Zpa Versions Save

Parser and static source code analyzer for PL/SQL and Oracle SQL.

early-access

3 weeks ago

SonarQube compatibility

This version is compatible with SonarQube 9.9 LTS and SonarQube 10.5 Community Edition.

It may work with the commercial editions of SonarQube, but you won't be able to use ZPA and the embedded PL/SQL plugin from SonarSource to analyze the code simultaneously. If you need this scenario, please use zpa-cli instead.

Highlights

Install/update instructions

  • Download the sonar-zpa-plugin-3.5.0-SNAPSHOT.jar and copy it to the SONARQUBE_HOME/extensions/plugins.
  • Remove the older plugin from that directory.
  • Restart the SonarQube instance.

For custom plugin developers

Binary compatibility is not guaranteed either in between any version number change. Custom plugins should be recompiled against the same version of sonar-zpa-plugin.

Download the zpa-toolkit-3.5.0-SNAPSHOT.jar (requires Java 11+) to test the parser and view the AST.

Full changelog

🚀 Features

  • a256b94 Remove method getSemanticNode and make the Parser build a SemanticAstNode directly

🛠 Build

  • 769f728 deps: Use FLR 1.4.0-SNAPSHOT
  • 323d9ce Bump project version

3.4.0

3 weeks ago

SonarQube compatibility

This version is compatible with SonarQube 9.9 LTS and SonarQube 10.5 Community Edition.

It may work with the commercial editions of SonarQube, but you won't be able to use ZPA and the embedded PL/SQL plugin from SonarSource to analyze the code simultaneously. If you need this scenario, please use zpa-cli instead.

Highlights

Install/update instructions

  • Download the sonar-zpa-plugin-3.4.0.jar and copy it to the SONARQUBE_HOME/extensions/plugins.
  • Remove the older plugin from that directory.
  • Restart the SonarQube instance.

For custom plugin developers

Binary compatibility is not guaranteed either in between any version number change. Custom plugins should be recompiled against the same version of sonar-zpa-plugin.

Download the zpa-toolkit-3.4.0.jar (requires Java 11+) to test the parser and view the AST.

Full changelog

🚀 Features

  • 7cae5e0 grammar: Improve parsing of ALTER TRIGGER/PROCEDURE/FUNCTION/PACKAGE
  • ffa0f67 grammar: Support CREATE/DROP DIRECTORY
  • 3f206ed toolkit: Highlight comment nodes when clicking on the corresponding trivia in the AST tree
  • d206e03 toolkit: Highlight comment nodes when clicking on the corresponding trivia in the AST tree
  • 2d22d47 toolkit: Change the color of the highlighter from gray to a light blueish color
  • 5df2de6 grammar: Support TABLE expressions with queries
  • 111d864 grammar: Support CURSOR expressions

🐛 Fixes

  • 7c1ee44 grammar: Don't consider SELECT_EXPRESSION as a valid expression for all cases, this is necessary to avoid parsing errors like '1 + select 1 from dual' that was being considered valid
  • 8344096 Refactor operator handling in PlSqlGrammar (#181), closes #181

🛠 Build

  • fc4bc41 Release 3.4.0
  • 0485465 Update to Gradle 8.7
  • 8c58095 Enable SonarScanner logs
  • a8c4658 Change the directory where integration test failures are saved
  • 7c573fc Bump project version

📝 Documentation

  • 7547f7b Update release template and README

3.3.1

2 months ago

SonarQube compatibility

This version is compatible with SonarQube 9.9 LTS and SonarQube 10.4 Community Edition.

It may work with the commercial editions of SonarQube, but you won't be able to use ZPA and the embedded PL/SQL plugin from SonarSource to analyze the code simultaneously. If you need this scenario, please use zpa-cli instead.

Highlights

Install/update instructions

  • Download the sonar-zpa-plugin-3.3.1.jar and copy it to the SONARQUBE_HOME/extensions/plugins.
  • Remove the older plugin from that directory.
  • Restart the SonarQube instance.

For custom plugin developers

Binary compatibility is not guaranteed either in between any version number change. Custom plugins should be recompiled against the same version of sonar-zpa-plugin.

Download the zpa-toolkit-3.3.1.jar (requires Java 11+) to test the parser and view the AST.

Full changelog

🐛 Fixes

  • 7744f16 Fix lexer to correctly handle binding and host/indicator variables (#181), closes #181
  • 56b0a67 Fix lexer to correctly handle national character literals (#181), closes #181
  • ce1368f Update list of reserved keywords (closes #179), closes #179
  • 1254a36 Add missing set operators from Oracle 20c+ (minus all, intersect all, except, and except all)
  • e719d2b Check exception declarations in VariableHidingCheck (closes #180), closes #180

🧰 Tasks

  • 9c3a4f5 Update .editorconfig

🛠 Build

  • ce4fb60 Release 3.3.1
  • af6f456 Reintroduce integration tests with the upcoming SonarQube version
  • 15ee987 Bump project version
  • 20afa2d Bump project version

📝 Documentation

  • b60b0e7 Update README
  • 9fedad2 Fix link to the SonarScanner docs

3.3.0

3 months ago

SonarQube compatibility

This version is compatible with SonarQube 9.9 LTS and SonarQube 10.4 Community Edition.

It may work with the commercial editions of SonarQube, but you won't be able to use ZPA and the embedded PL/SQL plugin from SonarSource to analyze the code simultaneously. If you need this scenario, please use zpa-cli instead.

Highlights

Install/update instructions

  • Download the sonar-zpa-plugin-3.3.0.jar and copy it to the SONARQUBE_HOME/extensions/plugins.
  • Remove the older plugin from that directory.
  • Restart the SonarQube instance.

For custom plugin developers

Binary compatibility is not guaranteed either in between any version number change. Custom plugins should be recompiled against the same version of sonar-zpa-plugin.

Download the zpa-toolkit-3.3.0.jar (requires Java 11+) to test the parser and view the AST.

Full changelog

🚀 Features

  • 25f8dc4 Improve the error messages in PlSqlCheckVerifierTest assertions
  • 1399943 Set the attribute "Plugin-RequiredForLanguages" in the plugin manifest to support the "Analyzers loading optimization" feature from SonarQube 10.4
  • 5732e53 Rename property "sonar.zpa.file.suffixes" to "sonar.plsqlopen.file.suffixes"
  • 84fd1d5 perf: Small improvement in PlSqlCommentAnalyzer.getContents
  • 3e7eccf Optimize memory usage when lexing whitespace
  • 65c85d7 Optimize memory usage when lexing identifiers
  • ffffccb Optimize memory usage when lexing date literals
  • e1ccbea Optimize memory usage when lexing string literals
  • 5b7bba5 Optimize memory usage when lexing numeric literals
  • b853469 Optimize memory usage when lexing comments
  • 437b569 Optimize memory usage in RegexPunctuatorChannel by minimizing Regex usage
  • 975a8df Replace usages of Enum.values() by Enum.entries (new in Kotlin 1.9)
  • 42ec1f0 Add a name property to all datatype classes
  • c160256 Add a name property to AssociativeArrayDatatype and RecordDatatype
  • 5d21223 Update plsql-custom-plugin example for zpa-cli compatibility
  • c8f6249 Add properties to ZpaActiveRule for zpa-cli integration
  • e5b0b3f Use Rula and Priority annotations from the zpa-core module on custom rules
  • 0bf214f grammar: Support GROUP BY GROUPING SETS (#168), closes #168
  • d9989b8 grammar: Support GROUP BY ROLLUP/CUBE

🐛 Fixes

  • b7bf156 core: Change plSqlDatatype and plSqlType attributes on SemanticAstNode to non-nullable
  • d7e9910 checks: Fix bounds check on ToCharInOrderByCheck (closes #165), closes #165

🔄️ Changes

  • 9aa1597 Implement an optimized channel for integers without using regex
  • 4aeaed9 Avoid capturing groups on the regexes used by the lexer
  • 548d60a Simplify comparison
  • eabbf3d Replace internal comparator class by a lambda

🧰 Tasks

  • 400eae2 Update license header
  • 7efdec5 Remove FUNDING.yml

🛠 Build

  • e6a61d8 Release 3.3.0
  • c40c9a6 Update to FLR 1.3.0
  • 2d01d07 Rename job name from "Integration tests" to "IT" in GitHub Actions workflow
  • 4ca6ac6 Update the sonar-orchestrator version and removes the DEV version from the integration tests matrix (because SonarSource made their repository private)
  • 68be10a Configure the jvm target in the kotlin plugin
  • 4d3acb4 Update to Gradle 8.6
  • cce21b9 Run Gradle with JDK 21
  • d5e29a3 Enable 'continue-on-error' in GitHub workflow for integration tests
  • 97bb37b Set sonar.gradle.skipCompile=true
  • f4237dd Update GitHub Actions to use newer versions and revise build commands
  • 27b3b2c Update to Gradle 8.5 and Kotlin 1.9.22
  • 0a709e2 Update SonarScanner for Gradle to 4.4.1.3373
  • 14a4fe5 Use Kotlin 1.9.10
  • 601a77a Use JReleaser 1.8.0
  • 8544710 Use Gradle 8.4
  • 9b2dbe3 Use FLR 1.3.0-SNAPSHOT
  • 9d50cc6 Use Gradle 8.3
  • f424ffd Update dependencies
  • 2ffd9bc Use Gradle 8.2.1
  • 4e11c3b Use Gradle 8.2.1
  • 73f44e8 Fetch all commits in gh actions
  • 1e3a434 Use JReleaser 1.6.0
  • a4d329a Use Gradle 8.1.1 on plsql-custom-rules
  • a97fb3b Migrate to GitHub Actions
  • d227ab7 Update Azure Pipelines tasks
  • 0230d10 Use Kotlin 1.8.20 and Gradle 8.1.1
  • 8374e9a Remove the minimize step from sonar-zpa-plugin
  • 3437b7f Update azure-pipelines.yaml
  • b9c400a Update changelog format
  • e75920d Use JReleaser 1.5.1
  • 3e7a3dd Use Gradle 8.0.2
  • aaa6838 core: Refactor TestPlSqlFile to require a File object (#166), closes #166
  • d06a10c Update changelog template
  • be8fe65 Always use JDK 17 to run the integration tests
  • f27e196 Use Gradle 8.0.1
  • 832f9f9 Update SonarScanner for Gradle
  • 012a82a deps: Bump minimum SonarQube version to 9.9 LTS

📝 Documentation

  • a520dd3 Update changelog template
  • 7c701c5 Update SonarQube compatibility and add highlights in changelog
  • 39b8791 Update compatibility matrix
  • 690c2d9 Update README
  • f720ea6 Add README to plsql-custom-plugin project
  • 092c031 Fix typo
  • 7164526 Add CONTRIBUTING.md

3.2.1

1 year ago

SonarQube compatibility

This version supports SonarQube 8.9 LTS and newer.

Please be aware that ZPA is only tested with SonarQube Community Edition. It may work with the commercial editions of SonarQube, but you won't be able to use ZPA and the embedded PL/SQL plugin from SonarSource to analyze the code simultaneously. If you need this scenario, please use zpa-cli instead.

Install/update instructions

  • Download the sonar-zpa-plugin-3.2.1.jar and copy it to the SONARQUBE_HOME/extensions/plugins.
  • Remove the older plugin from that directory.
  • Restart the SonarQube instance.

For custom plugin developers

Binary compatibility is not guaranteed either in between any version number change. Custom plugins should be recompiled against the same version of sonar-zpa-plugin.

Download the zpa-toolkit-3.2.1.jar (requires Java 11+) to test the parser and view the AST.

Changelog

🐛 Fixes

  • 28401ad fix(grammar): Accept PARALLEL_ENABLE on functions declarations
  • 697d87a fix(grammar): Fix EXISTS_EXPRESSION to parse the subquery correctly

🛠 Build

  • 6647196 build: Use Kotlin 1.8.10
  • e2daf6d build: Update copyright in license headers
  • 6a0640f build: Update copyright in license headers
  • 8c4ccd5 build: Use JDK 17 to run integration tests that depends on SonarQube 9.8 or higher
  • ea0555e build: Use JReleaser 1.4.0
  • 2417982 build: Use Kotlin 1.8.0

3.2.0

1 year ago

SonarQube compatibility

This version supports SonarQube 8.9 LTS and newer.

Please be aware that ZPA is only tested with SonarQube Community Edition. It may work with the commercial editions of SonarQube, but you won't be able to use ZPA and the embedded PL/SQL plugin from SonarSource to analyze the code simultaneously. If you need this scenario, please use zpa-cli instead.

Install/update instructions

  • Download the sonar-zpa-plugin-3.2.0.jar and copy it to the SONARQUBE_HOME/extensions/plugins.
  • Remove the older plugin from that directory.
  • Restart the SonarQube instance.

For custom plugin developers

Binary compatibility is not guaranteed either in between any version number change. Custom plugins should be recompiled against the same version of sonar-zpa-plugin.

Download the zpa-toolkit-3.2.0.jar (requires Java 11+) to test the parser and view the AST.

Changelog

🚀 Features

  • 972cbd7 grammar: Support table expression ("table(...)")
  • b20d9f0 grammar: Support constraints on custom datatypes (closes #158)
  • 7be7f84 grammar: Add EXCEPTION_DECLARATION and classify the exceptions as PlSqlType.EXCEPTION
  • 6e339b6 grammar: Add an EXCEPTION_HANDLERS node to group all exception handlers
  • b31cb1b grammar: Group parameter declarations under a new PARAMETER_DECLARATIONS node
  • 36bee18 grammar: Support extended iterators from Oracle 21c
  • 6aab1e4 grammar: Add support for qualified expressions from Oracle 21c
  • 94c43b4 toolkit: Add a new tab on zpa-toolkit to show scopes and symbols identified
  • 504df79 toolkit: Change zpa-toolkit look and feel
  • 25d0d10 toolkit: Implement the "click-to-highlight" feature on the new "symbol tree" on zpa-toolkit
  • fee4525 toolkit: Add "Statistics" tab on zpa-toolkit
  • 73d0fbc Convert some methods to properties on Scope/Symbol
  • eda8399 Improve symbol usage tracker to handle qualified variables (#125)
  • 12ff703 Add Symbol.innerScope to simplify the access to the symbols declared inside program units and cursors

🐛 Fixes

  • b631d88 grammar: Use MEMBER_EXPRESSION instead of CUSTOM_DATATYPE in REF/ANCHORED_DATATYPE
  • 70b1add grammar: Fix CHARACTER_DATATYPE_CONSTRAINT
  • 83cada8 Reduce usage of RegexPunctuatorChannel on PlSqlLexer to avoid unnecessary parsing with regexes

🧰 Tasks

  • 1e28a5f Bump minimum SonarQube version to 8.9

3.1.1

2 years ago

Fixes:

  • "ClassNotFoundException: org.jaxen.saxpath.base.XPathReader" exception on XPath rules (#154).

Install/update instructions:

  • Copy the sonar-zpa-plugin-3.1.1.jar file to SONARQUBE_HOME/extensions/plugins.
  • Remove the older plugin from that directory.
  • Restart the SonarQube instance.

For custom plugin developers:

  • There are no changes affecting custom plugins.

3.1.0

2 years ago

This version Improves performance on multi-core processors (#153). This option can be disabled through the SonarQube UI on "General Settings" > "Z PL/SQL Analyzer" > "Enable concurrent execution" or setting the property sonar.zpa.concurrentExecution=false.

This version supports SonarQube 7.6 and newer and it's the last release supporting SonarQube 7.6. Please be aware that ZPA is only tested with SonarQube Community Edition. It may work with the commercial editions of SonarQube, but you'll have to choose if you want to use ZPA or SonarPLSQL (from SonarSource). You can't use both plugins to analyze the code simultaneously.

The next release will require SonarQube 8.9 LTS as minimum version.

Install/update instructions:

  • Copy only the sonar-zpa-plugin-3.1.0.jar file to the SONARQUBE_HOME/extensions/plugins.
  • Remove the older plugin (sonar-plsql-open-plugin*.jar or sonar-zpa*.jar) from that directory.
  • Restart the SonarQube instance.

For custom plugin developers:

  • There are no changes affecting custom plugins.

3.0.0

2 years ago

New rules:

Other highlights:

  • Fix IndexOutOfBoundsException on SelectAllColumnsCheck. (#141)
  • Greatly reduce the time needed to parse code that uses ANSI joins (#152)
  • Many improvements in the parser.
  • Add an example of custom plugin using Gradle.

This version supports SonarQube 7.6 and newer. Please be aware that ZPA is only tested with SonarQube Community Edition. It may work with the commercial editions of SonarQube, but you'll have to choose if you want to use ZPA or SonarPLSQL (from SonarSource). You can't use both plugins to analyze the code simultaneously.

Install/update instructions:

  • Copy only the sonar-zpa-plugin-3.0.0.jar file to the SONARQUBE_HOME/extensions/plugins.
  • Remove the older plugin (sonar-plsql-open-plugin*.jar) from that directory.
  • Restart the SonarQube instance.

For custom plugin developers:

2.4.0

4 years ago

This version supports SonarQube 6.7 and newer and it's the last release supporting SonarQube 6.7. Also note that ZPA is only tested with SonarQube Community Edition. It may work with SonarQube Developer/Enterprise/Data Center Editions, but you'll have to choose between ZPA and SonarPLSQL. If you want a better support for commercial editions of SonarQube please see the issue #133 and contact me.

Some rule improvements, like:

  • Ignore BULK COLLECT in SelectAllColumnsCheck (#109)
  • Ignore "FETCH cursor" in SelectAllColumnsCheck (#118)
  • Ignore "overriding member" in UnusedParameterCheck and EmptyBlockCheck
  • Ignore queries with bulk collect in QueryWithoutExceptionHandlingCheck (#128)

Other highlights:

  • The old sonar.plsql.* properties are not recognized anymore. Please use sonar.zpa.* in the SonarQube Scanner.
  • Many improvements to the parser (i.e. #43, #108, #120, #123, #130, #134).

For custom plugin developers:

  • [BREAKING CHANGE] Custom plugins built against older versions of sonar-plsql-open-plugin must be recompiled with the new version.
  • Many deprecated methods were removed.
  • Fixed typo in package name: org.sonar.plugins.plsqlopen.api.annnotations. -> org.sonar.plugins.plsqlopen.api.annotations.