Continuous Inspection

SonarQube Java 3.11 Released

SonarSource is pleased to announce the release of the Java plugin version 3.11.

Since few months and with help of the symbolic execution engine, the Java plugin has been able to find and report some tricky bugs in case for instance of null pointer dereference or incorrect complex/nested condition. When such bugs are reported through the SonarQube UI, it’s not always easy for end-users to quickly understand why there is an issue. With this version 3.11, in case of null pointer dereference, the latest statement/declaration leading the symbolic execution engine to consider the object as nullable is highlighted:

 

Nullability_reporting

 

Moreover, as the value of a rule engine is inversely proportional to the percentage of false-positives, the following rules have been tuned to remove some reported false-positives :

Please read the release notes for more information. You can install or update it via the Update Center.

Documentation is available on the product page.