v6.26.0

🌟 Highlights

Ouath2 based Single Sign On Authentication

CodeChecker now provides Oauth2 based user authentication through various providers. It is now possible to configure up your CodeChecker server instance to accept user logins with their Google, Microsoft or GitHub accounts.
To enable this feature, you will first need to configure your CodeChecker server instance with the corresponding oauth provider and add a
new authentication method section in the codehchecker server configuration file.
If the user group memberships are managed by a Microsoft Entra identity server, these memberships will be fetched by CodeChecker through the graph API.

See CodeChecker authentication document document for configuration details.

The features was implemented in the following PRs:

• Implementation of Oauth of Github, Google and Microsoft by @feyruzb in #4298
• integrated signum fetching and using it as optional username by @feyruzb in #4517
• Add paging to the graph API query by @dkrupp in #4532

Personal Access token Management

Personal access tokens are generated "passwords" which can be used to login to CodeChecker. If MultiFacor Authentication is enabled, it is the only way to authenticate through the CLI.

• The personal access tokens now can be created on the GUI too, not only through the CLI.
• It is accessible if you click on you user name in the top right corner.
  

❗ Backward incompatible changes

• The personal Access tokens cannot be viewed after creation. It was possible to list the values of the personal access tokens after creation, but after this version it will only be possible to view once at creation time.

💻 CLI/Server improvements

• Cache __contains_no_intrinsic_headers and thus speedup parse_options ~2x by @irishrover in #4479
• [analyzer] debug_analyzer log level for analyzer commands by @bruntib in #4473
• [cmd] Emit errors instead of hiding flags by @Szelethus in #4465
• fix(report-converter): Support null column in eslint reports by @SweetVishnya in #4497
• [NFC] Eliminate the "W" form of clang-tidy warnings by @bruntib in #4438
• [fix] Unique key constraint violation fix by @bruntib in #4505
• [bugfix] Don't crash if clangsa binary is missing by @Szelethus in #4531
• Fix serving Bad request pages in case of some HTTP errors by @Discookie in #4506
• [feat] Display announcement message in the CLI by @noraz31 #4535
• Personal access token by @bruntib in #4540
• [fix] Bug report bubble display bugfix by @bruntib in #4480
• [analyzer] Add --use-absolute-ldpreload-path flag to log command by @gamesh411 in #4518
• [fix] Apply heuristics when diagtool comes with version number by @bruntib in #4515
• Fix CSP when HTTPS is not enabled on the server by @Discookie in #4544
• [feat] Add JSCPD report converter by @noraz31 in #4530
• [bugfix] Pass the correct interpreter from bin/CodeChecker to the analyzers by @Szelethus in #4558
• [fix][report-converter] Fix hash where file was pulled from report instead of event. by @jstevens176 in #4403
• Utilize personal access token expiration date by @gulyasgergely902 in #4551
• Add OAuth templates, simplify OAuth configuration flow by @Discookie in #4559
• [ld_logger] Fix suffix match on non-absolute paths by @bruntib in #4577
• [feat] Implement configurable Personal Acces Token expiry by @gulyasgergely902 in #4567
• Fix return_to directive when the user is already logged in by @Discookie in #4582
• Restrict the SQL database creation to the config directory by @Discookie in #4521
• Only respond to valid endpoints on the frontend by @Discookie in #4588
• [feat][server] Make personal access token max expiration length configurable by @gulyasgergely902 in #4590
• Ensure the compiler has no L18Ned output by @cmorty in #4562
• [fix] Fix missing default value for max pers auth token. by @gulyasgergely902 in #4593
• [feat] Check if file path is absolute or not in gerrit py. by @gulyasgergely902 in #4594

🔨 Other

• [fix] Adding run filter to router query by @cservakt in #4495
• [fix] Display chronological order in GUI by @bruntib in #4512
• fixed url strip error by @feyruzb in #4516
• [fix] Rename cmd modules to avoid conflict with built-in cmd by @gamesh411 in #4464
• E2E tests are flaky (fix) by @xb058t in #4493
• Make username-password login hidable by @gulyasgergely902 in #4537
• Simplify oauth interface by @gulyasgergely902 in #4539
• [fix] dead links, typos etc. in the documentation by @NagyDonat in #4526
• Fix a legacy mistake in the test by @irishrover #4543
• Fix issues in documentation by @gulyasgergely902 #4542
• Add OWASP Top 10 guideline by @noraz31 in #4482
• Add chronological order column to exported HTML report by @gulyasgergely902 in #4553
• Add 6.26.0 release notes to the New Features menu by @noraz31 in #4556
• Check shown file when rendering error message by @gulyasgergely902 in #4557
• Fix a code duplication by @irishrover in #4548
• [feat] Return custom message in cli upon failed authentication by @noraz31 in #4546
• feat(script): Support label-tool-skip directive labels by @whisperity in #4274
• [refactor] Make analyzer and checker options typed by @bruntib in #4566
• [gui] Conditionally hide timestamp, test case and chronological order by @gulyasgergely902 in #4574
• Fix bug path node coloring by @gulyasgergely902 in #4561
• [fix][server] Fix announcement message cannot be edited as superuser by @gulyasgergely902 in #4578
• [fix] Fix the flaky tests for personal access token expiration by @gulyasgergely902 in #4583
• [fix] Emit error message when SQLite DB is not under workspace dir by @bruntib in #4584
• [fix] Demote product not found errors to debug in the CC logs by @noraz31 in #4587
• Extended tests for OAuth by @feyruzb in #4533

🌳 Environment

• [tools] bump sarif-tools version from 1.0.0 to 3.0.4 by @AlexFabre in #4466
• [fix] Fix missing CC_LIB_DIR when dev_package is used by @Szelethus in #4513
• [test] GitHub actions upgrade to 24.04 by @bruntib in #4524
• Moving authlib to the mandatory requirements by @dkrupp in #4522
• [version] Bump python version to 3.9 by @pdgendt in #4550
• [docs] README.md install guide fix apt install by @barnabasdomozi in #4570
• Document API endpoints by @Discookie in #4572
• [cfg] Update clang-tidy, clangsa and cppcheck configurations by @gamesh411 in #4568
• [cfg] Add unix.cstring.NotNullTerminated to default profile by @gamesh411 in #4576
• Thrift upgrade by @bruntib in #4581
• [doc] Update checker_and_analyzer_configuration.md by @NagyDonat in #4579
• removing clang-diagnostic-implicit-void-ptr-cast from the sensitive p… by @dkrupp in #4580
• Add Thrift 0.22.0 dockerfile & add ws* to gitignore by @gulyasgergely902 in #4585
• [3pp] Upgrade portalocker version: 2.2.1 -> 3.1.1 by @bruntib in #4586
• Remove alpha checkers from all profiles by @bruntib in #4589
• Add plist documentation by @noraz31 in #4565
• Configure UTF-8 output encoding globally by @gamesh411 in #4463

New Contributors

• @AlexFabre made their first contribution in #4466
• @SweetVishnya made their first contribution in #4497
• @xb058t made their first contribution in #4493
• @gulyasgergely902 made their first contribution in #4537
• @NagyDonat made their first contribution in #4526
• @barnabasdomozi made their first contribution in #4570
• @cmorty made their first contribution in #4562

Full Changelog: v6.25.1...v6.26.0