6.3.0.21585
·
2231 commits
to master
since this release
Release Notes - SonarSource Code Analyzer for Java - Version 6.3.0.21585
False-Positive
- [SONARJAVA-3316] - FP S5542 (EncryptionAlgorithmCheck) more secure algorithms and algorithm name using different case
- [SONARJAVA-3320] - S1165/S2039: Fix false positives for Lombok's field modifier annotations
- [SONARJAVA-3321] - FP S5542 (EncryptionAlgorithmCheck): should support default security java provider
- [SONARJAVA-3330] - FP in S3749 when fields are injected by Lombok @requiredargsconstructor
- [SONARJAVA-3338] - FP on S1118: improve support of Lombok's annotation generating constructor
Bug
- [SONARJAVA-3322] - S2441 does not handle correctly unknown types
- [SONARJAVA-3328] - JSP transpiling is broken when root dir is symlink
- [SONARJAVA-3347] - [JSP] Fix compilation of custom tags in JSPs
New Feature
- [SONARJAVA-1871] - Offer access to Parameterized Type in Java Analyzer semantic API
- [SONARJAVA-2357] - Provide MethodMatcher API to be used in custom rules
- [SONARJAVA-2941] - Rule S3740: Generic types shouldn't be used raw
- [SONARJAVA-3309] - Transpile JSP to Java
- [SONARJAVA-3310] - Use source maps to report precise issues on JSP files
- [SONARJAVA-3314] - Rule S5738: Deprecated code marked for removal should be removed
- [SONARJAVA-3340] - Jasper dependency should not be required
- [SONARJAVA-3341] - Change issue type of S1104 to code smell
Task
- [SONARJAVA-3241] - Rewrite IssueFiltering mechanism as IssueFilter from SonarQube API is deprecated
- [SONARJAVA-3267] - Drop sonarjava_feedback metric
- [SONARJAVA-3307] - Migrate SonarJava custom rules tutorial to SonarJava 6.X and LTS 7.9
- [SONARJAVA-3333] - Update rules metadata
- [SONARJAVA-3336] - Update documentation regarding new JavaCheckVerifier
- [SONARJAVA-3342] - Update doc about XSS scanning
Improvement
- [SONARJAVA-2410] - Issue filter should also filter rules depending of the java warning suppressed
- [SONARJAVA-3313] - Improve log message for missing compiled classes
- [SONARJAVA-3315] - Unify JavaCheckVerifiers and simplify its usage to test rules
- [SONARJAVA-3317] - Improve performance
- [SONARJAVA-3318] - S2077 should present to the user all the locations where the formatted SQL query string is used
- [SONARJAVA-3323] - S1166 should be able to be configured with an empty whitelist
- [SONARJAVA-3325] - Remove dependency on Ant for JSP transpiling
- [SONARJAVA-3326] - Remove dependency on Eclipse JDT for JSP transpiling
- [SONARJAVA-3331] - FN in S3749: support @component annotation
- [SONARJAVA-3337] - Update branding to drop 'SonarJava'