7.12.0.29739
quentin-jaquier-sonarsource
released this
16 May 12:55
·
743 commits
to master
since this release
Release Notes - SonarJava - Version 7.12
Bug
- [SONARJAVA-4231] - NPE in JType.normalize
New Feature
- [SONARJAVA-2940] - Rule S4968: The upper bound of wildcard parameterized types should not be "final"
- [SONARJAVA-4149] - Rule S6326: Regular expressions should not contain multiple spaces
- [SONARJAVA-4150] - Rule S6396: Superfluous curly brace quantifiers should be avoided
- [SONARJAVA-4151] - Rule S6353: Regular expression quantifiers and character classes should be used concisely
- [SONARJAVA-4152] - Rule S6397: Character classes in regular expressions should not contain only one character
- [SONARJAVA-4154] - Rule S6331: Regular expressions should not contain empty groups
- [SONARJAVA-4170] - Rule S6395: Non-capturing groups without quantifier should not be used
- [SONARJAVA-4173] - Rule S6411 Types used as keys in Maps should implement Comparable
- [SONARJAVA-4209] - Introduce caching capabilities for Java rules
- [SONARJAVA-4222] - Rule S6418: Hard-coded secrets are security-sensitive
- [SONARJAVA-4223] - S5693: Remove requirement to re-parse files on each PR analysis
- [SONARJAVA-4224] - S4605: Remove requirement to re-parse files on each PR analysis
- [SONARJAVA-4225] - S1228: Remove requirement to re-parse files on each PR analysis
- [SONARJAVA-4226] - S4032: Remove requirement to re-parse files on each PR analysis
Task
- [SONARJAVA-4214] - Compiler flag "enablePreviewFeatures" should be enable for java version >= maximum supported version
- [SONARJAVA-4218] - Stop ignoring S2789 unit test related to javax.annotation.meta.When.NEVER
- [SONARJAVA-4236] - Rely on released version of Analyzer Commons
- [SONARJAVA-4245] - Extract ModuleScannerContext out InputFileScannerContext
- [SONARJAVA-4246] - Expose the EndOfAnalysis interface as part of the plugin API
- [SONARJAVA-4248] - Inroduce the notion of a module key that can be utilized by checks
- [SONARJAVA-4249] - Rely on Analyzer Commons for regex helper classes
- [SONARJAVA-4253] - Update rules metadata
Improvement
- [SONARJAVA-3838] - Add support for TimeUnit.sleep() in S2925
- [SONARJAVA-4153] - Refactor S5842 using sonar-analyzer-commons
- [SONARJAVA-4155] - Refactor S5843 using sonar-analyzer-commons
- [SONARJAVA-4156] - Refactor S5850 using sonar-analyzer-commons
- [SONARJAVA-4157] - Refactor S5855 using sonar-analyzer-commons
- [SONARJAVA-4158] - Refactor S5857 using sonar-analyzer-commons
- [SONARJAVA-4159] - Refactor S5867 using sonar-analyzer-commons
- [SONARJAVA-4160] - Refactor S5868 using sonar-analyzer-commons
- [SONARJAVA-4161] - Refactor S5869 using sonar-analyzer-commons
- [SONARJAVA-4162] - Refactor S5994 using sonar-analyzer-commons
- [SONARJAVA-4163] - Refactor S5996 using sonar-analyzer-commons
- [SONARJAVA-4164] - Refactor S6001 using sonar-analyzer-commons
- [SONARJAVA-4165] - Refactor S6002 using sonar-analyzer-commons
- [SONARJAVA-4166] - Refactor S6019 using sonar-analyzer-commons
- [SONARJAVA-4167] - Refactor S6035 using sonar-analyzer-commons
- [SONARJAVA-4188] - S4423 should not report an issue when the version is not set
- [SONARJAVA-4215] - S1943 (default system encoding) should not report an issue for Java >= 18
- [SONARJAVA-4217] - Merge S1158 and S2131
- [SONARJAVA-4228] - S6377: update the issue message
- [SONARJAVA-4230] - Allow client-side disabling of caching
- [SONARJAVA-4234] - Allow caching to be disabled (or enabled) by an overriding analyzer flag
- [SONARJAVA-4235] - Improve SonarJava caching API
- [SONARJAVA-4240] - S5693 stores a single cache entry per file
False-Positive
- [SONARJAVA-4172] - S6206 should not report on non-final classes
- [SONARJAVA-4204] - FP on S1221 when a method is overridden
- [SONARJAVA-4219] - S1121 should not report an issue for assignment in Java 14 switch
- [SONARJAVA-4221] - S6073 should support MockitoHamcrest adapter
- [SONARJAVA-4227] - FP in S2068 and S6418: Secrets and Password should be correctly isolated in string literals
- [SONARJAVA-4229] - FP S6418: Use frequency of character pairs to distinguish randomness
- [SONARJAVA-4232] - S3398 : FP when reaching outer method from another instance
False Negative
- [SONARJAVA-4206] - FN on S3012 in case of do-while loop