Releases: SonarSource/sonar-php
Releases · SonarSource/sonar-php
3.22.1.8626
Bug
- [SONARPHP-1269] - CFG building should not fail when enum is encountered
3.22.0.8482
Bug
- [SONARPHP-1262] - PHPStan report import should not fail on paths with class context
New Feature
- [SONARPHP-1251] - Parser should support Enums
- [SONARPHP-1252] - Parser should support `new` in initializers
- [SONARPHP-1253] - Parser should support readonly properties
- [SONARPHP-1254] - Parser should support first-class callable syntax
- [SONARPHP-1255] - Parser should support pure intersection types
- [SONARPHP-1256] - Parser should support explicit octal integer literal notation
- [SONARPHP-1260] - Parser should support final class constants
- [SONARPHP-1264] - S1144 UnusedPrivateMethodCheck should raise on enum private and protected methods
- [SONARPHP-1265] - Parser should allow enums as inner statements
Improvement
- [SONARPHP-1261] - Move to Java 11
3.21.2.8292
Bug
- [SONARPHP-1250] - Secondary locations for regex rules are not present in UI
False-Positive
- [SONARPHP-1249] - Regex parser should not raise error on syntactical correct expression
3.21.1.8250
Bug
- [SONARPHP-1240] - Regex parser should support PHP PCRE named groups syntax
- [SONARPHP-1241] - Regex parser should support PHP PCRE backreferences syntax
3.21.0.8193
New Feature
- [SONARPHP-1185] - Rule S5850: Alternatives in regular expressions should be grouped when used with anchors
- [SONARPHP-1188] - Rule S6019: Reluctant quantifiers in regular expressions should be followed by an expression that can't match the empty string
- [SONARPHP-1192] - Rule S5867: Unicode-aware versions of character classes should be preferred
- [SONARPHP-1193] - Rule S6001: Back references in regular expressions should only refer to capturing groups that are matched before the reference
- [SONARPHP-1198] - Rule S5857: Character classes should be preferred over reluctant quantifiers in regular expressions
- [SONARPHP-1200] - Rule S6002: Regex lookahead assertions should not be contradictory
- [SONARPHP-1201] - Rule S5843: Regular expressions should not be too complicated
- [SONARPHP-1204] - Rule S5856: Regular expressions should be syntactically valid
3.20.0.8080
New Feature
- [SONARPHP-1180] - Add PCRE recursion feature to regex parser
- [SONARPHP-1189] - Rule S6035: Single-character alternations in regular expressions should be replaced with character classes
- [SONARPHP-1190] - Rule S5996: Regex boundaries should not be used in a way that can never be matched
- [SONARPHP-1191] - Rule S5855: Regex alternatives should not be redundant
- [SONARPHP-1194] - Rule S5868: Unicode Grapheme Clusters should be avoided inside regex character classes
- [SONARPHP-1196] - Rule S5869: Character classes in regular expressions should not contain the same character twice
- [SONARPHP-1199] - Rule S5994: Regex patterns following a possessive quantifier should not always fail
- [SONARPHP-1202] - Rule S5842: Regex repetition pattern's body should not match the empty String
- [SONARPHP-1203] - Rule S5361: `str_replace` should be preferred to `preg_replace`
Task
- [SONARPHP-1216] - Collect statistics to recognize and identify time consumers
Improvement
- [SONARPHP-1182] - Parse regex flags after delimiter
- [SONARPHP-1183] - Add PCRE conditional subpatterns feature to regex parser
- [SONARPHP-1209] - Parser should match PHP POSIX style expressions
- [SONARPHP-1220] - Map regex character location to location in files
- [SONARPHP-1227] - Fix location of characters when using escape sequences
- [SONARPHP-1229] - Handle whitespaces before delimiter
- [SONARPHP-1230] - S5361: Add secondary location on regex pattern
False-Positive
- [SONARPHP-1219] - S1808 NamespaceAndUseStatementCheck does not consider group use statements
- [SONARPHP-1234] - Rule S4792: Invalid exceptions for error_reporting
3.19.0
New Feature
- [SONARPHP-1179] - Rule S6339: Secret keys and salt values should be robust
- [SONARPHP-1206] - Rule S6341: WordPress theme and plugin editors are security-sensitive
- [SONARPHP-1207] - Rule S6342: Allowing themes and plugins to be managed in WordPress admin area is security-sensitive
- [SONARPHP-1208] - Rule S6343: Disabling automatic updates is security-sensitive
- [SONARPHP-1210] - Rule S6344: Constants should not be redefined
- [SONARPHP-1211] - Rule S6345: Allowing all external requests from a WordPress server is security-sensitive
- [SONARPHP-1212] - Rule S6346: Allowing unauthenticated database repair in WordPress is security-sensitive
- [SONARPHP-1213] - Rule S6347: WordPress options should not be defined at the end of "wp-config.php"
- [SONARPHP-1214] - Rule S6348: Allowing unfiltered HTML content in WordPress is security-sensitive
- [SONARPHP-1215] - Rule S6349: WordPress option names should not be misspelled
Improvement
- [SONARPHP-1176] - WordPress: S4507 should consider WP_DEBUG option
- [SONARPHP-1177] - WordPress: S5332 should consider FORCE_SSL_ADMIN and FORCE_SSL_LOGIN options
3.18.0.7718
Bug
- [SONARPHP-1151] - LoopExecutingAtMostOnceCheck crashes on loop inside "declare" statement
- [SONARPHP-1152] - NullPointerException in S4824 UnsetForeachReferenceVariableCheck
- [SONARPHP-1156] - Symbols should be created for the right hand side of constant declarations
- [SONARPHP-1171] - Empty method check fails when JVM's default locale uses Eastern Arabic digits
New Feature
- [SONARPHP-1154] - SonarPHP should load external PHPStan JSON reports
- [SONARPHP-1155] - SonarPHP should load external Psalm reports
Improvement
- [SONARPHP-1175] - Collect errors when importing reports and display them in UI
3.17.0.7439
Bug
- [SONARPHP-1120] - [S1121] Fix rule description
Improvement
- [SONARPHP-812] - [S1313] Detect IPv6 addresses only at the beginning of strings
False-Positive
- [SONARPHP-1140] - [S1488] False Positives when Assigned Value Depends on the Variable Itself
3.16.0.7320
Task
- [SONARPHP-1139] - Drop dependency on commons-io