Releases: SonarSource/SonarJS
10.0.1
10.0.0
What's Changed
- Analyze JavaScript embedded in HTML by @ilia-kebets-sonarsource and @victor-diez-sonarsource in #3674
- Fix FP S128 (
sonar-max-lines-per-function): Improve React functional components detection by @victor-diez-sonarsource in #3679 - Fix FP S5860 (
unused-named-groups): Consider accesses via the index syntax by @yassin-kammoun-sonarsource in #3685 - Fix FP S6329 (
aws-ec2-rds-dms-public): Consider sensitive RDS DB instance on public subnet only by @yassin-kammoun-sonarsource in #3688 - Fix FN S6265 (
aws-s3-bucket-granted-access): Fix BucketDeployment resolving by @yassin-kammoun-sonarsource in #3689 - Fix FN S6249 (
aws-s3-bucket-insecure-http): Consider TypeScriptimport = require()construct by @victor-diez-sonarsource in #3665 - Update S4423 (
weak-ssl): Change issue message when omittingtlsSecurityPolicyby @yassin-kammoun-sonarsource in #3687 - Add helper functions searchable documentation by @ilia-kebets-sonarsource in #3506
- Update ESLint dependencies to the latest version by @francoismora in #3682
Full Changelog: 9.13.0.20537...10.0.0.20728
Part of SonarQube 10.0
Contributors
Assets 2
9.13.0
https://github.com/SonarSource/SonarJS/issues?q=is%3Aclosed+milestone%3A9.13
What's Changed
- Fix FNs caused by
node:imports in several rules usinggetFullyQualifiedName()by @ilia-kebets-sonarsource in #3618 - Fix FP S2424 (
no-built-in-override): Remove System from globals by @ilia-kebets-sonarsource in #3620 - Fix FP S6442 (
no-hook-setter-in-body): Shouldn't raise when used conditionally by @saberduck in #3622 - Deprecate S2814 (
no-redeclare) for TypeScript by @victor-diez-sonarsource in #3635 - Upgrade ESLint, TypeScript, and TypeScript ESLint dependencies by @yassin-kammoun-sonarsource in #3631
- Fix recursion in FQN resolution by @victor-diez-sonarsource in #3642
Full Changelog: 9.12.1.20358...9.13.0.20537
Contributors
Assets 2
9.12.1
9.12.0
In this release:
-
We improved the precision of the Cognitive Complexity for JSX by ignoring shorthand such as short-circuit logic.
-
We added 6 new rules for detecting performance issues in React:
- S6477: Mandatory keys in JSX list components
- S6479: No array index for keys in JSX list components
- S6486: No uniq values as keys for JSX list components
- S6480: Disallow .bind() and arrow functions in JSX props
- S6481: React Context Provider values should not have unstable identities
- S6478: React components should not be nested
Milestone: https://github.com/SonarSource/SonarJS/issues?q=is%3Aclosed+milestone%3A9.12
Full Changelog: 9.11.1.20218...9.12.0.20319
9.11.1
Fix dependency injection of JavaScriptProjectChecker for SonarCloud
Milestone: https://github.com/SonarSource/SonarJS/milestone/63?closed=1
SonarQube version: 9.8
9.11.0
This new version:
- Improves the performance of slow rules
- Brings a better experience for TSconfig with node_modules
- Adds support for CSS analysis in SonarLint
- Enables typed rules for JS in SonarLint
- Support TypeScript 4.9
Milestone: https://github.com/SonarSource/SonarJS/milestone/63?closed=1
SonarQube version: 9.8
9.10.0
This new version adds 16 AWS CDK rules and includes fixes listed in the 9.10 milestone.
9.9.0
SonarJS hardening before SonarQube 9.7.
Details are available in 9.9 milestone.
9.8.0
faster PR analysis
security analysis for AWS YAML
TypeScript 4.8
deprecation of Node.JS v14
remove support for Node.JS v12
Details are available in 9.8 milestone.