Skip to content

Releases: SonarSource/sonar-php

3.40.0.12590

26 Nov 09:20
db80d39
Compare
Choose a tag to compare

Release notes - SonarPHP - 3.40

False Positive

SONARPHP-1535 S1172 should not raise an issue on throwaway variables

Improvement

SONARPHP-1578 Updating to SONAR Source-Available License v1.0 (SSALv1)

3.39.0.12526

18 Nov 09:45
efe6f16
Compare
Choose a tag to compare

Release notes - SonarPHP - 3.39

New Feature

SONARPHP-1369 S6418: Hard-coded secrets are security-sensitive

SONARPHP-1533 Support Disjunctive Normal Form Types (PHP 8.2 feature)

SONARPHP-1543 Support Property hooks (PHP 8.4 feature)

SONARPHP-1544 Support new without parentheses

3.38.0.12239

26 Sep 07:21
279677a
Compare
Choose a tag to compare

Release notes - SonarPHP - 3.38

New Feature

SONARPHP-1017 S5797: Constants should not be used as conditions

Improvement

SONARPHP-1471 Adopt the new Clean Code Taxonomy

3.37.0.12086

13 Aug 11:39
dfdd3a3
Compare
Choose a tag to compare

Release notes - SonarPHP - 3.37

Bug

SONARPHP-1498 Crash (Stack Overflow) when scanning a file from the Drupal project

SONARPHP-1503 PHPstan report is not imported UnsupportedOperationException: null

False-Positive

SONARPHP-1508 S1764 should not report exponent operator "**"

New Feature

SONARPHP-1505 Add STIG metadata support

SONARPHP-1509 Implement a FrameworkDetectionVisitor to identify usage of the Drupal framework

SONARPHP-1512 Allow users to deactive the Drupal Framework detection and adaption of rules

Improvement

SONARPHP-1502 Import of PHPUnit test reports should allow specifying multiple files

SONARPHP-1510 Adapt S100 to change the default pattern based on the identified Framework

SONARPHP-1511 Adapt S1781 to change the behavior based on the identified Framework

SONARPHP-1513 Scanner constructor should be provided a charset directly instead of its name

SONARPHP-1514 S1131 should skip lines with very common last characters

SONARPHP-1516 Analyzer should avoid pattern recompilation

SONARPHP-1517 Remove the usage of `LinkedList` in `IteratorUtils`

3.36.0.11813

18 Jun 11:51
5b885f1
Compare
Choose a tag to compare

Release notes - SonarPHP - 3.36

  • Update rule descriptions

3.35.0.11659

04 Apr 12:12
d830de9
Compare
Choose a tag to compare

Release notes - SonarPHP - 3.35

Bug

SONARPHP-1491 Ensure CPD tokens for readonly property promotion are submitted in the right order

False-Positive

SONARPHP-1381 S905 should not raise issue on string concatenation if separate function is called

SONARPHP-1383 FP S5856 Regex: Expected octal digit, but found '\'

SONARPHP-1390 S5328 should not raise issue in specific case when session id is not user supplied

SONARPHP-1391 S2068 should not raise issue on invalid uri

SONARPHP-1395 S122 should have a clearer message in case of multiple function expressions per line

SONARPHP-1399 S3699 Do not raise issue when method is overridden

SONARPHP-1453 S3415 should not raise an issue when expected is a field of a parameter

SONARPHP-1490 S2201: ignored return value of strtok() should not be reported as an issue

False Negative

SONARPHP-1400 S4423 should raise if sensitive value is assigned into an existing array

Improvement

SONARPHP-1414 S1820 include promoted property in our count of fields

SONARPHP-1415 S107 adapt rule to exclude promoted properties in its count

SONARPHP-1467 S4144 Align logic for top-level functions and class methods

SONARPHP-1480 Deprecate rule S6339

SONARPHP-1486 Deprecate rule S4792

SONARPHP-1495 S1820 should not count constants as fields

3.34.0.11311

14 Nov 16:26
7c1b6f5
Compare
Choose a tag to compare

SonarPHP - 3.34

Improvement

SONARPHP-1468 Use Java 17 to build project

SONARPHP-1477 Support on-demand plugin downloading

3.33.0.11274

26 Oct 08:07
8958388
Compare
Choose a tag to compare

Release notes - SonarPHP - 3.33

  • Update rule descriptions to include Learn as You Code changes

False-Positive

SONARPHP-1476 S1144 should not raise an issue when a magic method is available via a trait

3.32.0.10180

25 Aug 14:08
077f758
Compare
Choose a tag to compare

Release notes - SonarPHP - 3.32

Bug

SONARPHP-1374 Wrong line detected for S1757

SONARPHP-1441 Solve ruling test results due to nondeterministic symbol creation

False-Positive

SONARPHP-1373 S2046 should not raise an issue for a shebang line

SONARPHP-1379 S4144 should not raise an issue when number of parameters or declared return type differ

SONARPHP-1387 S5899 public static methods should not raise issue on test discoverable

SONARPHP-1394 S115 raises issue if namespace is defined in constant

SONARPHP-1396 S5785 assertSame is suggested, but assertTrue will be better

SONARPHP-1397 S125 should not be raised on annotations that follow a comment opener

SONARPHP-1401 S2187 should not raise an issue when there are test methods in a parenting test class

SONARPHP-1407 S1185 should not raise an issue when method input parameters have different type declarations or change in signature visibility

SONARPHP-1408 S1144 should not raise an issue when a private method is called externally via the magic method __call()

SONARPHP-1412 S1848 Allow object creation for format validation when used in try-catch block

SONARPHP-1413 S2187 does not recognize test methods with attributes

SONARPHP-1440 S1144 raises an issue when a private method is used as a first class callable

Improvement

SONARPHP-1366 Get rid of `SetUtils::immutableSetOf`

SONARPHP-1376 Change title of S1200 and add secondary location to clarify detection logic

SONARPHP-1377 S1131 should only highlight the useless trailing whitespace

SONARPHP-1410 S117 allow use of underscore in variables

SONARPHP-1460 S4144 Add exceptions for simple return statements

3.31.0.9993

18 Aug 13:23
b3c3a25
Compare
Choose a tag to compare

Release notes - SonarPHP - 3.31

False-Positive

SONARPHP-1378 S2001 should not raise an issue in case the FQN is not a deprecated function name

SONARPHP-1385 S3415 wrong arguments order in assertInstanceOf

SONARPHP-1386 S3415 wrong arguments order in assertSame($expected, $actual);

SONARPHP-1392 S1451 raises issue when header is included

New Feature

SONARPHP-1411 Support Anonymous readonly classes

SONARPHP-1430 Add support for typehinting class constants

Improvement

SONARPHP-1143 Remove dependency on guava

SONARPHP-1422 Make use of `InputFile::md5Hash()` for Streamlined File Fingerprinting