Release early-access

SonarQube compatibility

This version is compatible with SonarQube 9.9 LTS and SonarQube 10.5 Community Edition.

It may work with the commercial editions of SonarQube, but you won't be able to use ZPA and the embedded PL/SQL plugin from SonarSource to analyze the code simultaneously. If you need this scenario, please use zpa-cli instead.

Highlights

First-class support for test and coverage reports generated by utPLSQL

Two new properties specifically designed for consuming test and coverage reports generated by utPLSQL were added:

• sonar.zpa.tests.reportPaths: Use this property to specify the path to the test report(s) (generated using the ut_sonar_test_reporter).
• sonar.zpa.coverage.reportPaths: Similarly, this property allows you to specify the path to the coverage report(s) (generated using the ut_coverage_sonar_reporter).

Previously, importing test and coverage reports into SonarQube required generic properties. However, with the introduction of these new properties, the ZPA plugin can now automatically associate the test and coverage results with the corresponding PL/SQL files. The best part? You won’t need to define any complex object-file mapping rules in the utPLSQL-cli.

By leveraging these properties, is much easier to integrate the utPLSQL reports into your SonarQube analysis pipeline. More information is available in the documentation.

Install/update instructions

• Download the sonar-zpa-plugin-3.5.0-SNAPSHOT.jar and copy it to the SONARQUBE_HOME/extensions/plugins.
• Remove the older plugin from that directory.
• Restart the SonarQube instance.

For custom plugin developers

Binary compatibility is not guaranteed either in between any version number change. Custom plugins should be recompiled against the same version of sonar-zpa-plugin.

Download the zpa-toolkit-3.5.0-SNAPSHOT.jar (requires Java 11+) to test the parser and view the AST.

Full changelog

🚀 Features

• 460e813 grammar: Support JSON constructor (#182), closes #182
• bd12517 Update rule descriptions to display the line differences between compliant and noncompliant code
• 5cfcb8b grammar: Support JSON_QUERY (#182), closes #182
• 3689350 grammar: Support COLLECT function
• 319beef grammar: Support values clause in queries
• d335949 grammar: Support recursive subquery factoring syntax
• bc26d2b grammar: Support timestamp literals
• 30f014f grammar: Support floating-point literals
• 4ef718b Add debug logging on the test and coverage importers
• 59f081f Add "debug" log level
• 7199edc Add firstToken and lastToken to Scope because the "tree" is empty on the scopes added to the global scope
• c7e952d Import coverage reports correctly when the tested file doesn't start with the executed code (#156), closes #156
• b75eecf Import coverage reports from utPLSQL (#156), closes #156
• 5eb4945 Import correctly utPLSQL test reports that contain the paths to the source files (#156), closes #156
• 38b3e1f Introduce a sensor to import utPLSQL test reports (#156), closes #156
• 99f7216 Add a FileLocator component to be used by the utPLSQL report sensor (#156), closes #156
• fdbd43f Expose the global symbol scope to the consumers of AstScanner
• 9579c04 Add a plSqlFile property to ScopeImpl
• 09b8593 Include empty comment lines in the total count of lines of comments
• a256b94 Remove method getSemanticNode and make the Parser build a SemanticAstNode directly

🐛 Fixes

• 338b2ee Fix zpa-checks tests to use Jackson
• 600b4ea Register all the trigger scopes with the type "CREATE_TRIGGER"
• d6ab929 Wait for the thread to terminate before exiting ProgressReport.stop/cancel to ensure that the message 'xxx source files have been analyzed' doesn't appear after the 'Sensor Z PL/SQL Analyzer [plsqlopen] (done)' in SonarScanner.
• 776c766 Ignore coverage for files with no covered lines
• a2983d0 Store the trigger name on the scope correctly
• b4d5a5e grammar: Skip XMLTABLE_OPTIONS node because all components are optional
• b5918c0 Import test result correctly when the report contains the suite path
• 57d5aad Fix comparison on MethodMatcher
• 7114796 Fix broken test
• 83e5d6a Add a subcategory for test and coverage properties instead of creating a new category
• 4355716 Fix the xml mapping of utPLSQL test report

🔄️ Changes

• efc977e Remove unused method
• 0e8bde4 grammar: Move XMLAGG_EXPRESSION to AggregateSqlFunctionsGrammar
• 9c990f2 grammar: Move TREAT_AS_EXPRESSION and SET_EXPRESSION to SingleRowSqlFunctionsGrammar
• 7742599 Prefer raw strings for regexes in PlSqlLexer
• 2ba31ad Abstract some logic from TestResultImporter that will be shared with the coverage importer
• 734b300 Remove unnecessary parameter from UtPlSqlSensor
• 765b2d1 Move the test report importing code to a separate class (#156), closes #156
• c9212cc Rename class UtPlSqlTestSensor to UtPlSqlSensor
• c6d6fd0 Rename property "sonar.zpa.utplsql.reportPaths" to "sonar.zpa.tests.reportPaths" (#156), closes #156
• 6ec05fa Rename FileLocator to ObjectLocator and don't add the number disabled tests to the total of tests (#156), closes #156
• aa7f0fa Reduce memory usage of MethodMatcher
• 1f6af00 Convert NameCriteria to a functional interface
• d9e0702 Remove unnecessary call to Char.lowercaseChar
• 5a7dc47 Replace usages of org.hamcrest.MatcherAssert with com.felipebz.flr.tests.Assertions

🧪 Tests

• 7c8f200 Update integration test expectations

🧰 Tasks

• bba9491 Fix license header

🛠 Build

• 0a7c3b6 Update to Gradle 8.8
• b7b6767 Change shadow plugin to io.github.goooler.shadow
• 938c1ed Simplify the build workflow to avoid rebuilding the project multiple times
• bbc36d6 Update build plugins
• 211e894 deps: Update Kotlin to 2.0.0
• 866854f Fix compilation warnings
• 3389608 Add dependency-submission to GitHub workflow
• 769f728 deps: Use FLR 1.4.0-SNAPSHOT
• 323d9ce Bump project version

📝 Documentation

• 587ae08 Update changelog