Skip to content

Releases: SonarSource/SonarJS

7.2

12 Feb 18:07
@saberduck saberduck
7.2.0.14938
8f58cd7
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
7.2

Support TS 4.1

Assets 2
Loading

7.1

22 Dec 12:04
@saberduck saberduck
7.1.0.14721
de12795
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
7.1 
7.1.0.14721

Update Jest (#2446)
Assets 2
Loading

7.0.1

08 Dec 18:52
@saberduck saberduck
7.0.1.14561
1f9a0b8
Compare
Choose a tag to compare
7.0.1

Revert custom rule API removal

Assets 2
Loading

7.0.0

04 Dec 15:58
@saberduck saberduck
7.0.0.14528
273b54b
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
7.0.0

All rules rely on TypeScript parser.

Assets 2
Loading

6.7.0.14237

12 Nov 14:16
@saberduck saberduck
6.7.0.14237
61aa15d
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
6.7.0.14237 
Update rule metadata (#2346)
Assets 2
Loading

6.6.0.13923

22 Oct 13:55
@saberduck saberduck
6.6.0.13923
27505f0
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
6.6.0.13923

Many new rules related to cryptography (see MMF-1894 ) and many rules migrated to ESLint parser

Assets 2
Loading

6.5.0.13383

28 Sep 07:59
@saberduck saberduck
6.5.0.13383
5718261
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
6.5.0.13383 
Update rule metadata (#2175)
Assets 2
Loading

SonarJS 6.2.2

23 Sep 12:59
@yassin-kammoun-sonarsource yassin-kammoun-sonarsource
6.2.2.13315
89eaee7
Compare
Choose a tag to compare
SonarJS 6.2.2

Bugfix release:

  • Fix potential security vulnerability where eslint-bridge component opens http server on all local interface (0.0.0.0) (SSF-122)
Assets 3
Loading

SonarJS 6.4.1

25 Aug 16:21
@andrey-tyukin-sonarsource andrey-tyukin-sonarsource
6.4.1.12828
f53e6e4
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
SonarJS 6.4.1

Bugfix release:

  • Filtering out huge files is now applied only to JS/TS.
Assets 2
Loading

SonarJS 6.4

24 Aug 11:14
@andrey-tyukin-sonarsource andrey-tyukin-sonarsource
6.4.0.12803
3024015
Compare
Choose a tag to compare
SonarJS 6.4

New rules:

  • S2598: File uploads should be restricted (formidable)
  • S4502: Disabling CSRF protection is security-sensitive
  • S4507: Delivering code in production with debug features activated is security-sensitive
  • S5689: Recovering fingerprints from web application technologies should not be possible
  • S5691: Statically serving hidden files is security-sensitive
  • S5693: Allowing requests with excessive content length is security-sensitive

Improved rules:

  • S5122: now raised only when permissive CORS policy is obvious; Support for cors middleware.

Deprecated rules:

Changes in the requirements:

  • The plugin now requires Node.js 10
  • The plugin no longer relies on user-provided TypeScript: TypeScript is now shipped with the analyzer.
  • Support for solution-style tsconfigs
  • Very large files are now excluded from analysis by default (property sonar.javascript.maxFileSize controls the threshold)
Assets 2
Loading