Releases: SonarSource/sonar-java
8.2.0.36672
8.1.0.36477
Release notes - SonarJava - 8.1
Documentation
SONARJAVA-5050 Update rule metadata with correct scope
Task
SONARJAVA-5055 Update Rules Metadata
Improvement
SONARJAVA-5045 Enable batch of rules for test 1/3 part 2
SONARJAVA-5046 Enable batch of rules for test 2/3 part 2
SONARJAVA-5047 Enable batch of rules for test 3/3 part 2
SONARJAVA-5049 Generate CheckList during build time
8.0.1.36337
8.0.0.36314
Release notes - SonarJava - 8.0
Task
SONARJAVA-4975 Create custom rules plugin around symbolic execution engine
7.35.0.36271
Release notes - SonarJava - 7.35
Task
SONARJAVA-4951 Replace InternalCheckVerifier with JavaCheckVerifier
SONARJAVA-4974 Update custom rule documentation with new CheckVerifier API
SONARJAVA-5021 Update Rules Metadata
Improvement
SONARJAVA-4988 Use SonarLintCache component and make it accessible to custom rules via the caching APIs
7.34.0.35958
Release notes - SonarJava - 7.34
Bug
SONARJAVA-4934 On-demand plugin downloading ignore jsp files
False-Positive
SONARJAVA-4520 Rule S3655: False Positive with JUnit assertions
SONARJAVA-4529 FP on rule S3740 when instanceof with variable is used on raw types
SONARJAVA-4699 FP on S3516 when calling a method using objects from "unknown" packages
SONARJAVA-4741 FP on S6857 for special default values in property placeholders
SONARJAVA-4933 FP on S1068 with lombok @DaTa, @Getter, @Setter annotations
SONARJAVA-4937 FP on S1118 when using Lombok generated constructors with private access
SONARJAVA-4943 FP on S1144 if private method is referenced by name in annotations
SONARJAVA-4944 FP on S2699 on SpringBoot sanity test "contextLoads"
Task
SONARJAVA-4936 Allow rules to analyze both main and test code
SONARJAVA-4952 Update Rules Metadata
SONARJAVA-4953 Update External Linters Metadata
SONARJAVA-4956 Update parent pom
Improvement
SONARJAVA-4935 S1192 should not report on individual lines of multi line string literal
SONARJAVA-4939 Enable batch of rules for tests (1/3)
SONARJAVA-4940 Enable batch of rules for tests (2/3)
SONARJAVA-4941 Enable batch of rules for tests (3/3)
SONARJAVA-4942 [S6437] Update list of affected method signatures
Contributors
Assets 2
7.33.0.35775
Release notes - SonarJava - 7.33
False Negative
SONARJAVA-4770 S2438 FN on arguments whose concrete type is Thread
Task
SONARJAVA-4918 Update dependencies + prepare for next development iteration 7.33.0-SNAPSHOT
SONARJAVA-4922 Upgrade sonar-plugin-api and fix IndexedFile issue
SONARJAVA-4924 Remove deprecated method ExpressionUtils.getEnclosingElement
Improvement
SONARJAVA-4858 S5344: Add support for detection of two additional insecure PasswordEncoders
SONARJAVA-4863 S2092: Support detection of missing secure cookie flag for Spring
SONARJAVA-4864 S3330: Support detection of missing http-only cookie flag for Spring
SONARJAVA-4866 S2077: Support detection of formatted SQL queries in Spring
SONARJAVA-4871 S5122: Support detection of Permissive CORS policies for Spring
SONARJAVA-4875 S4502: Support detection of CSRF Protection for Spring
SONARJAVA-4880 S5804: Support detection of User Enumeration for Spring
SONARJAVA-4882 S5876: Support detection of Session Fixation for Spring
SONARJAVA-4883 S4423: Support detection of TLS Protocol Downgrades for Spring programmatically
SONARJAVA-4884 S4507: Support detection of enabled Debug Features in Spring programmatically
SONARJAVA-4885 S5693: Support detection of Excessive File Upload Size Limit for Spring programmatically
SONARJAVA-4921 Update Java parser version to ECJ 3.37.0
7.32.0.35531
Release notes - SonarJava - 7.32
Bug
SONARJAVA-4756 NumberFormatException in AbstractPrintfChecker.getIndex(String param)
SONARJAVA-4873 Wrong quickfix in S1066
SONARJAVA-4909 Missing parentheses in the children() method of RecordPatternTreeImpl
SONARJAVA-4913 S1181 misses issues after unknown symbol
False-Positive
SONARJAVA-4422 S6204 FP on lists used outside their instantiation scope
SONARJAVA-4438 S6204: recommendation not applicable when upcast is required
SONARJAVA-4749 FP in S1170 when field is used in a non-static member
SONARJAVA-4751 FP in S2326 when type parameters are used in the child classes or interface implementations
SONARJAVA-4752 FP in S5665 when \\" and \\' are not intended to be escaped
SONARJAVA-4758 S1113 should cover the finalizer attack
SONARJAVA-4814 S1948 should not raise issues on final fields
SONARJAVA-4816 S1948 should support jakarta.inject.Inject
SONARJAVA-4829 FP in rule S2694 on local classes
SONARJAVA-4835 FP on S3242 forcing user to add unnecessary logic
SONARJAVA-4857 S3457: FP on certain java.util.logging strings with single quotes
SONARJAVA-4865 S6856 should not raise on named regex
SONARJAVA-4904 FP on S1301 when using switch statement with type patterns
SONARJAVA-4907 FP on S1481 when using type pattern matching in case clauses of a switch
SONARJAVA-4908 FP on S131 when using switch statement on type pattern
New Feature
SONARJAVA-4823 S6885 Add clamp methods to Math
SONARJAVA-4825 S6876 SequencedCollection reversed view should be used for reverse iteration order
SONARJAVA-4826 S6880 Use switch instead of if else for pattern matching
SONARJAVA-4827 S6877 SequencedCollection reversed view should be used instead of Collections.reverse for read-only lists
SONARJAVA-4831 S6891: Avoid exact alarms
SONARJAVA-4832 S6881 VirtualThreads should be used for tasks that include heavy blocking operations
SONARJAVA-4837 S6878 Use record pattern instead of explicit field access
SONARJAVA-4838 S6901: Thread.setDaemon(boolean), Thread.setPriority(int) and Thread.getThreadGroup() should not be invoked on VirtualThread
SONARJAVA-4840 S6905: SQL queries should retrieve only necessary fields
SONARJAVA-4841 S6898: Avoid high frame rate
SONARJAVA-4842 S6909: Constant parameters in a PreparedStatement should not be set more than once
SONARJAVA-4843 S6906: Virtual threads should not run tasks that include synchronized or native code
SONARJAVA-4844 S6913 Clamp should be used with correct ranges
SONARJAVA-4845 S6914: Use Fused Location to optimize battery power
SONARJAVA-4848 S6916 Use guard instead of a single if/else in pattern match body
SONARJAVA-4849 S6915 indexOf(char|String, int, int) should be used with correct ranges
SONARJAVA-4851 S6912: Use batch Processing in JDBC
SONARJAVA-4854 S6923: Motion Sensor should not use gyroscope
SONARJAVA-4855 S6926: Bluetooth should be configured to use low power
False Negative
SONARJAVA-4784 S2093 should raise on HttpClient starting on Java 21+ code
Improvement
SONARJAVA-4415 Add parameter to ignore particular annotations in S1068
SONARJAVA-4898 S6218: Improve reporting to no highlight the entire record
SONARJAVA-4900 Provide the resolved method "symbol" in "LambdaExpressionTree"
SONARJAVA-4912 S6204 Update issue message
7.31.0.34839
Release notes - SonarJava - 7.31
Java 21 support
Bug
SONARJAVA-4754 Fix memory leak in java:S1849 when cleaning the rule state
SONARJAVA-4755 Runtime arithmetic exception when resolving constant values with a division by zero
False-Positive
SONARJAVA-4413 S2699 add Vert.x assertion methods for JUnit 5
SONARJAVA-4598 FP on S2259 when CollectionUtils and MapUtils are used from commons3
New Feature
SONARJAVA-4750 Update Java parser version to ECJ 3.36.0
SONARJAVA-4833 S6889: Proper Sensor Resource Management
SONARJAVA-4839 S6904: Avoid using FetchType.EAGER
Task
SONARJAVA-4869 Update Rules Metadata
Improvement
SONARJAVA-4759 Prevent implementiaton of useless `IssuableSubscriptionVisitor#scanFile()` method
7.30.1.34514
Release notes - SonarJava - 7.30.1
Documentation
SONARJAVA-4745 Update license headers
Task
SONARJAVA-4746 Revert on-demand plugin downloading
Improvement
SONARJAVA-4635 Update rules related to "javax" library to support also "jakarta" - Part 2/2