Releases: SonarSource/SonarJS
Releases · SonarSource/SonarJS
10.11.1
- Fix missing
requiredForLanguagesmetadata in manifest
This release will be part of SonarQube 10.4
10.11.0
This release
1/ Fail-fast
Misconfigurations now cause analysis failure, this includes missing or incompatible Node.js runtime.
There are also new and more detailed warnings, including new warnings in the UI.
2/ Added support for TypeScript 5.3
3/ Drop support for Node.js v14
4/ Added 5 new adaptability rules:
- S6859: Imports should not use absolute paths
- S6861: Mutable variables should not be exported
- S2187: Test files should contain at least one test case
- S1444: Public "static" fields should be read-only
- S5973: Tests should be stable
What's Changed
- Add rule S6859 (
eslint-plugin-import/no-absolute-path): Imports should not use absolute paths by @ilia-kebets-sonarsource in #4439 - Create rule S6861 (
eslint-plugin-import/no-mutable-exports): Mutable variables should not be exported by @yassin-kammoun-sonarsource in #4441 - Create rule S2187: Test files should contain at least one test case by @yassin-kammoun-sonarsource in #4442
- Drop support for Node.js 14 by @saberduck in #4447
- Upgrade TS 5.3 and ESLint by @saberduck in #4451
- Create rule S1444: Public "static" fields should be read-only by @yassin-kammoun-sonarsource in #4453
- Create rule S5973: Tests should be stable by @ilia-kebets-sonarsource in #4443
- Do not fail silently by @vdiez in #4450
- Add documentation on how to write tests for rules depending on
package.jsondependencies by @ilia-kebets-sonarsource in #4454 - Add more analysis warnings by @vdiez in #4455
- Upgrade typescript-eslint by @saberduck in #4452
Full Changelog: 10.10.0.24774...10.11.0.25043
This release will be part of SonarQube 10.4
https://github.com/SonarSource/SonarJS/milestone/83?closed=1
Contributors
saberduck, vdiez, and 2 other contributors
Assets 2
10.10.0
This release
Added 17 new rules for React Accessibility
- S6841 tabIndex values should be non-positive
- S6842 Non-interactive DOM elements should not have interactive ARIA roles
- S6840 DOM elements should use the autocomplete attribute correctly
- S6843 Interactive DOM elements should not have non-interactive ARIA roles
- S6844 Anchor tags should not be used as buttons
- S6846 DOM elements should not use the accesskey property
- S6850 Header elements should have accessible content
- S6851 Images should have a non-redundant alternate description
- S6847 Non-interactive elements shouldn't have event handlers
- S6854 iFrames must have a title
- S6855 Media elements should have captions
- S6845 Non-interactive DOM elements should not have the tabIndex property
- S6849 HTML elements should have a valid language property
- S6848 Non-interactive DOM elements should not have an interactive handler
- S1077 Image, area, button with image and object elements should have an alternative text
- S6852 Elements with an interactive role should support focus
- S6853 Label elements should have a text label and an associated control
Added 5 new rules for React deprecated APIs
- S6788 Disallow usage of findDOMNode
- S6789 Disallow usage of isMounted
- S6790 Disallow using string references
- S6791 Disallow usage of unsafe lifecycle methods
- S1874 Disable older React deprecated APIs
What's Changed
- Add a sanity check for rules that should be mapped by @yassin-kammoun-sonarsource in #4350
- Improve the time complexity of the sanity check for mapped rules by @yassin-kammoun-sonarsource in #4351
- Update license to
LGPL-3.0-onlyby @ilia-kebets-sonarsource in #4354 - Update eslint-plugin-sonarjs to 0.23.0 by @yassin-kammoun-sonarsource in #4358
- Create rule S6788: Disallow usage of findDOMNode (
react/no-find-dom-node) by @vdiez in #4359 - Create rule S6789: Disallow usage of isMounted (
react/no-is-mounted) by @yassin-kammoun-sonarsource in #4361 - Create rule S6790: Disallow using string references by @vdiez in #4360
- Create rule S6791: Disallow usage of unsafe lifecycle methods (
react/no-unsafe) by @yassin-kammoun-sonarsource in #4362 - Create rule S6841 (
jsx-a11y/tabindex-no-positive):tabIndexvalues should be non-positive by @yassin-kammoun-sonarsource in #4365 - Create rule S6842 (
jsx-a11y/no-noninteractive-element-to-interactive-role): Non-interactive DOM elements should not have interactive ARIA roles by @yassin-kammoun-sonarsource in #4366 - Create rule S6840 (
jsx-a11y/autocomplete-valid): DOM elements should use theautocompleteattribute correctly by @yassin-kammoun-sonarsource in #4364 - Create rule S6843 (
jsx-a11y/no-interactive-element-to-noninteractive -role): Interactive DOM elements should not have non-interactive ARIA roles by @yassin-kammoun-sonarsource in #4369 - Load
package.jsonon init-linter by @vdiez in #4363 - Create rule S6844 (
jsx-a11y/anchor-is-valid): Anchor tags should not be used as buttons by @saberduck in #4373 - Add rule S6845 (
jsx-a11y/no-noninteractive-tabindex): Non-interactive DOM elements should not have thetabIndexproperty by @ilia-kebets-sonarsource in #4374 - Create rule S6846 (
jsx-a11y/no-access-key): DOM elements should not use theaccesskeyproperty by @yassin-kammoun-sonarsource in #4372 - Modify S4328: Use new
package.jsonshared methods by @vdiez in #4377 - Add rule S6849 (
jsx-a11y/html-has-lang) and (jsx-a11y/lang): HTML elements should have a valid language property by @ilia-kebets-sonarsource in #4387 - Add rule S6848 (
jsx-a11y/no-static-element-interactions): Non-interactive DOM elements should not have an interactive handler by @yassin-kammoun-sonarsource in #4385 - Add
mergeRules()example to DEV.md by @ilia-kebets-sonarsource in #4389 - Modify S1874: Merge with
react/no-deprecatedby @vdiez in #4371 - Create rule S6850 (
jsx-a11y/heading-has-content): Header elements should have accessible content by @yassin-kammoun-sonarsource in #4390 - BUILD-4131 use GitHub token from vault instead of sonartech api token by @sebastienvermeille in #4386
- Add rule S1077 (
jsx-a11y/alt-text): Image, area, button with image and object elements should have an alternative text by @ilia-kebets-sonarsource in #4391 - Improve S1874 (
deprecation): Remove references from Reactno-deprecatedmessages by @vdiez in #4392 - Create rule S6851 (
jsx-a11y/img-redundant-alt): Images should have a non-redundant alternate description by @yassin-kammoun-sonarsource in #4394 - Improve S6849 (
html-has-lang): raise issue onhtmltag name instead of whole<html ...>tag if thelangattribute is missing by @ilia-kebets-sonarsource in #4395 - Create rule S6847 (
jsx-a11y/no-noninteractive-element-interactions): Non-interactive elements shouldn't have event handlers by @saberduck in #4388 - Add rule S6852 (
jsx-a11y/interactive-supports-focus): Elements with an interactive role should support focus by @saberduck in #4397 - Fix message in S6844 by @saberduck in #4398
- Create rule S6854 (
jsx-a11y/iframe-has-title): iFrames must have a title by @yassin-kammoun-sonarsource in #4399 - Create rule S6855 (
jsx-a11y/media-has-caption): Media elements should have captions by @yassin-kammoun-sonarsource in #4404 - Add rule S6853 (
jsx-a11y/label-has-associated-control): Label elements should have a text label and an associated control by @ilia-kebets-sonarsource in #4396 - Improve S1077 (
alt-text): Report on the name of the opening element by @ilia-kebets-sonarsource in #4407 - Improve S6853 (
label-has-associated-control): Report on the name of the opening element by @ilia-kebets-sonarsource in #4408 - Improve S6855 (
media-has-caption): Report on the name of the opening element by @yassin-kammoun-sonarsource in #4406 - Add script to count rules for README by @ilia-kebets-sonarsource in #4409
This release will be part of SonarQube 10.4
https://github.com/SonarSource/SonarJS/milestone/82?closed=1
Contributors
saberduck, sebastienvermeille, and 3 other contributors
Assets 2
10.9.0
What's Changed
- Add support for Sass syntax by @yassin-kammoun-sonarsource in #4306
- Tag RSPECs of JS/TS rules relying on type information by @yassin-kammoun-sonarsource in #4309
- Create rule S6836: "case" and "default" clauses should not contain lexical declarations by @yassin-kammoun-sonarsource in #4312
- Improve logging of JavaScript files type-checking in SonarLint context by @yassin-kammoun-sonarsource in #4311
- Improve S6544 (
no-misused-promises): Report on the function's main token by @yassin-kammoun-sonarsource in #4313 - Only accept supported web languages for CSS analysis (and activate SASS by default) by @ilia-kebets-sonarsource in #4308
- Optimize plugin download on SonarCloud by @saberduck in #4314
- Ignore file size limits for CSS by @ilia-kebets-sonarsource in #4316
- Fix project size calculation for JavaScript type-checking in SonarLint context by @yassin-kammoun-sonarsource in #4317
- Fix FP S3800 (
function-return-type): Make the exception of returning at least onethisinstead of allthisby @ilia-kebets-sonarsource in #4320 - Fix FP S138 (
sonar-max-lines-per-function): Ignore React Functional Components implemented as arrow function by @ilia-kebets-sonarsource in #4318 - Fix FP S4662 (
at-rule-no-unknown): Ignore "@contain" by default by @yassin-kammoun-sonarsource in #4319 - Improve S6478 (
no-unstable-nested-components): Replace message and refine location by @yassin-kammoun-sonarsource in #4323 - Fix FP S4023 (
no-empty-interface): Ignore when extending external interfaces by @yassin-kammoun-sonarsource in #4326 - New implementation of S109
sonar-no-magic-numbersby @saberduck in #4324 - Improve S4156 (
prefer-namespace-keyword): Report on the "module" keyword by @yassin-kammoun-sonarsource in #4329 - Deprecate Node.js 16 by @saberduck in #4325
- Improve S5869 (
duplicates-in-character-class): Mention character class escapes by @yassin-kammoun-sonarsource in #4331 - Fix FP S2699 (
assertions-in-tests): add support forvitestlibrary by @ilia-kebets-sonarsource in #4335 - Upgrade embedded Node.js runtime to 20.9.0 by @ilia-kebets-sonarsource in #4333
- Fix regex-related rules: Skip issues with inconsistent locations by @vdiez in #4337
- Create rule CSS:S125: Sections of code should not be commented out by @yassin-kammoun-sonarsource in #4338
- Update eslint-plugin-sonarjs to v0.22.0 by @vdiez in #4347
This release will be part of SonarQube 10.3
Milestone: https://github.com/SonarSource/SonarJS/milestone/81?closed=1
Contributors
saberduck, contain, and 3 other contributors
Assets 2
10.8.0
What's Changed
MMF-2996: First-class React: Accessibility (part 1 of 2)
- Add rule S1082 (
mouse-events-a11y): Mouse events should have corresponding keyboard events (#4301) by @saberduck - Modify rule S6747 (
no-unknown-property): addjsx-a11y/aria-propsby @ilia-kebets-sonarsource - Add rule S6793 (
jsx-a11y/aria-proptypes): ARIA properties in DOM elements should have valid values (#4265) by @ilia-kebets-sonarsource - Add rule S6807 (jsx-a11y/role-has-required-aria-props): DOM elements with ARIA roles should have the required properties by @alexander-kamushkin-sonarsource
- Add rule S6811 (
jsx-a11y/role-supports-aria-props): DOM elements with ARIA role should only have supported properties (#4264) by @alexander-kamushkin-sonarsource - Add rule S6819 (
jsx-a11y/prefer-tag-over-role): Prefer tag over ARIA role (#4267) by @alexander-kamushkin-sonarsource - Add rule S6821 (
jsx-a11y/aria-role): DOM elements with ARIA roles should have a valid non-abstract role (#4268) by @ilia-kebets-sonarsource - Add rule S6822 (
jsx-a11y/no-redundant-roles): No redundant ARIA role (#4270) by @alexander-kamushkin-sonarsource - Add rule S6823 (
jsx-a11y/aria-activedescendant-has-tabindex): DOM elements with thearia-activedescendantproperty should be accessible via the tab key (#4277) by @ilia-kebets-sonarsource - Add rule S6824 (
jsx-a11y/aria-unsupported-elements): No ARIA role or property for unsupported DOM elements (#4275) by @ilia-kebets-sonarsource - Add rule S6825 (
jsx-a11y/no-aria-hidden-on-focusable): Focusable elements should not havearia-hiddenattribute (#4292) by @alexander-kamushkin-sonarsource - Add rule S6827 (
jsx-a11y/anchor-has-content): Anchors should contain accessible content (#4296) by @ilia-kebets-sonarsource
MMF-3393: Better diagnostics of memory issues
- Log memory configuration when bridge starts (#4263) by @saberduck
- Delegate analysis-related HTTP requests to a worker thread (#4261) by @yassin-kammoun-sonarsource
- Improve message when running in Docker (#4269) by @saberduck
- Handle out-of-memory errors in the worker thread (#4273) by @yassin-kammoun-sonarsource
- Improve reporting of memory size in docker env (#4274) by @saberduck
- Report heap usage status with sonar.javascript.node.debugMemory (#4294 by @saberduck
Miscellaneous
- Move css rule to a separate folder (#4201) by @alexander-kamushkin-sonarsource
- Refactor npm scripts (#4203) by @ilia-kebets-sonarsource
- Add sanity check on adding a new rule property (#4222) by @yassin-kammoun-sonarsource
- Clean up Git submodules and ruling tests (#4224, #4252) by @victor-diez-sonarsource
- Fix unescaped regexp chars and remove SQ exclusion (#4257) by @alexander-kamushkin-sonarsource
- Update babel to 7.23.2 to fix babel/traverse vulnerability (#4298) by @alexander-kamushkin-sonarsource
This release will be part of SonarQube 10.3
Full Changelog: 10.7.0.22914...10.8.0.24207
Contributors
saberduck, yassin-kammoun-sonarsource, and 3 other contributors
Assets 2
10.7.0
What's Changed
- Add rule S6746 (
react/no-direct-mutation-state): In Reactthis.stateshould not be mutated directly by @alexander-kamushkin-sonarsource in #4145 - Add rule S6747 (
no-unknown-property): JSX elements should not use unknown properties and attributes by @yassin-kammoun-sonarsource in #4146 - Add rule S6749 (
jsx-no-useless-fragment): Redundant React fragments should be removed by @yassin-kammoun-sonarsource in #4147 - Create rule S6748 (
react/no-children-prop): Reactchildrenshould not be passed as prop by @alexander-kamushkin-sonarsource in #4149 - Add rule S6750 (
no-render-return-value): The return value of "ReactDOM.render" should not be used by @yassin-kammoun-sonarsource in #4148 - Add rule S6756 (
no-access-state-in-setstate): "setState" should use a callback when referencing the previous state by @yassin-kammoun-sonarsource in #4154 - Add rule S6754 (
hook-use-state): The return value of "useState" should be destructured and named symmetrically by @yassin-kammoun-sonarsource in #4152 - Create rule S6757 (
react/no-this-in-sfc):thisshould not be used in functional components by @alexander-kamushkin-sonarsource in #4155 - Add rule S6759 (
prefer-read-only-props): React props should be read-only by @yassin-kammoun-sonarsource in #4157 - Add rule S6763 (
no-redundant-should-component-update): "shouldComponentUpdate" should not be defined when extending "React.PureComponent" by @yassin-kammoun-sonarsource in #4160 - Add rule S6761 (
react/no-danger-with-children):childrenanddangerouslySetInnerHTMLshould not be used together by @alexander-kamushkin-sonarsource in #4163 - Add rule S6767 (
no-unused-prop-types): Unused React typed props should be removed by @yassin-kammoun-sonarsource in #4165 - Add rule S6766 (
react/no-unescaped-entities): JSX special characters should be escaped by @alexander-kamushkin-sonarsource in #4166 - Add rule S6770 (
jsx-pascal-case): User-defined JSX components should use Pascal case by @yassin-kammoun-sonarsource in #4169 - Add rule S6772 (
react/jsx-child-element-spacing): Spacing between inline elements should be explicit by @alexander-kamushkin-sonarsource in #4171 - Add rule S6775 (
react/default-props-match-prop-types): All defaultProps should have non-required PropType by @alexander-kamushkin-sonarsource in #4176 - Add rule S6774 (
prop-types): React components should validate prop types by @yassin-kammoun-sonarsource in #4174 - Fix FP S6766 (
react/no-unescaped-entities): Remove'and"from the list of forbidden entitiles by @alexander-kamushkin-sonarsource in #4181 - Fix FP S6759 (
prefer-read-only-props): Restrict the scope to functional components by @yassin-kammoun-sonarsource in #4182 - Fix windows build issues by @alexander-kamushkin-sonarsource in #4189
- [MMF-2861] Embed Node.js runtime in analyzer by @saberduck in #4150
- Fix FP S6749 (
jsx-no-useless-fragment): Ignore empty React fragments by @yassin-kammoun-sonarsource in #4193 - Bundled Node.js runtime: add MacOS x64 support by @ilia-kebets-sonarsource in #4194
New Contributors
- @david-cho-lerat-sonarsource made their first contribution in #4177
This release will be part of SonarQube 10.3
Full Changelog: 10.6.0.22520...10.7.0.22914
Contributors
saberduck, yassin-kammoun-sonarsource, and 3 other contributors
Assets 2
10.6.0
What's Changed
- prepare next development iteration: 10.6.0 by @ilia-kebets-sonarsource in #4093
- Remove unused code by @victor-diez-sonarsource in #4087
- Avoid circular dependencies between packages by @victor-diez-sonarsource in #4097
- Add quick fix for S6326: Regular expressions should not contain multiple spaces by @yassin-kammoun-sonarsource in #4096
- Allow comment-based fixtures to be named
*.fixture.<ext>instead ofcb.fixture.<ext>by @yassin-kammoun-sonarsource in #4099 - Improve S5689: Use different messages if sensitive header is set explicitely or by default by @ilia-kebets-sonarsource in #4100
- Fix Babel fallback for JS files by @victor-diez-sonarsource in #4088
- Allow Stylelint imports for projects without CSS files by @victor-diez-sonarsource in #4102
- Improve S2699 (
assertions-in-tests): Support Sinon.JS assertion statements by @ilia-kebets-sonarsource in #4095 - Allow having duplications when importing issues by @victor-diez-sonarsource in #4101
- Improve S2068: Ignore linted files from l10n folders by @yassin-kammoun-sonarsource in #4104
- Remove S2814 (
no-redeclare) for TypeScript by @ilia-kebets-sonarsource in #4098 - Fix S6535 (unnecessary-character-escapes): Disambiguate conflicting message ids by @yassin-kammoun-sonarsource in #4108
- Log the filename for which an issue is saved by @yassin-kammoun-sonarsource in #4111
- Fix S2699 (
assertions-in-tests): infinite loop by @ilia-kebets-sonarsource in #4119 - Update metadata for the external rules by @alexander-kamushkin-sonarsource in #4107
- Rename remaining ESLint bridge-related components by @yassin-kammoun-sonarsource in #4121
- Add Node.js 20 as a possible recommended version by @yassin-kammoun-sonarsource in #4110
- Improve S1874 (
deprecation): Report deprecations from TypeScript compiler by @yassin-kammoun-sonarsource in #4122 - Change run-node error message when Node.js is not found by @victor-diez-sonarsource in #4112
- Fix FP S4123 (
no-invalid-await): Improve thenable type detection by @yassin-kammoun-sonarsource in #4123 - Update metadata by @yassin-kammoun-sonarsource in #4124
Full Changelog: 10.5.1.22382...10.6.0.22520
Part of SonarQube 10.3
Contributors
yassin-kammoun-sonarsource, ilia-kebets-sonarsource, and 2 other contributors
Assets 2
10.5.1
Small fix release, because we forgot to include the eslint-plugin-sonarjs update in 10.5.0
milestone: https://github.com/SonarSource/SonarJS/milestone/78?closed=1
This release will be part of SonarQube 10.2
10.5.0
milestone: https://github.com/SonarSource/SonarJS/milestone/76?closed=1
This release will be part of SonarQube 10.2
10.4.0
What's Changed
- Prepare next development iteration by @saberduck in #4023
- Add rule S6653 (
prefer-object-has-own): Use Object.hasOwn static method instead of hasOwnProperty by @alexander-kamushkin-sonarsource in #4018 - Add rule S6660 (
no-lonely-if):Ifstatements should not be the only statement inelseblocks by @alexander-kamushkin-sonarsource in #4022 - Upgrade sonar-lits-plugin to 0.11.0.2659 by @Godin in #4017
- Add rule S6661 (
prefer-object-spread): Object spread syntax should be used instead ofObject.assignby @alexander-kamushkin-sonarsource in #4024 - Update ruling results formatting due to sonar-lits-plugin change by @alexander-kamushkin-sonarsource in #4026
- Add rule S6666 (
prefer-spread): Spread syntax should be used instead of apply() by @alexander-kamushkin-sonarsource in #4029 - Add rule S6671 (
prefer-promise-reject-errors): Literals should not be used for promise rejection by @alexander-kamushkin-sonarsource in #4030 - Add rule S1199 (
no-lone-block): Nested code blocks should not be used by @alexander-kamushkin-sonarsource in #4032 - Add rule S6676 (
no-useless-call): Calls to .call() and .apply() methods should not be redundant by @alexander-kamushkin-sonarsource in #4033 - Add rule S1068 (
no-unused-private-class-members): Unused private class members should be removed by @alexander-kamushkin-sonarsource in #4034 - Update "submit review" and "request review" actions to work for projectsV2 by @ilia-kebets-sonarsource in #4012
- Update S1523 (
code-eval): merge ESLintno-script-urlby @alexander-kamushkin-sonarsource in #4037 - Add rule S6679 (
no-self-compare):Number.isNaN()should be used to check forNaNvalue by @alexander-kamushkin-sonarsource in #4040 - Update rule descriptions after migration to LAYC by @victor-diez-sonarsource in #4041
- Actions point to production branch by @ilia-kebets-sonarsource in #4039
- Update S1192 (
no-duplicate-string): AddignoreStringsrule property by @yassin-kammoun-sonarsource in #3959 - Update rule metadata by @yassin-kammoun-sonarsource in #4044
Full Changelog: 10.3.2.22047...10.4.0.22160
Part of SonarQube 10.2
Contributors
Godin, saberduck, and 4 other contributors