SonarJS Versions Save

SonarSource Static Analyzer for JavaScript and TypeScript

1 year ago

1 year ago

What's Changed

Analyze JavaScript embedded in HTML by @ilia-kebets-sonarsource and @victor-diez-sonarsource in https://github.com/SonarSource/SonarJS/pull/3674
Fix FP S128 (sonar-max-lines-per-function): Improve React functional components detection by @victor-diez-sonarsource in https://github.com/SonarSource/SonarJS/pull/3679
Fix FP S5860 (unused-named-groups): Consider accesses via the index syntax by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/3685
Fix FP S6329 (aws-ec2-rds-dms-public): Consider sensitive RDS DB instance on public subnet only by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/3688
Fix FN S6265 (aws-s3-bucket-granted-access): Fix BucketDeployment resolving by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/3689
Fix FN S6249 (aws-s3-bucket-insecure-http): Consider TypeScript import = require() construct by @victor-diez-sonarsource in https://github.com/SonarSource/SonarJS/pull/3665
Update S4423 (weak-ssl): Change issue message when omitting tlsSecurityPolicy by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/3687
Add helper functions searchable documentation by @ilia-kebets-sonarsource in https://github.com/SonarSource/SonarJS/pull/3506
Update ESLint dependencies to the latest version by @francoismora in https://github.com/SonarSource/SonarJS/pull/3682

Full Changelog: https://github.com/SonarSource/SonarJS/compare/9.13.0.20537...10.0.0.20728

Part of SonarQube 10.0

1 year ago

Fix FNs caused by node: imports in several rules using getFullyQualifiedName() by @ilia-kebets-sonarsource in https://github.com/SonarSource/SonarJS/pull/3618
Fix FP S2424 (no-built-in-override): Remove System from globals by @ilia-kebets-sonarsource in https://github.com/SonarSource/SonarJS/pull/3620
Fix FP S6442 (no-hook-setter-in-body): Shouldn't raise when used conditionally by @saberduck in https://github.com/SonarSource/SonarJS/pull/3622
Deprecate S2814 (no-redeclare) for TypeScript by @victor-diez-sonarsource in https://github.com/SonarSource/SonarJS/pull/3635
Upgrade ESLint, TypeScript, and TypeScript ESLint dependencies by @yassin-kammoun-sonarsource in https://github.com/SonarSource/SonarJS/pull/3631
Fix recursion in FQN resolution by @victor-diez-sonarsource in https://github.com/SonarSource/SonarJS/pull/3642

Full Changelog: https://github.com/SonarSource/SonarJS/compare/9.12.1.20358...9.13.0.20537

1 year ago

1 year ago

In this release:

We improved the precision of the Cognitive Complexity for JSX by ignoring shorthand such as short-circuit logic.
We added 6 new rules for detecting performance issues in React:
- S6477: Mandatory keys in JSX list components
- S6479: No array index for keys in JSX list components
- S6486: No uniq values as keys for JSX list components
- S6480: Disallow .bind() and arrow functions in JSX props
- S6481: React Context Provider values should not have unstable identities
- S6478: React components should not be nested

Milestone: https://github.com/SonarSource/SonarJS/issues?q=is%3Aclosed+milestone%3A9.12

Full Changelog: https://github.com/SonarSource/SonarJS/compare/9.11.1.20218...9.12.0.20319

1 year ago

Fix dependency injection of JavaScriptProjectChecker for SonarCloud

SonarQube version: 9.8

1 year ago

This new version:

SonarQube version: 9.8

1 year ago

This new version adds 16 AWS CDK rules and includes fixes listed in the 9.10 milestone.

1 year ago

SonarJS hardening before SonarQube 9.7.

Details are available in 9.9 milestone.

1 year ago

faster PR analysis security analysis for AWS YAML TypeScript 4.8 deprecation of Node.JS v14 remove support for Node.JS v12

Details are available in 9.8 milestone.