SonarLint for IntelliJ v10.4 introduces a new architecture that relocates the SonarLint business logic from the IDE to a background process and enhances IDE responsiveness.

In addition:

• We’ve added 17 new rules for accessibility in HTML.
• We improved the top dismissed JS/TS rules and added one rule (S2004).
• We fixed 13 false positive rules and added 2 new quick fixes for Python.

Find more details in our release notes and community announcement.

SonarLint for IntelliJ v10.3 enhances the combined power of SonarLint and SonarQube while streamlining the setup process.

Now, a one-click connection setup and project binding option will be shown to a SonarLint for IntelliJ developer utilizing the SonarQube “Open in IDE” button to investigate an issue directly in their IntelliJ IDE. This functionality, which requires SonarQube v10.4, assists developers in rapidly examining and resolving issues using SonarLint directly in their IntelliJ IDE.

Plus, with their SonarLint for IntelliJ v10.3 connected to SonarQube v10.4, developers can now detect custom secrets in their code, directly in their IDE. Using custom rules based on secret patterns defined in SonarQube this allows developers to spot secrets before they can be leaked into repositories. (Requires SonarQube Enterprise or Data Center Edition).

Also using connected mode to SonarCloud or SonarQube v10.4, it is possible to mark an issue as “Accepted”. This results in the unresolved issue becoming part of the project’s technical debt.

In addition:

• 8 new Kubernetes rules
• 9 new C++ rules to help with MISRA 2023

Find more details in our release notes and community announcement. For more details on how to set up connected mode check here.

SonarLint for IntelliJ v10.2 introduces a set of rules to help you correctly configure your Kotlin DSL build script, acknowledging that Kotlin DSL is now the default for new Gradle builds.

Find more details in our release notes and community announcement.

SonarLint for IntelliJ v10.1 delivers new rules across a variety of languages, plus insights into the additional team benefits available when using SonarLint in connected mode with SonarCloud and SonarQube.

New rules:

• 9 new Java rules to help you avoid common pitfalls with Spring Boot
• 6 new rules to avoid adding bugs in Kotlin code
• Support for .Net 8 and C# 12
• Support for Python 3.12 syntax, along with 4 new rules related to Python 3.12 features
• 17 new JavaScript rules for JSX

Find more details in our release notes and community announcement.

SonarLint for IntelliJ v10.0 brings additional team benefits when using SonarLint in connected mode to SonarCloud and SonarQube.

Now, with SonarQube v10.3, you can open any issue you’re investigating in SonarQube directly into the IDE, with just a click of a button, thanks to connected mode. This allows you to leverage SonarLint’s dataflow navigation, rule descriptions, and quick fixes for efficient issue investigation and resolution.

Plus, when using connected mode to SonarCloud, any issue or status change (e.g. Won’t Fix, False Positive) made in SonarCloud will be instantly synchronized to your IDE, ensuring you can focus on relevant issues.

Also:

• 6 Java rules dedicated to the Spring framework
• 5 Python rules 2 for the Pandas library
• Many new JavaScript and TypeScript rules for React

Lastly, the whole Sonar ecosystem will soon require Java 17 as a minimal runtime to analyze your projects. To satisfy this requirement in SonarLint for IntelliJ, we’re raising the minimum IDE version to IntelliJ 2022.3.1.

Find more details in our release notes and community announcement.

SonarLint for IntelliJ v9.1 brings a new feature supporting the Sonar Clean as You Code methodology. Plus we have extra rules to detect secrets directly in the IDE, an enhancement to Quick Fixes, and new Python rules for Data Scientists!

SonarLint is pairing up with SonarQube and SonarCloud to deliver the “Focus on new code” feature. Enabled, this empowers you to focus only on issues in your new code (ie code that has been added or changed, according to your new code definition.) Supporting the Sonar Clean as You Code approach, this powerful feature is available when SonarLint is working together with SonarQube or SonarCloud in connected mode. Learn how here.

In addition, we have incorporated 42 new rules to detect secrets (API tokens, passwords) within your Cloud applications. This enables the immediate detection of secrets in your code as you add or copy/paste them, before you commit or push the code into a repository. This proactive approach not only boosts confidence in your code but also minimizes exposure.

This latest addition brings the total to 100 different types of secrets spanning 60 cloud providers.

Plus:

• An enhancement to Quick Fixes that allows you to preview the changes that will be generated in your code if you apply it.
• 8 new Python rules (and 3 quick fixes) to help you write clean scientific code using NumPy
• 12 new rules to write intentional and consistent Dockerfiles

Find more details in our release notes and community announcement.

This busy release brings enhanced secret pattern detection, improved teamwork features together with SonarQube, plus the adoption of Clean Code attributes to categorize issues.

Leveraging a new Sonar open-source secret detection engine, this version delivers a powerful approach to identifying potential security vulnerabilities related to secrets (tokens, passwords, API keys). SonarLint now has the capability to detect secrets for an additional 22 popular cloud applications and providers.

In addition, for SonarQube 10.2 users, we’ve added the capability to change the status of issues that you are not going to fix in code that has yet to be analyzed by SonarQube.

Furthermore, we have introduced various product changes in line with our vision of Clean Code. SonarLint will now report the Clean Code attribute being infringed along with the Software qualities that are impacted.

Plus:

• Enhanced SonarLint documentation is now available: https://docs.sonarsource.com/sonarlint/intellij/
• 9 new core Python rules
• Support for PHP 8.3

Find more details in our release notes and community announcement.

This packed release brings good news for PL/SQL developers, those developing .NET applications in Rider, and C and C++ users!

Firstly, we have added support for PL/SQL analysis in IDEA Ultimate, WebStorm, PyCharm Professional, DataGrip, and CLion. Available in connected mode with SonarCloud, or with a commercial edition of SonarQube, our rules will help you discover issues and write clean PL/SQL code.

We have also added new Date & Time rules for .NET. These cover a wide range of topics and common pitfalls, including time zone conventions, date parsing & formatting, and time arithmetic.

In addition, we’ve added many new MISRA C++ 2023 rules for those using CLion to support mission-critical software environments.

Plus:

• New rules for C and C++ to detect tricky bugs

Find more details in our release notes and community announcement.

With SonarLint for IntelliJ v8.4 users can directly change the status of issues in the IDE.

Building upon v8.3 and extending the benefits of connected mode further, you can now interact with the status of an issue (as well as Security Hotspots) without leaving your IDE to:

• Resolve an issue as Won't Fix or False Positive

Now any changes made to the status of an issue or hotspot in IntelliJ will be synchronized with SonarQube, SonarCloud, and all other contributors using SonarLint in connected mode.

Plus:

• 5 new rules for core JavaScript & TypeScript concepts
• Support for TypeScript 5

Find more details in our release notes and community announcement.

SonarLint for IntelliJ v8.3 brings enhanced Security Hotspot reporting & management, plus new rules for Kotlin, Python, and .NET users.

This release delivers the ability to change the status of a Security Hotspot directly in your IntelliJ IDE once it has been reviewed. The updated status of the hotspot will then be automatically synchronized to SonarQube or SonarCloud, as well as other collaborators using SonarLint.

Plus:

• New rules linked to code redundancy, helping to increase the readability and reliability coverage of your Kotlin code
• 6 new Python rules for the Django framework and 3 new quick fixes 
• For those of you using Rider to code in C#, additional rules that help you avoid some performance pitfalls

Find more details in our release notes and community announcement.