It's been a long time coming! SonarQube now offers project report PDFs. And you can subscribe to have them appear automatically in your inbox every day! You'll get the current Quality Gate status and any failing conditions, plus the major metric values on New Code.
As if that's not enough, this version also adds another long-awaited feature: the ability to export all issues and Security Hotspots in a project. The download comes in a JSON format, and is available to instance administrators.
And finally, we've also added a new security report. The 2021 CWE Top 25 Most Dangerous list was released in late July, and we've got the report ready for you in SonarQube 9.1 for projects, applications and portfolios.
Master Kotlin coroutines, plus data storage and privacy requirements
Kotlin coroutines are intended to make asynchronous programming easier. Unfortunately, some mistakes are still common. That's why we've added 12 new rules to help you avoid the pitfalls and use coroutines well.
The right results - faster!
The best analysis results in the world are no good if they come too late. That's why we're focusing this year on faster delivery of our high-precision analysis results. In SonarQube 9.1 that means we've switched to using precompiled Typeshed symbols during Python analysis. The impact on SonarQube analysis is modest, but SonarLint users (particularly in PyCharm & VS Code) will reap huge benefits.
In commercial editions, we've optimized taint analysis to eliminate duplicate operations in call graph calculation. That means a speed increase for taint analysis rules of anywhere from 20% in very small projects to 90% in very large ones, with an average gain of 50% in our tests. As an example, analyzing the OWASP JuiceShop project is down to 1.5min versus the 6min it used to take.
Global administrators now have easy access to audit logs for changes to users, projects, permissions, and several other areas. The logs are delivered in a JSON format, and housekeeping is configurable.
DCE users, this is what you've been waiting for! With 9.1 we begin the official beta for support of Data Center Edition on Kubernetes. With configuration, stopping and starting, robust upgrade and cluster logs, we think we've ticked most of the boxes. But we're depending on you to let us know. So please, take it for a spin and tell us what you think.
Rules to make WordPress plugins safer.
Import of Psalm, PHPStan reports
Parsing and rules for Java 16 features, including records
Improved C#9 support including pattern matching, lambdas