TL;DR overview
- SonarQube 10.0 introduces a new Code Quality taxonomy that replaces the traditional Reliability/Security/Maintainability model with a richer set of code attributes—quality, consistent, intentional, adaptable, responsible, and ethical.
- The new quality model surfaces issues differently: rather than raw counts of bugs and code smells, SonarQube 10.0 highlights what makes code problematic through 40+ new software quality attributes.
- This version represents a significant evolution in how Sonar communicates code health, designed to help developers understand not just what is wrong, but why it matters for the long-term maintainability of their software.
- SonarQube 10.0 marks the starting point of a new release cadence focused on incremental, continuous delivery of improvements aligned with the Code Quality methodology.
In February this year, we released SonarQube Server 9.9 Long-Term-Support (LTS) – an exciting milestone for us and everyone who uses our solution. This excitement continues through the year as we bring more value through our innovations and new functionality.
Today, we are pleased to announce the release of SonarQube Server 10.0! This release builds upon the work we did in the LTS release to add in new and improved features. If you are new to Sonar, you will automatically get these enhancements as part of your download. If you are a Sonar user already, make sure you upgrade to LTS first for a smooth transition to 10.0.
Some highlights of 10.0 include:
- Faster first analysis for git-based projects: Building on the optimizations we did to the way we handle git-blame data in SonarQube Server 9.9 LTS, developers can now see an even more prominent speed-up for their project’s first analysis, particularly for projects with large commit volumes.
- Secure user & group management: Our support for SCIM integration now includes Azure AD (in addition to Okta released earlier) for a secure and centralized admin workflow. Plus a new CWE Top 25 2022 security report so developers and security auditors can assess the risk of the codebase against the most commonly reported vulnerabilities
- Best practice rules for secure Docker deployment and many new language rules.
Check out more details in this release announcement and our product release notes.
Resources for upgrading to 9.9 LTS:
This checklist will help ensure you have a smooth upgrade so you can start enjoying SonarQube Server 10.0!