February 06, 2023
SonarLint for VS Code v3.14
SonarLint for VS Code v3.14 brings Security Hotspots reporting in your IDE, plus new rules for C++ users.
A Security Hotspot highlights a security-sensitive piece of code requiring developer review.
With this latest release, SonarLint can now directly report in VS Code any unreviewed Security hotspot that is present in the source files you are working on.
This means any new hotspots introduced by you will be instantly flagged. Then, simply right-click on the Security Hotspot, and choose Review on Server, to open the Hotspot in SonarQube*, and set the output of the review.
*Available for users of SonarQube (min version 9.7) in connected mode to SonarLint.
Plus 13 new rules to help with C++ 20's std::format feature
December 22, 2022
SonarLint for VS Code v3.13
SonarLint for VS Code v3.13 brings support for CSS code analysis, enabling developers to write clean front-end code.
Additionally, we have added:
- 6 new rules to cover C++20’s concepts.
- support for Python 3.11
November 22, 2022
SonarLint for VS Code v3.12
SonarLint for VS Code v3.12 delivers improvements to the investigation of taint vulnerabilities.
SonarLint can now display injection vulnerabilities for the whole project, irrespective of where the issue's sink is located.
In addition, SonarLint will notify you immediately that SonarQube (v9.6 onwards) has detected new taint vulnerabilities in your project.
While taint vulnerabilities are not detected by SonarLint (this happens in SonarQube and SonarCloud), it's now even easier to investigate and fix them.
Plus, we've also added four new quick fixes for Python issues!
October 18, 2022
SonarLint for VS Code v3.11
SonarLint for VS Code v3.11 enhances the connected mode setup experience with a new, simplified authentication process to SonarQube.
Together with SonarQube v9.7, SonarLint now offers to automatically generate and securely store the authentication token for you.
- Support for TypeScript 4.8 and for PHP 8.2
September 29, 2022
SonarLint for VS Code v3.10
SonarLint for VS Code v3.10 further simplifies connected mode setup for all developers working in a team, plus brings new rules for Python developers!
Using connected mode, SonarLint will offer to bind your local folders to remote projects analyzed by a SonarQube instance, or within a SonarCloud organization, you are connected to. Simply accept or reject the suggestion SonarLint provides.
Plus, for Python developers:
- 7 new rules dedicated to ensuring the quality of your unit test code.
September 28, 2022
SonarLint for VS Code v3.9
Building upon the enhanced connected mode UI delivered in v3.8, this release adds real-time issue sync from SonarQube. Now, an issue suppressed in SonarQube will be synced to SonarLint in seconds, automatically.
Plus for JS/TS developers:
- New rules to detect React-specific bugs and code smells
- Analysis of JS/TS code embedded inside AWS template files in YAML
August 11, 2022
SonarLint for VS Code v3.8
This release delivers further enhancements to the SonarLint UI, ensuring a smooth setup process when enabling Connected Mode to SonarQube and SonarCloud.
The SonarLint UI delivers step-by-step guidance throughout the entire connected mode setup, including the project bindings.
With Connected Mode to SonarQube or SonarCloud enabled, SonarLint will:
- Use the same quality profile locally
- Sync any file or directory inclusions/exclusions
- Mute any issues already flagged as Won’t Fix or False Positive
Discover more benefits of Connected Mode.
July 14, 2022
SonarLint for VS Code v3.7
This release brings new rules and improvements for Java and Typescript developers in VS Code, as well as adding to the growing list of rules for JS and C++.
Introducing 7 new rules to help Java developers build clean cloud-native applications for AWS, and avoid common pitfalls. A description of the new rules can be found here.
Support for Typescript 4.7 - ensuring developers can handle native ECMAScript modules in TypeScript (ESM modules).
In addition, we have embedded the runtime in SonarLint (currently a JRE 17). This removes the need to download a separate JRE, and reference it in the SonarLint configuration, for the most widespread platforms.
- 3 new rules for JS and TS developers
- 2 additional rules for C++ developers
July 11, 2022
SonarLint for VS Code v3.6
This release brings initial support for Quick Fixes for Python developers, plus a UI wizard to simplify the connection setup to SonarCloud and SonarQube.
SonarLint in VS Code now offers quick fixes that will effortlessly repair your Python issues before they are committed. You can browse all Python detections providing quick fixes here.
Available when using SonarLint alone, or in connected mode to SonarCloud, simply hover over the flagged issue to view and apply the proposed quick fix.
This release also delivers improvements to the SonarLint UI, ensuring a smooth setup process when enabling connected mode to SonarQube and SonarCloud for the first time.
April 08, 2022
SonarLint for VS Code v3.4
Great news for all C and C++ developers 🗞. SonarLint now supports C and C++ analysis in VS Code!
Install the plugin, point to your compilation database, and start your code analysis. (Currently, CMake builds are supported, more to come!) SonarLint will detect your coding issues and guide you by suggesting appropriate fixes using intuitive and accurate rule descriptions.
Plus, SonarLint in VS Code delivers a growing list of Quick Fixes that can automatically fix your C++ issues before they are committed.
Also included with this release:
- 9 new PHP rules to help deliver efficient, error-free and safe regular expressions
- Improved Python analysis though using serialized Typeshed symbols
- Support for TypeScript 4.6