November 14, 2023
SonarQube for IDE: IntelliJ v10.0
SonarQube for IDE: IntelliJ v10.0 brings additional team benefits when using SonarQube for IDE in connected mode to SonarQube Cloud and SonarQube Server.
Now, with SonarQube Server v10.3, you can open any issue you’re investigating in SonarQube Server directly into the IDE, with just a click of a button, thanks to connected mode. This allows you to leverage SonarQube for IDE’s dataflow navigation, rule descriptions, and quick fixes for efficient issue investigation and resolution.
Plus, when using connected mode to SonarQube Cloud, any issue or status change (e.g. Won’t Fix, False Positive) made in SonarQube Cloud will be instantly synchronized to your IDE, ensuring you can focus on relevant issues.
Also:
- 6 Java rules dedicated to the Spring framework
- 5 Python rules 2 for the Pandas library
- Many new JavaScript and TypeScript rules for React
Lastly, the whole Sonar ecosystem will soon require Java 17 as a minimal runtime to analyze your projects. To satisfy this requirement in SonarQube for IDE: IntelliJ, we’re raising the minimum IDE version to IntelliJ 2022.3.1.
Find more details in our release notes and community announcement.
October 13, 2023
SonarQube for IDE: IntelliJ v9.1
SonarQube for IDE: IntelliJ v9.1 brings a new feature supporting the Sonar Clean as You Code methodology. Plus we have extra rules to detect secrets directly in the IDE, an enhancement to Quick Fixes, and new Python rules for Data Scientists!
SonarQube for IDE is pairing up with SonarQube Server and SonarQube Cloud to deliver the “Focus on new code” feature. Enabled, this empowers you to focus only on issues in your new code (ie code that has been added or changed, according to your new code definition.) Supporting the Sonar Clean as You Code approach, this powerful feature is available when SonarQube for IDE is working together with SonarQube Server or SonarQube Cloud in connected mode. Learn how here.
In addition, we have incorporated 42 new rules to detect secrets (API tokens, passwords) within your Cloud applications. This enables the immediate detection of secrets in your code as you add or copy/paste them, before you commit or push the code into a repository. This proactive approach not only boosts confidence in your code but also minimizes exposure.
This latest addition brings the total to 100 different types of secrets spanning 60 cloud providers.
Plus:
- An enhancement to Quick Fixes that allows you to preview the changes that will be generated in your code if you apply it.
- 8 new Python rules (and 3 quick fixes) to help you write clean scientific code using NumPy
- 12 new rules to write intentional and consistent Dockerfiles
Find more details in our release notes and community announcement.
September 06, 2023
SonarQube for IDE: IntelliJ v9.0
This busy release brings enhanced secret pattern detection, improved teamwork features together with SonarQube Server, plus the adoption of Clean Code attributes to categorize issues.
Leveraging a new Sonar open-source secret detection engine, this version delivers a powerful approach to identifying potential security vulnerabilities related to secrets (tokens, passwords, API keys). SonarQube for IDE now has the capability to detect secrets for an additional 22 popular cloud applications and providers.
In addition, for SonarQube Server 10.2 users, we’ve added the capability to change the status of issues that you are not going to fix in code that has yet to be analyzed by SonarQube Server.
Furthermore, we have introduced various product changes in line with our vision of Clean Code. SonarQube for IDE will now report the Clean Code attribute being infringed along with the Software qualities that are impacted.
Plus:
- Enhanced SonarQube for IDE documentation is now available: https://docs.sonarsource.com/sonarlint/intellij/
- 9 new core Python rules
- Support for PHP 8.3
Find more details in our release notes and community announcement.
August 17, 2023
SonarQube for IDE: IntelliJ v8.5
This packed release brings good news for PL/SQL developers, those developing .NET applications in Rider, and C and C++ users!
Firstly, we have added support for PL/SQL analysis in IDEA Ultimate, WebStorm, PyCharm Professional, DataGrip, and CLion. Available in connected mode with SonarQube Cloud, or with a commercial edition of SonarQube Server, our rules will help you discover issues and write clean PL/SQL code.
We have also added new Date & Time rules for .NET. These cover a wide range of topics and common pitfalls, including time zone conventions, date parsing & formatting, and time arithmetic.
In addition, we’ve added many new MISRA C++ 2023 rules for those using CLion to support mission-critical software environments.
Plus:
- New rules for C and C++ to detect tricky bugs
Find more details in our release notes and community announcement.
June 29, 2023
SonarQube for IDE: IntelliJ v8.4
With SonarQube for IDE: IntelliJ v8.4 users can directly change the status of issues in the IDE.
Building upon v8.3 and extending the benefits of connected mode further, you can now interact with the status of an issue (as well as Security Hotspots) without leaving your IDE to:
- Resolve an issue as Won't Fix or False Positive
Now any changes made to the status of an issue or hotspot in IntelliJ will be synchronized with SonarQube Server, SonarQube Cloud, and all other contributors using SonarQube for IDE in connected mode.
Plus:
- 5 new rules for core JavaScript & TypeScript concepts
- Support for TypeScript 5
Find more details in our release notes and community announcement.
June 09, 2023
SonarQube for IDE: IntelliJ v8.3
SonarQube for IDE: IntelliJ v8.3 brings enhanced Security Hotspot reporting & management, plus new rules for Kotlin, Python, and .NET users.
This release delivers the ability to change the status of a Security Hotspot directly in your IntelliJ IDE once it has been reviewed. The updated status of the hotspot will then be automatically synchronized to SonarQube Server or SonarQube Cloud, as well as other collaborators using SonarQube for IDE.
Plus:
- New rules linked to code redundancy, helping to increase the readability and reliability coverage of your Kotlin code
- 6 new Python rules for the Django framework and 3 new quick fixes
- For those of you using Rider to code in C#, additional rules that help you avoid some performance pitfalls
Find more details in our release notes and community announcement.
May 05, 2023
SonarQube for IDE: IntelliJ v8.2
SonarQube for IDE: IntelliJ v8.2 empowers developers to write Clean Code for IaC domains, and delivers enhancements to our code examples and more!
With this release, SonarQube for IDE can analyze the following IaC files:
- Terraform
- CloudFormation
- Docker
- Kubernetes
With a focus on Security Hotspots, and available in SonarQube for IDE when used in connected mode to SonarQube Server 9.7+, developers can now create Clean Code for these popular Infrastructure as Code technologies.
In addition, we continue our rule description enhancements with a focus on our non-compliant/compliant code examples. These have been made simpler to understand and use through the addition of syntax and code diff highlighting (see example image below).
Plus:
- 3 Java rules that cover design and architecture good practice for Monster Class, Brain Method and Singleton.
- 9 new rules to help Java developers writing Kotlin idiomatic code.
- 8 new JavaScript code quality rules.
- New Python rules and quick fixes related to type hints and regular expressions.
Find more details in our release notes and community announcement.
March 22, 2023
SonarQube for IDE: IntelliJ v8.1
This exciting release brings support for Go in JetBrains GoLand IDE, plus new rules for C#.
Responding to the many requests from our Community, SonarQube for IDE: IntelliJ 8.1, delivers 36 rules covering bugs and code smells for Go.
Complete with rich rule descriptions, and examples of non-compliant code, Go developers are empowered to create Clean Code in their GoLand IDE.
Plus:
- New rules for C# and VB.NET in Rider
Find more details in our release notes and community announcement.
March 07, 2023
SonarQube for IDE: IntelliJ v8.0
This release brings Security Hotspot reporting in your IDE, plus new Quick Fixes for Java and Python.
A Security Hotspot highlights a security-sensitive piece of code requiring developer review. With this latest release, SonarQube for IDE: IntelliJ v8.0 will now alert you to any unreviewed Security Hotspot that is present in the source files you are working on.
This means any new hotspots introduced by you will be instantly flagged, directly in your favorite IntelliJ IDE.
SonarQube for IDE then offers information about why this is an issue, helps you assess the risk, and offers guidance on how to fix it. Then, simply right-click on the Security Hotspot, and choose Review on Server, to open the Hotspot in SonarQube Server*, and set the output of the review.
*Available for users of SonarQube Server (min version 9.7) in connected mode to SonarQube for IDE.
Plus:
- We've added 11 new Quick Fixes for Java and 17 for Python
Find more details in our release notes and community announcement.
February 06, 2023
SonarQube for IDE: IntelliJ v7.4
This release delivers additional improvements to our rule descriptions for injection vulnerabilities, plus new rules for C++ users.
Building upon the structured rule descriptions introduced in v7.3 that help you understand injection vulnerabilities, we have introduced two further enhancements:
- SonarQube for IDE can now automatically select the most appropriate patch instruction based on the library or framework you are using. Available today with a selection of injection vulnerabilities, this feature will be progressively extended to more rules.
- We've added a "More info" tab (see image below) within the rule description that delivers educational content with our "Clean Code Principles". This is designed to help you build Clean Code using the Sonar Clean as You Code methodology.
Plus:
- 13 new rules to help with C++ 20's std::format feature
Find more details in our release notes and community announcement.