Β« Changelog History


SonarJava v6.6.0.22815 Release Notes

Release Date: 2020-07-20 // almost 4 years ago

  • πŸš€ Release Notes - SonarJava - Version 6.6

    πŸ› Bug

    • [SONARJAVA-3382] - Computing method behavior for Java 14 methods fails
    • [SONARJAVA-3448] - IndexOutOfBoundsException on S5863 when "containsX" is called without argument.
    • [SONARJAVA-3452] - Analysis fails when transpiling JSP with jar stripped of code
    • [SONARJAVA-3453] - JSP files shouldn't be analyzed for SQ < 8.3

    πŸ†• New Feature

    • πŸ‘ [SONARJAVA-3286] - Support Java 14
    • πŸ”’ [SONARJAVA-3404] - Rule S5852: Using slow regular expressions is security-sensitive
    • [SONARJAVA-3412] - Rule S5840: Regex patterns and their sub-patterns should not always fail
    • [SONARJAVA-3413] - Rule S5842: Regex repetition pattern's body should not match the empty String
    • [SONARJAVA-3415] - Rule S5843: Regular expressions should not be too complicated
    • βœ… [SONARJAVA-3416] - Rule S5846: Empty lines should not be tested with regex MULTILINE flag
    • [SONARJAVA-3417] - Rule S5850: Alternatives in regular expressions should be grouped when used with anchors
    • [SONARJAVA-3419] - Rule S5854: Regex containing characters subjects to normalization should use the CANON_EQ flag
    • [SONARJAVA-3420] - Rule S5856: Regular expressions should be syntactically valid
    • [SONARJAVA-3421] - Rule S5857: Regular expressions character classes should be preferred over non-greedy quantifiers
    • [SONARJAVA-3422] - Rule S5860: Names of regular expressions named groups should be used
    • [SONARJAVA-3423] - Rule S5866: Case insensitive Unicode regular expressions should enable the β€œUNICODE_CASE” flag
    • [SONARJAVA-3424] - Rule S5867: Unicode-aware versions of character classes should be preferred
    • πŸ“œ [SONARJAVA-3425] - Create a dedicated regex parser to allow implementation of java rules targeting regex
    • [SONARJAVA-3426] - Rule S5868: Unicode Grapheme Clusters should be avoided inside regex character classes
    • [SONARJAVA-3427] - Rule S5869: Character classes in regular expressions should not contain the same character twice

    Task

    πŸ‘Œ Improvement

    • βœ… [SONARJAVA-2163] - S2187 support detecting of test class without tests for classes matched by maven-surefire and gradle
    • [SONARJAVA-3049] - Resolve semantic for switch expression
    • ⚑️ [SONARJAVA-3270] - Update ASM to 8.0.1 for Java 14 support
    • ⬆️ [SONARJAVA-3332] - Upgrade ECJ to 3.22.0 for Java 14 support
    • [SONARJAVA-3434] - S5542: add a secondary location to the insecure cypher declaration
    • πŸ’… [SONARJAVA-3460] - S3457, S2275: Rework printf-style format rules

    False-Positive

    • [SONARJAVA-3237] - S1142 should be ignored in equals methods
    • 🚚 [SONARJAVA-3254] - S3398 Should not suggest to move static method to non-static inner
    • πŸ‘ [SONARJAVA-3304] - FP in S2201: support new switch expression
    • [SONARJAVA-3368] - FP in S4276: interfaces with generic wildcard types can't be specialized
    • πŸ“¦ [SONARJAVA-3369] - FP S1228 (PackageInfoCheck) when there are several source directories
    • [SONARJAVA-3370] - FP S5411 (BoxedBooleanExpressionsCheck) on method invocation having @NotNull
    • [SONARJAVA-3377] - Avoid FP for Google AutoValue classes
    • [SONARJAVA-3379] - FP in S4248 for Pattern in a class annotated with Lombok @UtilityClass
    • [SONARJAVA-3418] - S2275: FP when passing a Throwable as last argument
    • [SONARJAVA-3437] - FP in S2325 due to Lombok "@UtilityClass"
    • 0️⃣ [SONARJAVA-3449] - FP on S2141 when equals() without default implementation is defined in an interface
    • [SONARJAVA-3450] - FP on S3973 on valid generated equals methods from IntelliJ
    • [SONARJAVA-3454] - FP in S2970 when "assertThatThrownBy" is used alone
    • [SONARJAVA-3456] - Don't raise S2160 when extending class overriding equals using an abstract definition
    • [SONARJAVA-3461] - FP in S5838: simplification with "isEqualTo" can not always be made on Object assertions
    • [SONARJAVA-3465] - FPs and FNs related to quoting characters in regular expressions

    False Negative

    • [SONARJAVA-3400] - FN in S2885(StaticMultithreadedUnsafeFieldsCheck) for DateFormat.getDateInstance()
    • πŸ‘» [SONARJAVA-3403] - FN in S4970: support unrelated Exception
    • πŸ‘ [SONARJAVA-3440] - FN in S1194: Support extending sub-classes of Error
    • [SONARJAVA-3455] - FN in S2111 for boxed Double and Float
    • [SONARJAVA-3457] - FN in S5361 when using backslashes
    • [SONARJAVA-3459] - FN on S1128 (UselessImportCheck) when comments contain the class name within a word