SonarQube 7.7

Pull Request Quality Gates, Injection Flaw Detection in PHP and BitBucket Server Decoration

Quality Gate in Pull Requests DE Available in Developer Edition EE Available in Enterprise Edition DCE Available in Data Center Edition

Merge your new code with confidence

Pull Requests and Short-lived Branches get a real Quality Gate status joining duplication and test coverage metrics. Dedicated dashboards with full metrics highlight areas that need attention before committing to master.
Pull Request

Information Where it Counts

Pull Request

Integration with GitHub Checks so you only promote clean builds

Pull Request

Decorations right in your BitBucket Server projects

Aligning PR Analysis with How You Work

We align with your workflow - not the other way around. SonarQube now lets you analyze PRs and short-lived branches even if you haven’t analyzed the target branch.

Injection Flaw Detection in PHP DE Available in Developer Edition EE Available in Enterprise Edition DCE Available in Data Center Edition

Now there are fewer languages where the bad guys can hide. SonarQube version 7.7 adds detection of injection flaws in PHP!
insecure

Find More Vulnerabilities

Tighten the Grip on Security Bad Actors DE Available in Developer Edition EE Available in Enterprise Edition DCE Available in Data Center Edition

We didn’t just stop at adding PHP injection security. We also added more injection rules to C# and Java! Detect the most famous CWE patterns of OWASP Top 10: Reflected XSS, Response Splitting, SSRF, Log Forging, Open Redirects and more.

Find More of those Pesky Security Hotspots

We added Security Hotspot detection to JavaScript and Python! With in-code warnings and dedicated security reports, you’ll know the exact sections of code that need review with critical eyes.

Language Updates

With every release we add more rules and capabilities so you can find more issues:  

csharpC#

  • 13 new rules adding to 350+

VB.NetVB.Net

  • 18 new rules adding to 120+

JavaJava

  • 3 new rules adding to 500+

PHPPHP

  • Support for PHP 7.3
As usual, visit rules.sonarsource.com to discover all the bugs, vulnerabilities and code smells that SonarQube can detect across 25+ languages

Time to enjoy these great new features!