10.3.2

Bugfix release to fix performance regression on projects with many tsconfig.json files.

10.3.1

milestone: https://github.com/SonarSource/SonarJS/milestone/74?closed=1

10.3.0

milestone: https://github.com/SonarSource/SonarJS/milestone/72?closed=1

This brings 5 new and 7 improved rules for core JavaScript and TypeScript features.
Also, analysis now works with all TypeScript 5 code and compiler options.

The updates are available in SonarCloud, and will be included in SonarQube 10.1, and in the next release of SonarLint.

New rules

1. S6643: Prototypes of builtin objects should not be modified
2. S6638 (no-constant-binary-expression) Binary expressions should not always return the same value
3. S6637 (no-extra-bind): Unnecessary calls to .bind() should not be used
4. S6635 (no-constructor-return) Constructors should not return values
5. S2430 (new-cap) Constructor names should start with an uppercase letter

Improved rules

1. S3796 (array-callback-without-return): cover new array functions, typed arrays and bracket notation
2. S1528 (array-constructor): add quickfix
3. S4043 (no-misleading-array-reverse) to suggest using toReversed or toSorted
4. S4622 (max-union-size): Ignore unions used with utility types
5. S1128 (unused-import): Support usage in JSDoc comments
6. S1128 (unused-import): Ignore imported symbols used as Vue.js directives
7. S6544 (no-misused-promises): Don't flag Promise-returning function provided to attribute where a void return was expected in JSX attributes. Also do not flag not awaited, resolved or error-handled promises.

Rule descriptions

300+ small fixes to rule descriptions where there were small inconsistencies in casing, titles, etc.

10.2.0

https://github.com/SonarSource/SonarJS/milestone/71?closed=1

This will be released in SonarQube 10.1

New rules

1. Add rule S6606: Nullish coalescing should be preferred
2. Add rule S6598: Function types should be preferred
3. Add rule S6594: "RegExp.exec()" should be preferred over "String.match()"
4. Add rule S6583: Enum members should not mix value types
5. Add rule S6590: "as const" assertions should be preferred
6. Add rule S6582: Optional chaining should be preferred
7. Add rule S6578: Enum values should be unique
8. Add rule S6572: Enum member values should be either all initialized or none
9. Add rule S6571 (no-redundant-type-constituents): Redundant types should not be used
10. Add rule S2094 (no-empty-class-check): Classes should not be empty
11. Add rule S6565: prefer-return-this-type
12. Add rule S6569: Unnecessary type constraints should be removed
13. Add rule S6568 (no-confusing-non-null-assertion)
14. Add rule S6564: Redundant type aliases should not be used
15. Add rule S6551 (no-base-to-string): Objects and classes converted or coerced to strings should define a "toString()" method
16. Add rule S6557: Ends of strings should be checked with "startsWith()" and "endsWith()"
17. Add rule S6550 (prefer-literal-enum-member): All enum members should be literals

Improved rules

1. Update S3402 (no-incorrect-string-concat): Consider the addition assignment operator
2. Update rule S6544: add TypeScript/eslint's no-floating-promises rule
3. Update rule S6544: add no-misused-promises cases
4. Update S2871 (no-alphabetical-sort): Cover cases from require-array-sort-compare
5. Update S4139 (no-for-in-array): Cover cases from TypeScript ESLint implementation
6. Fix FP S131 (switch-without-default): Ignore exhaustive switches on unions and enums

10.1.0

What's Changed

This release brings more advanced support for JavaScript built-ins with 8 new rules and 14 improved rules.

• Add 8 new rules: S2486, S2639, S6509, S6522, S6523, S6534, S6535, S6544
• Improve 14 rules: S128, S1121, S1472, S1481, S1534, S1862, S2137, S2138, S3827, S4023, S4275, S4326, S5868, S6324
• Upgrade ESLint to 8.36.0
• Plugin refactoring (new project structure and unification of the JavaScript and TypeScript sensors logic)

Milestone: https://github.com/SonarSource/SonarJS/milestone/69?closed=1

Part of SonarQube 10.0

10.0.1

https://github.com/SonarSource/SonarJS/milestone/70?closed=1

10.0.0

What's Changed

• Analyze JavaScript embedded in HTML by @ilia-kebets-sonarsource and @victor-diez-sonarsource in #3674
• Fix FP S128 (sonar-max-lines-per-function): Improve React functional components detection by @victor-diez-sonarsource in #3679
• Fix FP S5860 (unused-named-groups): Consider accesses via the index syntax by @yassin-kammoun-sonarsource in #3685
• Fix FP S6329 (aws-ec2-rds-dms-public): Consider sensitive RDS DB instance on public subnet only by @yassin-kammoun-sonarsource in #3688
• Fix FN S6265 (aws-s3-bucket-granted-access): Fix BucketDeployment resolving by @yassin-kammoun-sonarsource in #3689
• Fix FN S6249 (aws-s3-bucket-insecure-http): Consider TypeScript import = require() construct by @victor-diez-sonarsource in #3665
• Update S4423 (weak-ssl): Change issue message when omitting tlsSecurityPolicy by @yassin-kammoun-sonarsource in #3687
• Add helper functions searchable documentation by @ilia-kebets-sonarsource in #3506
• Update ESLint dependencies to the latest version by @francoismora in #3682

Full Changelog: 9.13.0.20537...10.0.0.20728

Part of SonarQube 10.0

9.13.0

https://github.com/SonarSource/SonarJS/issues?q=is%3Aclosed+milestone%3A9.13

What's Changed

• Fix FNs caused by node: imports in several rules using getFullyQualifiedName() by @ilia-kebets-sonarsource in #3618
• Fix FP S2424 (no-built-in-override): Remove System from globals by @ilia-kebets-sonarsource in #3620
• Fix FP S6442 (no-hook-setter-in-body): Shouldn't raise when used conditionally by @saberduck in #3622
• Deprecate S2814 (no-redeclare) for TypeScript by @victor-diez-sonarsource in #3635
• Upgrade ESLint, TypeScript, and TypeScript ESLint dependencies by @yassin-kammoun-sonarsource in #3631
• Fix recursion in FQN resolution by @victor-diez-sonarsource in #3642

Full Changelog: 9.12.1.20358...9.13.0.20537

9.12.1

https://github.com/SonarSource/SonarJS/milestone/67?closed=1

9.12.0

In this release:

• We improved the precision of the Cognitive Complexity for JSX by ignoring shorthand such as short-circuit logic.

• We added 6 new rules for detecting performance issues in React:

  • S6477: Mandatory keys in JSX list components
  • S6479: No array index for keys in JSX list components
  • S6486: No uniq values as keys for JSX list components
  • S6480: Disallow .bind() and arrow functions in JSX props
  • S6481: React Context Provider values should not have unstable identities
  • S6478: React components should not be nested

Milestone: https://github.com/SonarSource/SonarJS/issues?q=is%3Aclosed+milestone%3A9.12

Full Changelog: 9.11.1.20218...9.12.0.20319