Skip to content

Releases: SonarSource/sonar-text

2.19.0.4883

29 Nov 12:02
@jonas-wielage-sonarsource jonas-wielage-sonarsource
2.19.0.4883
a2cc861
Compare
Choose a tag to compare
2.19.0.4883 Latest
Latest

Release notes - SonarText - 2.19

False Positive

SONARTEXT-255 S6698: Do not raise on appended variable to reduce rejection rate

SONARTEXT-257 S6736: Resolve high rejection rate

Assets 2
Loading

2.18.0.4866

29 Nov 12:07
@jonas-wielage-sonarsource jonas-wielage-sonarsource
2.18.0.4866
8f9e0a2
Compare
Choose a tag to compare
2.18.0.4866

Release notes - SonarText - 2.18

Bug

SONARTEXT-222 Disable automatic test file detection for SonarLint

SONARTEXT-231 Fix access to the Gradle extension

False Positive

SONARTEXT-284 S6290: Add entropy filtering

SONARTEXT-285 S6335: Exclude a dummy key used in the Google API for Go

SONARTEXT-286 S6697: Refine post filter for variables

SONARTEXT-288 S6703: Add heuristics on test passwords

Improvement

SONARTEXT-233 Provide better logging experience on failed JGit initialization

SONARTEXT-244 Updating to SONAR Source-Available License v1.0 (SSALv1)

Assets 2
Loading

2.5.0.2293

06 Oct 09:21
@jonas-wielage-sonarsource jonas-wielage-sonarsource
2.5.0.2293
2e0145d
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
2.5.0.2293

Release notes - SonarText - 2.5

False-Positive

SONARTEXT-98 Reduce amount of FPs in test files

SONARTEXT-99 S6687 should not raise on env variable

New Feature

SONARTEXT-85 Validate regexes from secret configuration during tests

Improvement

SONARTEXT-69 Use Gradle to build the project

SONARTEXT-77 Record and log time spent on different analysis stages

Assets 2
Loading

2.4.0.2120

25 Sep 10:26
@jonas-wielage-sonarsource jonas-wielage-sonarsource
2.4.0.2120
be566ab
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
2.4.0.2120

Release notes - SonarText - 2.4

Improvement

SONARTEXT-73 Post Filter in Detection should be able to be specified with multiple patterns

SONARTEXT-87 Add 42 new cloud app secrets

Assets 2
Loading

2.3.0.1632

17 Aug 08:27
@jonas-wielage-sonarsource jonas-wielage-sonarsource
2.3.0.1632
66d7052
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
2.3.0.1632

Release notes - SonarText - 2.3

Bug

SONARTEXT-65 Validation of specification files causes DEBUG log pollution

Improvement

SONARTEXT-67 Add 22 new secret types

Assets 2
Loading

2.2.0.1571

07 Aug 11:11
@jonas-wielage-sonarsource jonas-wielage-sonarsource
2.2.0.1571
d3e0606
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
2.2.0.1571

Release notes - SonarText - 2.2

False-Positive

SONARTEXT-8 [S6290] FP on example keys

SONARTEXT-9 [S6338] Prevent raising on well-known authentication keys

New Feature

SONARTEXT-11 Deserialize Configuration File to Model

SONARTEXT-13 Add Specification based Check which is capable of handling all detection logic used in existing rules

SONARTEXT-14 Create a Generator to generate Java classes for every rule

SONARTEXT-15 Migrate existing Secret Rules to new detection specification

SONARTEXT-44 Implement detection logic needed for top 50 secrets specifications

SONARTEXT-45 Allow specifying maximum distance under `matching` -> `context`

SONARTEXT-46 Implement top 50 secrets specification

Improvement

SONARTEXT-47 PreFilter include and reject should support the same functionality

SONARTEXT-55 Prevent raising multiple issues on the same secret

Assets 2
Loading

2.1.0.1163

12 May 12:07
@nils-werner-sonarsource nils-werner-sonarsource
2.1.0.1163
849cef7
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
2.1.0.1163

Release notes - SonarText - 2.1

Bug

SONARTEXT-6 Do not analyze every non binary file in SonarQube or SonarCloud context

Assets 2
Loading

2.0.2.1090

01 Mar 10:26
@nils-werner-sonarsource nils-werner-sonarsource
2.0.2.1090
7eb0263
Compare
Choose a tag to compare
2.0.2.1090

Release notes - SonarText - 2.0.2

Bug

SONARTEXT-6 Do not analyze every non-binary file in SonarQube or SonarCloud context

Assets 2
Loading

2.0.1.611

17 Jan 08:28
@johann-beleites-sonarsource johann-beleites-sonarsource
2.0.1.611
53bfe3a
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
2.0.1.611

Release notes - SonarText - 2.0.1

Bug

SONARTEXT-5 SonarText plugin properties should be categorized "Secrets"

Assets 2
Loading

2.0.0.604

16 Jan 16:23
@nils-werner-sonarsource nils-werner-sonarsource
2.0.0.604
dbd3ce4
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
2.0.0.604

Release notes - SonarText - 2.0

False-Positive

SONARTEXT-3 FP on secret with unexpected character before or after

New Feature

SONARTEXT-1 Import the 7 SonarSecrets rules into SonarText

Assets 2
Loading