In the 10.5 release of SonarQube, we’re thrilled to announce support for Java 21, C++23, and TypeScript 5.4. We’ve simplified onboarding for monorepos in GitHub and GitLab, Maven projects, and GitHub Actions. We have doubled the rules for Kubernetes and Helm Charts. With the addition of the TensorFlow library, we expand our support of common libraries used by Machine Learning (ML) practitioners. Details on that and more are below.
Major Language Updates
Sonar helps support early adoption of the latest versions of major languages by adding support for C++23, Java 21, and TypeScript 5.4. Secrets detection analysis is even faster when running on multicore/multi-CPU machines. We’ve increased deeper SAST coverage to the top two thousand public Java libraries to help you find even more taint analysis issues. Our security rules and maintainability best practice rules for Kubernetes and Helm Charts have doubled. With the addition of the TensorFlow AI library, we’ve increased our support to three of the top Python libraries that Machine Learning practitioners use: TensorFlow, NumPy, and Pandas. Logging is essential to developing robust applications, and SonarQube helps you with C# logging best practices in the .NET framework. To help you write accessible and sustainable code, we’ve added accessibility rules for HTML and sustainability rules for Java. Sonar helps clean the entire mainframe ecosystem, not just COBOL code but now also the Job Control Language (JCL).
Simplified Project Onboarding & Analysis Config
In the SonarQube 10.5 release, we’ve made significant strides to make onboarding your projects simpler than ever. Adding multiple projects in a monorepo is easier. Simply import your monorepo from GitHub or GitLab, and then SonarQube will guide you through project setup for each project in the monorepo. Next, the new SonarScanner for Maven now automatically scans all files from the root of a Maven project, so you no longer have to configure additional files to scan beyond the standard project files. Lastly, Sonar is excited to announce a new Sonar-provided GitHub Action for C, C++, and Objective-C to make analysis setup a breeze.
We hope you’re as delighted about the SonarQube 10.5 release as we are!
Find out more in the 10.5 release announcement and our 10.5 upgrade notes.
Are you still on an older SonarQube version?
If you’re on a version older than 9.9, upgrade to SonarQube 9.9 LTA before upgrading to 10.4. Check out this helpful checklist for a smoother upgrade. Watch the on-demand LTA upgrade webinar highlighting a step-by-step approach and common pitfalls encountered during the upgrade.