3.0.0

New rules:

• Do not use LIKE conditions without wildcards

Other highlights:

• Fix IndexOutOfBoundsException on SelectAllColumnsCheck. (#141)
• Greatly reduce the time needed to parse code that uses ANSI joins (#152)
• Many improvements in the parser.
• Add an example of custom plugin using Gradle.

This version supports SonarQube 7.6 and newer. Please be aware that ZPA is only tested with SonarQube Community Edition. It may work with the commercial editions of SonarQube, but you'll have to choose if you want to use ZPA or SonarPLSQL (from SonarSource). You can't use both plugins to analyze the code simultaneously.

Install/update instructions:

• Copy only the sonar-zpa-plugin-3.0.0.jar file to the SONARQUBE_HOME/extensions/plugins.
• Remove the older plugin (sonar-plsql-open-plugin*.jar) from that directory.
• Restart the SonarQube instance.

For custom plugin developers:

• [BREAKING CHANGE] Custom plugins built against older versions of sonar-plsql-open-plugin must be updated. Please read the documentation for more details: Migrating a plugin from a previous version.

2.4.0

This version supports SonarQube 6.7 and newer and it's the last release supporting SonarQube 6.7. Also note that ZPA is only tested with SonarQube Community Edition. It may work with SonarQube Developer/Enterprise/Data Center Editions, but you'll have to choose between ZPA and SonarPLSQL. If you want a better support for commercial editions of SonarQube please see the issue #133 and contact me.

Some rule improvements, like:

• Ignore BULK COLLECT in SelectAllColumnsCheck (#109)
• Ignore "FETCH cursor" in SelectAllColumnsCheck (#118)
• Ignore "overriding member" in UnusedParameterCheck and EmptyBlockCheck
• Ignore queries with bulk collect in QueryWithoutExceptionHandlingCheck (#128)

Other highlights:

• The old sonar.plsql.* properties are not recognized anymore. Please use sonar.zpa.* in the SonarQube Scanner.
• Many improvements to the parser (i.e. #43, #108, #120, #123, #130, #134).

For custom plugin developers:

• [BREAKING CHANGE] Custom plugins built against older versions of sonar-plsql-open-plugin must be recompiled with the new version.
• Many deprecated methods were removed.
• Fixed typo in package name: org.sonar.plugins.plsqlopen.api.annnotations. -> org.sonar.plugins.plsqlopen.api.annotations.

2.3.0

The "SonarQube PL/SQL Community plugin" is now called Z PL/SQL Analyzer (or ZPA)!

New rules:

• Variables should comply with a naming convention (#26)
• Avoid TO_CHAR in an ORDER BY clause

First-class support to test files:

• Highlighting now also runs on test files
• Coding rules are executed on test files
• Added first rules to check test code using utPLSQL v3: "Tests should not be disabled" and "Test expectations should not be redundant"

Other highlights:

• Many improvements in the parser.
• Fixed some false positives in InsertWithoutColumnsCheck (#51), SelectAllColumnsCheck, NotASelectedExpression (#104), CommitRollbackCheck (#82) and UnusedParameterCheck (#90).
• The properties sonar.plsql.* were deprecated in favor of sonar.zpa.*.

For custom plugin developers:

• [BREAKING CHANGE] Custom plugins built against older versions of sonar-plsql-open-plugin must be updated. The classes considered part of the public API were moved to the package org.sonar.plugins.plsqlopen.api to follow the SonarQube guidelines (#102). Please read the documentation for more details: Migrating a plugin from a previous version. If your plugin depends on a class that isn't located in the public API, please open an issue.
• An easier API was added to register violations.
• You can get the "semantic info" of AST nodes using semantic(astNode). Currently you can use it to get the corresponding Symbol instance and its PL/SQL type (examples: 22a15b6#diff-d5bde9389c36c820ad9fc68efba26968 and b259903#diff-a42c3e1ee9a6f3b0254153351fdb8b7b).
• MethodMatcher can check the type of arguments. Example: to find the ocurrence of TO_CHAR(varchar2_variable) you can use MethodMatcher.create().name("to_char").addParameters(PlSqlType.CHARACTER).
• Checks can override visitComment(Trivia, String) to analyze and raise issues on comments.
• It's possible to define if your check will run on all files (@RuleInfo(scope = RuleInfo.Scope.ALL)), main source files (@RuleInfo(scope = RuleInfo.Scope.MAIN)) or only on test files (@RuleInfo(scope = RuleInfo.Scope.TEST)).

This version supports SonarQube 6.7 and newer.

2.2.0

This version address the compatibility with SonarQube 7.3 (#78). You need to use this version if you want to use custom rules with SQ 7.3.

This version supports SonarQube 6.7 and newer.

• sonar-plsql-open-plugin: The SonarQube plugin itself.
• sslr-plsql-toolkit: A tool to visualize the AST (abstract syntax tree) generated by the parser, to aid the creation of custom rules.

2.1.0

Highlights:

• Error recovering mechanism: the plugin will ignore unrecognized commands and it will continue to parse the remaining content ("tolerant mode"). To restore the previous behavior ("strict mode"), stopping the parser and raising a RecognitionException for the file, set sonar.plsql.errorRecoveryEnabled=false (More details on the wiki).
• Many improvements to the parser (#47, #48, #50, #60, #61, #62, #63, #66, #67, #70, #74, #75).
• Fixes false negatives in DeadCode and UnnecessaryElse rules (#64)
• FIxes SameBranch rule recommendation (#73).

A special thanks to @vinupriyesh, @lm-net and @juliorenedo!

This version supports SonarQube 5.6 and newer. This is the last release supporting SQ 5.6.

• sonar-plsql-open-plugin: The SonarQube plugin itself.
• sslr-plsql-toolkit: A tool to visualize the AST (abstract syntax tree) generated by the parser, to aid the creation of custom rules.

2.0.0

Highlights:

• Many improvements to the parser.
• Use newer SonarQube API when available to properly support multiple encodings on SonarQube 6.3+.
• Performance improvements.
• Custom rules can be added in the SonarQube UI using an XPath expression ("Track breaches of an XPath rule").
• Support NOSONAR comment to ignore issues.

A special thanks to @phermsdorf for his contributions.

• sonar-plsql-open-plugin: The SonarQube plugin itself.
• sslr-plsql-toolkit: A tool to visualize the AST (abstract syntax tree) generated by the parser, to aid the creation of custom rules.

1.0.0

This is the first release of SonarQube PL/SQL Community plugin. It focuses on supporting basic PL/SQL statements and contains 48 code rules.

• sonar-plsql-open-plugin: The SonarQube plugin itself.
• sslr-plsql-toolkit: A tool to visualize the AST (abstract syntax tree) generated by the parser, to aid the creation of custom rules.