/SonarJS/pull/4628
• Update typescript-eslint and other deps by @saberduck in https://github.com/SonarSource/SonarJS/pull/4625
• Add S6957 (eslint-plugin-react/no-deprecated) extracted from S1874 (deprecation) by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4619
• Resolve issue #4507 by @ericmorand-sonarsource in https://github.com/SonarSource/SonarJS/pull/4629
• Disable ucfg rule for JS embedded in HTML files by @ilia-kebets-sonarsource in https://github.com/SonarSource/SonarJS/pull/4074
• Create rule S6958: No literal call by @ilia-kebets-sonarsource in https://github.com/SonarSource/SonarJS/pull/4638
• Change message to suggest upgrading to LTS version and not mention minimum version by @saberduck in https://github.com/SonarSource/SonarJS/pull/4611
• Create rule S6959: "Array.reduce()" calls should include an initial value by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4626
• Fix FP S6754 (hook-use-state): Ignore state variables without a setter by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4637
• Resolve issue #4631: Fix FP S2699 (assertions-in-tests): Add support for supertest by @ericmorand-sonarsource in https://github.com/SonarSource/SonarJS/pull/4636
• Fix SQ raised issue by @ilia-kebets-sonarsource in https://github.com/SonarSource/SonarJS/pull/4642
• Update eslint-plugin-sonarjs version by @zglicz in https://github.com/SonarSource/SonarJS/pull/4643
• Update for release by @zglicz in https://github.com/SonarSource/SonarJS/pull/4644

New Contributors

• @Wohops made their first contribution in https://github.com/SonarSource/SonarJS/pull/4577
• @zglicz made their first contribution in https://github.com/SonarSource/SonarJS/pull/4601

Full Changelog: https://github.com/SonarSource/SonarJS/compare/10.12.0.25537...10.13.0.25911

This release will be part of SonarQube 10.5

Milestone: https://github.com/SonarSource/SonarJS/milestone/86

This release

Improve Top Dismissed JS/TS Rules (https://sonarsource.atlassian.net/browse/MMF-2934)

What's Changed

• Allow minimatch to match hidden folders by @vdiez in https://github.com/SonarSource/SonarJS/pull/4502
• Improve S4123 (no-invalid-await): Improve documentation about edge cases and add test to confirm that S4123 honours JSDoc directives by @ericmorand-sonarsource in https://github.com/SonarSource/SonarJS/pull/4538
• Fix FP S6594 (sonar-prefer-regexp-exec): Ignore match count use case by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4540
• Fix FP S2871 (no-alphabetical-sort): Rework the rule to emit a dedicated message for arrays of strings by @ericmorand-sonarsource in https://github.com/SonarSource/SonarJS/pull/4539
• Fix FP S4323 (use-type-alias): Ignore nullable types by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4543
• Fix FP S4123 (no-invalid-await): Ignore function calls for functions whose definition have JSdoc with a returns tag by @ilia-kebets-sonarsource in https://github.com/SonarSource/SonarJS/pull/4544
• Fix FP S3800 (function-return-type): Exception for sanitation functions by @ericmorand-sonarsource in https://github.com/SonarSource/SonarJS/pull/4548
• Fix FP S1848 (constructor-for-side-effects): Make exception for AWS CDK resources by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4554
• Fix S6661 (prefer-object-spread): Disable for projects that don't support the object spread syntax and improve rule description by @ilia-kebets-sonarsource in https://github.com/SonarSource/SonarJS/pull/4552
• Fix FP S6479 (no-array-index-key) - Allow keys combining index and other values by @ericmorand-sonarsource in https://github.com/SonarSource/SonarJS/pull/4556
• Fix FP S6647 (no-useless-constructor): Ignore decorated classes and classes inheriting protected constructors by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4546
• Fix FP S1186 (no-empty-function): Ignore noop-like functions, arrows, and constructors by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4557
• Add rule S2004: Functions should not be nested too deeply by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4559
• Fix FP S6582 (prefer-optional-chain): Update description and severity by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4562
• Fix FP S6544 (no-misused-promises) - Set checkVoidReturn.arguments=false by @ericmorand-sonarsource in https://github.com/SonarSource/SonarJS/pull/4561
• Fix FP S3776 (cognitive-complexity): Ignore nested functions and default values by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4566
• Improve S2004 (no-nested-functions): Increase default threshold to four nested functions by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4570
• Fix FP S6606 (prefer-nullish-coalescing): When the first argument s boolean | undefined by @ericmorand-sonarsource in https://github.com/SonarSource/SonarJS/pull/4565

New Contributors

• @ericmorand-sonarsource made their first contribution in https://github.com/SonarSource/SonarJS/pull/4538

Full Changelog: https://github.com/SonarSource/SonarJS/compare/10.11.1.25225...10.12.0.25537

This release will be part of SonarQube 10.5

https://github.com/SonarSource/SonarJS/milestone/84?closed=1

• Fix missing requiredForLanguages metadata in manifest

This release will be part of SonarQube 10.4

This release

1/ Fail-fast Misconfigurations now cause analysis failure, this includes missing or incompatible Node.js runtime. There are also new and more detailed warnings, including new warnings in the UI.

2/ Added support for TypeScript 5.3

3/ Drop support for Node.js v14

4/ Added 5 new adaptability rules:

• S6859: Imports should not use absolute paths
• S6861: Mutable variables should not be exported
• S2187: Test files should contain at least one test case
• S1444: Public "static" fields should be read-only
• S5973: Tests should be stable

What's Changed

• Add rule S6859 (eslint-plugin-import/no-absolute-path): Imports should not use absolute paths by @ilia-kebets-sonarsource in https://github.com/SonarSource/SonarJS/pull/4439
• Create rule S6861 (eslint-plugin-import/no-mutable-exports): Mutable variables should not be exported by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4441
• Create rule S2187: Test files should contain at least one test case by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4442
• Drop support for Node.js 14 by @saberduck in https://github.com/SonarSource/SonarJS/pull/4447
• Upgrade TS 5.3 and ESLint by @saberduck in https://github.com/SonarSource/SonarJS/pull/4451
• Create rule S1444: Public "static" fields should be read-only by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4453
• Create rule S5973: Tests should be stable by @ilia-kebets-sonarsource in https://github.com/SonarSource/SonarJS/pull/4443
• Do not fail silently by @vdiez in https://github.com/SonarSource/SonarJS/pull/4450
• Add documentation on how to write tests for rules depending on package.json dependencies by @ilia-kebets-sonarsource in https://github.com/SonarSource/SonarJS/pull/4454
• Add more analysis warnings by @vdiez in https://github.com/SonarSource/SonarJS/pull/4455
• Upgrade typescript-eslint by @saberduck in https://github.com/SonarSource/SonarJS/pull/4452

Full Changelog: https://github.com/SonarSource/SonarJS/compare/10.10.0.24774...10.11.0.25043

This release will be part of SonarQube 10.4

https://github.com/SonarSource/SonarJS/milestone/83?closed=1

This release

Added 17 new rules for React Accessibility

• S6841 tabIndex values should be non-positive
• S6842 Non-interactive DOM elements should not have interactive ARIA roles
• S6840 DOM elements should use the autocomplete attribute correctly
• S6843 Interactive DOM elements should not have non-interactive ARIA roles
• S6844 Anchor tags should not be used as buttons
• S6846 DOM elements should not use the accesskey property
• S6850 Header elements should have accessible content
• S6851 Images should have a non-redundant alternate description
• S6847 Non-interactive elements shouldn't have event handlers
• S6854 iFrames must have a title
• S6855 Media elements should have captions
• S6845 Non-interactive DOM elements should not have the tabIndex property
• S6849 HTML elements should have a valid language property
• S6848 Non-interactive DOM elements should not have an interactive handler
• S1077 Image, area, button with image and object elements should have an alternative text
• S6852 Elements with an interactive role should support focus
• S6853 Label elements should have a text label and an associated control

Added 5 new rules for React deprecated APIs

• S6788 Disallow usage of findDOMNode
• S6789 Disallow usage of isMounted
• S6790 Disallow using string references
• S6791 Disallow usage of unsafe lifecycle methods
• S1874 Disable older React deprecated APIs

What's Changed

• Add a sanity check for rules that should be mapped by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4350
• Improve the time complexity of the sanity check for mapped rules by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4351
• Update license to LGPL-3.0-only by @ilia-kebets-sonarsource in https://github.com/SonarSource/SonarJS/pull/4354
• Update eslint-plugin-sonarjs to 0.23.0 by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4358
• Create rule S6788: Disallow usage of findDOMNode (react/no-find-dom-node) by @vdiez in https://github.com/SonarSource/SonarJS/pull/4359
• Create rule S6789: Disallow usage of isMounted (react/no-is-mounted) by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4361
• Create rule S6790: Disallow using string references by @vdiez in https://github.com/SonarSource/SonarJS/pull/4360
• Create rule S6791: Disallow usage of unsafe lifecycle methods (react/no-unsafe) by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4362
• Create rule S6841 (jsx-a11y/tabindex-no-positive): tabIndex values should be non-positive by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4365
• Create rule S6842 (jsx-a11y/no-noninteractive-element-to-interactive-role): Non-interactive DOM elements should not have interactive ARIA roles by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4366
• Create rule S6840 (jsx-a11y/autocomplete-valid): DOM elements should use the autocomplete attribute correctly by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4364
• Create rule S6843 (jsx-a11y/no-interactive-element-to-noninteractive -role): Interactive DOM elements should not have non-interactive ARIA roles by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4369
• Load package.json on init-linter by @vdiez in https://github.com/SonarSource/SonarJS/pull/4363
• Create rule S6844 (jsx-a11y/anchor-is-valid): Anchor tags should not be used as buttons by @saberduck in https://github.com/SonarSource/SonarJS/pull/4373
• Add rule S6845 (jsx-a11y/no-noninteractive-tabindex): Non-interactive DOM elements should not have the tabIndex property by @ilia-kebets-sonarsource in https://github.com/SonarSource/SonarJS/pull/4374
• Create rule S6846 (jsx-a11y/no-access-key): DOM elements should not use the accesskey property by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4372
• Modify S4328: Use new package.json shared methods by @vdiez in https://github.com/SonarSource/SonarJS/pull/4377
• Add rule S6849 (jsx-a11y/html-has-lang) and (jsx-a11y/lang): HTML elements should have a valid language property by @ilia-kebets-sonarsource in https://github.com/SonarSource/SonarJS/pull/4387
• Add rule S6848 (jsx-a11y/no-static-element-interactions): Non-interactive DOM elements should not have an interactive handler by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4385
• Add mergeRules() example to DEV.md by @ilia-kebets-sonarsource in https://github.com/SonarSource/SonarJS/pull/4389
• Modify S1874: Merge with react/no-deprecated by @vdiez in https://github.com/SonarSource/SonarJS/pull/4371
• Create rule S6850 (jsx-a11y/heading-has-content): Header elements should have accessible content by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4390
• BUILD-4131 use GitHub token from vault instead of sonartech api token by @sebastienvermeille in https://github.com/SonarSource/SonarJS/pull/4386
• Add rule S1077 (jsx-a11y/alt-text): Image, area, button with image and object elements should have an alternative text by @ilia-kebets-sonarsource in https://github.com/SonarSource/SonarJS/pull/4391
• Improve S1874 (deprecation): Remove references from React no-deprecated messages by @vdiez in https://github.com/SonarSource/SonarJS/pull/4392
• Create rule S6851 (jsx-a11y/img-redundant-alt): Images should have a non-redundant alternate description by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4394
• Improve S6849 (html-has-lang): raise issue on html tag name instead of whole <html ...> tag if the lang attribute is missing by @ilia-kebets-sonarsource in https://github.com/SonarSource/SonarJS/pull/4395
• Create rule S6847 (jsx-a11y/no-noninteractive-element-interactions): Non-interactive elements shouldn't have event handlers by @saberduck in https://github.com/SonarSource/SonarJS/pull/4388
• Add rule S6852 (jsx-a11y/interactive-supports-focus): Elements with an interactive role should support focus by @saberduck in https://github.com/SonarSource/SonarJS/pull/4397
• Fix message in S6844 by @saberduck in https://github.com/SonarSource/SonarJS/pull/4398
• Create rule S6854 (jsx-a11y/iframe-has-title): iFrames must have a title by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4399
• Create rule S6855 (jsx-a11y/media-has-caption): Media elements should have captions by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4404
• Add rule S6853 (jsx-a11y/label-has-associated-control): Label elements should have a text label and an associated control by @ilia-kebets-sonarsource in https://github.com/SonarSource/SonarJS/pull/4396
• Improve S1077 (alt-text): Report on the name of the opening element by @ilia-kebets-sonarsource in https://github.com/SonarSource/SonarJS/pull/4407
• Improve S6853 (label-has-associated-control): Report on the name of the opening element by @ilia-kebets-sonarsource in https://github.com/SonarSource/SonarJS/pull/4408
• Improve S6855 (media-has-caption): Report on the name of the opening element by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4406
• Add script to count rules for README by @ilia-kebets-sonarsource in https://github.com/SonarSource/SonarJS/pull/4409

This release will be part of SonarQube 10.4

https://github.com/SonarSource/SonarJS/milestone/82?closed=1

What's Changed

• Add support for Sass syntax by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4306
• Tag RSPECs of JS/TS rules relying on type information by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4309
• Create rule S6836: "case" and "default" clauses should not contain lexical declarations by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4312
• Improve logging of JavaScript files type-checking in SonarLint context by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4311
• Improve S6544 (no-misused-promises): Report on the function's main token by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4313
• Only accept supported web languages for CSS analysis (and activate SASS by default) by @ilia-kebets-sonarsource in https://github.com/SonarSource/SonarJS/pull/4308
• Optimize plugin download on SonarCloud by @saberduck in https://github.com/SonarSource/SonarJS/pull/4314
• Ignore file size limits for CSS by @ilia-kebets-sonarsource in https://github.com/SonarSource/SonarJS/pull/4316
• Fix project size calculation for JavaScript type-checking in SonarLint context by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4317
• Fix FP S3800 (function-return-type): Make the exception of returning at least one this instead of all this by @ilia-kebets-sonarsource in https://github.com/SonarSource/SonarJS/pull/4320
• Fix FP S138 (sonar-max-lines-per-function): Ignore React Functional Components implemented as arrow function by @ilia-kebets-sonarsource in https://github.com/SonarSource/SonarJS/pull/4318
• Fix FP S4662 (at-rule-no-unknown): Ignore "@contain" by default by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4319
• Improve S6478 (no-unstable-nested-components): Replace message and refine location by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4323
• Fix FP S4023 (no-empty-interface): Ignore when extending external interfaces by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4326
• New implementation of S109 sonar-no-magic-numbers by @saberduck in https://github.com/SonarSource/SonarJS/pull/4324
• Improve S4156 (prefer-namespace-keyword): Report on the "module" keyword by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4329
• Deprecate Node.js 16 by @saberduck in https://github.com/SonarSource/SonarJS/pull/4325
• Improve S5869 (duplicates-in-character-class): Mention character class escapes by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4331
• Fix FP S2699 (assertions-in-tests): add support for vitest library by @ilia-kebets-sonarsource in https://github.com/SonarSource/SonarJS/pull/4335
• Upgrade embedded Node.js runtime to 20.9.0 by @ilia-kebets-sonarsource in https://github.com/SonarSource/SonarJS/pull/4333
• Fix regex-related rules: Skip issues with inconsistent locations by @vdiez in https://github.com/SonarSource/SonarJS/pull/4337
• Create rule CSS:S125: Sections of code should not be commented out by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4338
• Update eslint-plugin-sonarjs to v0.22.0 by @vdiez in https://github.com/SonarSource/SonarJS/pull/4347

This release will be part of SonarQube 10.3

Milestone: https://github.com/SonarSource/SonarJS/milestone/81?closed=1

What's Changed

MMF-2996: First-class React: Accessibility (part 1 of 2)

• Add rule S1082 (mouse-events-a11y): Mouse events should have corresponding keyboard events (#4301) by @saberduck
• Modify rule S6747 (no-unknown-property): add jsx-a11y/aria-props by @ilia-kebets-sonarsource
• Add rule S6793 (jsx-a11y/aria-proptypes): ARIA properties in DOM elements should have valid values (#4265) by @ilia-kebets-sonarsource
• Add rule S6807 (jsx-a11y/role-has-required-aria-props): DOM elements with ARIA roles should have the required properties by @alexander-kamushkin-sonarsource
• Add rule S6811 (jsx-a11y/role-supports-aria-props): DOM elements with ARIA role should only have supported properties (#4264) by @alexander-kamushkin-sonarsource
• Add rule S6819 (jsx-a11y/prefer-tag-over-role): Prefer tag over ARIA role (#4267) by @alexander-kamushkin-sonarsource
• Add rule S6821 (jsx-a11y/aria-role): DOM elements with ARIA roles should have a valid non-abstract role (#4268) by @ilia-kebets-sonarsource
• Add rule S6822 (jsx-a11y/no-redundant-roles): No redundant ARIA role (#4270) by @alexander-kamushkin-sonarsource
• Add rule S6823 (jsx-a11y/aria-activedescendant-has-tabindex): DOM elements with the aria-activedescendant property should be accessible via the tab key (#4277) by @ilia-kebets-sonarsource
• Add rule S6824 (jsx-a11y/aria-unsupported-elements): No ARIA role or property for unsupported DOM elements (#4275) by @ilia-kebets-sonarsource
• Add rule S6825 (jsx-a11y/no-aria-hidden-on-focusable): Focusable elements should not have aria-hidden attribute (#4292) by @alexander-kamushkin-sonarsource
• Add rule S6827 (jsx-a11y/anchor-has-content): Anchors should contain accessible content (#4296) by @ilia-kebets-sonarsource

MMF-3393: Better diagnostics of memory issues

• Log memory configuration when bridge starts (#4263) by @saberduck
• Delegate analysis-related HTTP requests to a worker thread (#4261) by @yassin-kammoun-sonarsource
• Improve message when running in Docker (#4269) by @saberduck
• Handle out-of-memory errors in the worker thread (#4273) by @yassin-kammoun-sonarsource
• Improve reporting of memory size in docker env (#4274) by @saberduck
• Report heap usage status with sonar.javascript.node.debugMemory (#4294 by @saberduck

Miscellaneous

• Move css rule to a separate folder (#4201) by @alexander-kamushkin-sonarsource
• Refactor npm scripts (#4203) by @ilia-kebets-sonarsource
• Add sanity check on adding a new rule property (#4222) by @yassin-kammoun-sonarsource
• Clean up Git submodules and ruling tests (#4224, #4252) by @victor-diez-sonarsource
• Fix unescaped regexp chars and remove SQ exclusion (#4257) by @alexander-kamushkin-sonarsource
• Update babel to 7.23.2 to fix babel/traverse vulnerability (#4298) by @alexander-kamushkin-sonarsource

This release will be part of SonarQube 10.3

Full Changelog: https://github.com/SonarSource/SonarJS/compare/10.7.0.22914...10.8.0.24207

What's Changed

• Add rule S6746 (react/no-direct-mutation-state): In React this.state should not be mutated directly by @alexander-kamushkin-sonarsource in https://github.com/SonarSource/SonarJS/pull/4145
• Add rule S6747 (no-unknown-property): JSX elements should not use unknown properties and attributes by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4146
• Add rule S6749 (jsx-no-useless-fragment): Redundant React fragments should be removed by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4147
• Create rule S6748 (react/no-children-prop): React children should not be passed as prop by @alexander-kamushkin-sonarsource in https://github.com/SonarSource/SonarJS/pull/4149
• Add rule S6750 (no-render-return-value): The return value of "ReactDOM.render" should not be used by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4148
• Add rule S6756 (no-access-state-in-setstate): "setState" should use a callback when referencing the previous state by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4154
• Add rule S6754 (hook-use-state): The return value of "useState" should be destructured and named symmetrically by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4152
• Create rule S6757 (react/no-this-in-sfc​​): this should not be used in functional components by @alexander-kamushkin-sonarsource in https://github.com/SonarSource/SonarJS/pull/4155
• Add rule S6759 (prefer-read-only-props): React props should be read-only by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4157
• Add rule S6763 (no-redundant-should-component-update): "shouldComponentUpdate" should not be defined when extending "React.PureComponent" by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4160
• Add rule S6761 (react/no-danger-with-children​): children and dangerouslySetInnerHTML should not be used together by @alexander-kamushkin-sonarsource in https://github.com/SonarSource/SonarJS/pull/4163
• Add rule S6767 (no-unused-prop-types): Unused React typed props should be removed by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4165
• Add rule S6766 (react/no-unescaped-entities​): JSX special characters should be escaped by @alexander-kamushkin-sonarsource in https://github.com/SonarSource/SonarJS/pull/4166
• Add rule S6770 (jsx-pascal-case): User-defined JSX components should use Pascal case by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4169
• Add rule S6772 (react/jsx-child-element-spacing​): Spacing between inline elements should be explicit by @alexander-kamushkin-sonarsource in https://github.com/SonarSource/SonarJS/pull/4171
• Add rule S6775 (react/default-props-match-prop-types​): All defaultProps should have non-required PropType by @alexander-kamushkin-sonarsource in https://github.com/SonarSource/SonarJS/pull/4176
• Add rule S6774 (prop-types): React components should validate prop types by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4174
• Fix FP S6766 (react/no-unescaped-entities​): Remove ' and " from the list of forbidden entitiles by @alexander-kamushkin-sonarsource in https://github.com/SonarSource/SonarJS/pull/4181
• Fix FP S6759 (prefer-read-only-props): Restrict the scope to functional components by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4182
• Fix windows build issues by @alexander-kamushkin-sonarsource in https://github.com/SonarSource/SonarJS/pull/4189
• [MMF-2861] Embed Node.js runtime in analyzer by @saberduck in https://github.com/SonarSource/SonarJS/pull/4150
• Fix FP S6749 (jsx-no-useless-fragment): Ignore empty React fragments by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4193
• Bundled Node.js runtime: add MacOS x64 support by @ilia-kebets-sonarsource in https://github.com/SonarSource/SonarJS/pull/4194

New Contributors

• @david-cho-lerat-sonarsource made their first contribution in https://github.com/SonarSource/SonarJS/pull/4177

This release will be part of SonarQube 10.3

Full Changelog: https://github.com/SonarSource/SonarJS/compare/10.6.0.22520...10.7.0.22914

What's Changed

• prepare next development iteration: 10.6.0 by @ilia-kebets-sonarsource in https://github.com/SonarSource/SonarJS/pull/4093
• Remove unused code by @victor-diez-sonarsource in https://github.com/SonarSource/SonarJS/pull/4087
• Avoid circular dependencies between packages by @victor-diez-sonarsource in https://github.com/SonarSource/SonarJS/pull/4097
• Add quick fix for S6326: Regular expressions should not contain multiple spaces by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4096
• Allow comment-based fixtures to be named *.fixture.<ext> instead of cb.fixture.<ext> by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4099
• Improve S5689: Use different messages if sensitive header is set explicitely or by default by @ilia-kebets-sonarsource in https://github.com/SonarSource/SonarJS/pull/4100
• Fix Babel fallback for JS files by @victor-diez-sonarsource in https://github.com/SonarSource/SonarJS/pull/4088
• Allow Stylelint imports for projects without CSS files by @victor-diez-sonarsource in https://github.com/SonarSource/SonarJS/pull/4102
• Improve S2699 (assertions-in-tests): Support Sinon.JS assertion statements by @ilia-kebets-sonarsource in https://github.com/SonarSource/SonarJS/pull/4095
• Allow having duplications when importing issues by @victor-diez-sonarsource in https://github.com/SonarSource/SonarJS/pull/4101
• Improve S2068: Ignore linted files from l10n folders by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4104
• Remove S2814 (no-redeclare) for TypeScript by @ilia-kebets-sonarsource in https://github.com/SonarSource/SonarJS/pull/4098
• Fix S6535 (unnecessary-character-escapes): Disambiguate conflicting message ids by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4108
• Log the filename for which an issue is saved by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4111
• Fix S2699 (assertions-in-tests): infinite loop by @ilia-kebets-sonarsource in https://github.com/SonarSource/SonarJS/pull/4119
• Update metadata for the external rules by @alexander-kamushkin-sonarsource in https://github.com/SonarSource/SonarJS/pull/4107
• Rename remaining ESLint bridge-related components by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4121
• Add Node.js 20 as a possible recommended version by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4110
• Improve S1874 (deprecation): Report deprecations from TypeScript compiler by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4122
• Change run-node error message when Node.js is not found by @victor-diez-sonarsource in https://github.com/SonarSource/SonarJS/pull/4112
• Fix FP S4123 (no-invalid-await): Improve thenable type detection by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4123
• Update metadata by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/4124

Full Changelog: https://github.com/SonarSource/SonarJS/compare/10.5.1.22382...10.6.0.22520

Part of SonarQube 10.3

Small fix release, because we forgot to include the eslint-plugin-sonarjs update in 10.5.0

milestone: https://github.com/SonarSource/SonarJS/milestone/78?closed=1

This release will be part of SonarQube 10.2