Releases: SonarSource/sonar-python
SonarPython 4.1.0.11333
Release notes - SonarPython - 4.1
New Feature
SONARPY-1253 Support IPython line-magic commands syntax
SONARPY-1287 Introduce a new sensor for IPython notebook files
SONARPY-1290 Remove noisy rules from IPython quality profile
SONARPY-1291 Support dynamic object information syntax
SONARPY-1292 Support system shell access syntax
SONARPY-1293 Support line continuation in line-magic commands
SONARPY-1294 Support parsing of cell-magic commands
Task
SONARPY-1295 Improve integration tests for IPython notebooks
SONARPY-1296 Update quickfix metadata for Python rules
SONARPY-1299 Ensure rules unit tests can run on IPython files
SonarPython 4.0.0.11155
Release notes - SonarPython - 4.0
Bug
SONARPY-726 Fix parsing errors on f-strings formatted expressions
SONARPY-1074 S5717: Quickfix should not change the initial value of the parameter
SONARPY-1281 Do not add redundant white spaces for quick fix S1940 (BooleanCheckNotInvertedCheck)
New Feature
SONARPY-1083 Add quick fix for S5712 (NotImplementedErrorInOperatorMethodsCheck)
SONARPY-1084 Add quick fixes for S5795 (IdentityComparisonWithCachedTypesCheck)
SONARPY-1089 Add quick fix for S108 (EmptyNestedBlockCheck)
SONARPY-1090 Add quick fixes for S5754 (IgnoredSystemExitCheck)
SONARPY-1092 Add quick fixes for S5806 (BuiltinShadowingAssignmentCheck)
SONARPY-1260 Add quick fix for S6353 (VerboseRegexCheck)
SONARPY-1261 Add quick fix for S5905 (AssertOnTupleLiteralCheck)
SONARPY-1262 Add quick fix for S5713 (ChildAndParentExceptionCaughtCheck)
SONARPY-1263 Add quick fix for S5915 (AssertAfterRaiseCheck)
SONARPY-1268 Add quick fix for S5796 (IdentityComparisonWithNewObjectCheck)
False Negative
SONARPY-727 Enable S3457 for f-strings
Task
SONARPY-1282 Update sonar-python version to 4.0
SONARPY-1283 Remove Deprecated APIs Improvement
SONARPY-790 S5890: Improve issue message when "Optional" should be used
SONARPY-1192 Provide quick fix for chained assignment in S1854 (DeadStoreCheck)
SONARPY-1265 Add quick fix for S5714 (BooleanExpressionInExceptCheck)
SONARPY-1266 Add quick fix for S5708 (CaughtExceptionsCheck)
SONARPY-1277 Add quick fix for S108 (EmptyNestedBlockCheck) in case of inline statements
SONARPY-1278 Make the quick fix creation part of the public API
SonarPython 3.25.0.10992
Release notes - SonarPython - 3.25
Bug
SONARPY-1250 Fix handling of test files in PR analysis
SONARPY-1272 Symbol FQN resolution should work correctly on double import
False-Positive
SONARPY-863 Fix FP on S3516 when return values are different kind of comparisons
SONARPY-1115 S1854 Fix FPs on import statements
SONARPY-1255 S5886 should not raise issues when the yield expression is part of an assignment statement
SONARPY-1257 S1144: Should not raise on methods/classes with unknown decorator
New Feature
SONARPY-1049 Add quick-fix for S1110 (UselessParenthesisCheck)
SONARPY-1080 Add quick fixes for S3626 (RedundantJumpCheck)
SONARPY-1085 Add quick fixes for S3984 (ExceptionNotThrownCheck)
SONARPY-1087 Add quick fixes for S2772 (NeedlessPassCheck)
False Negative
SONARPY-794 FN on S4830 & S5527 when “ssl._create_unverified_context()” is provided as keyword argument
SONARPY-1036 S2245 covers more methods of "random"
SONARPY-1100 S1045 should raise an issue when the same unknown exception is caught twice
SONARPY-1242 Modify rule S5332: False positive for LoadBalancer construct with listeners set as dict (AWS CDK)
Task
SONARPY-1259 Soften issue message for S1110
Improvement
SONARPY-1096 Add secondary message for S3923 (AllBranchesAreIdenticalCheck)
SONARPY-1097 S1226: Add secondary locations on the parameter re-assignments
SONARPY-1098 S1854: Add secondary locations on the variable re-assignments
SONARPY-1164 Resolve unpacking expression when analyzing call arguments
SonarPython 3.24.0.10784
Release notes - SonarPython - 3.24
Bug
SONARPY-1227 Fix parse error when multiple unpack in for loop
SONARPY-1237 Use file hashes to determine file modification status in PR analysis
Improvement
SONARPY-1216 PR Analysis: Avoid running regular rules for transitively impacted files
SONARPY-1238 Deduplicate strings in CPD token serialization
SonarPython 3.23.0.10732
Release notes - SonarPython - 3.23
Bug
SONARPY-1234 Disable cache when sonar.modules is used
New Feature
SONARPY-1231 Cache CPD tokens
SONARPY-1232 Load all Typeshed symbols used by the project in PR analysis context
Improvement
SONARPY-1235 Prevent executing the same rule again in case of successful scanWithoutParsing
SONARPY-1236 Improve serialization method used for CPD tokens
SonarPython 3.22.0.10674
Release notes - SonarPython - 3.22
Bug
SONARPY-1226 Fix NumberFormatException error
Task
SONARPY-1194 Serialize and cache the project level symbol table
SONARPY-1195 Build a dependency graph in the project-level symbol table
SONARPY-1196 Compute impacted files from deleted files
SONARPY-1197 Load project-level symbol table entries from cache
SONARPY-1199 Avoid scanning files that don't need to be analyzed
SONARPY-1201 Add integeration tests for incremental PR analysis
SonarPython 3.21.0.10628
Release notes - SonarPython - 3.21
False-Positive
SONARPY-1179 Update S5747 (RaiseOutsideExceptCheck) to not report an issue inside a 'except*'
SONARPY-1193 FP on rule S6304: "Granting access to all resources" should not be raised on actions without resource-level permissions
False Negative
SONARPY-1181 S5708 (CaughtExceptionsCheck) should report on except*
SONARPY-1183 S5713 (ChildAndParentExceptionCaughtCheck) should report on except*
New Feature
SONARPY-1091 Add quick fix for S4144 (DuplicatedMethodImplementationCheck)
SONARPY-1169 Support except* syntax
SONARPY-1184 Rule S6468 : ExceptionGroup and BaseExceptionGroup should not be caught in `except*` clauses
SONARPY-1217 Update API to expose data related to caching
Task
SONARPY-1194 Serialize and cache the project level symbol table
SONARPY-1195 Build a dependency graph in the project-level symbol table
SONARPY-1196 Compute impacted files from deleted files
SONARPY-1197 Load project-level symbol table entries from cache
SONARPY-1199 Avoid scanning files that don't need to be analyzed
SONARPY-1200 Upgrade protobuf version to 3.21.7
SONARPY-1201 Add integeration tests for incremental PR analysis
Improvement
SONARPY-1210 except* can not contain continue, break or return instruction
SonarPython 3.20.0.10345
Release notes - SonarPython - 3.20
Bug
SONARPY-1071 Quickfixes for S1854 should not change code execution
SONARPY-1072 S5799: Quickfixes should not change formatting
SONARPY-1077 S5719: Fix quick fix message and improve ordering
SONARPY-1188 S5717 should not provide a quick fix if the default value is not trivial
SONARPY-1191 The quick fix of S1854 (DeadStoreCheck) should remove indent before removed line
False-Positive
SONARPY-1186 S6317 should not on any wildcard identifier in resources
New Feature
SONARPY-1078 Add quick fixes for S1186 (EmptyFunctionCheck)
SONARPY-1081 Add quick fixes for S1131 (TrailingWhitespaceCheck)
SONARPY-1082 Add quick fixes for S139 (TrailingCommentCheck)
SONARPY-1088 Add quick fixes for S2316 (BackticksUsageCheck)
Improvement
SONARPY-1076 S2710: Suggest alternative quick fix to rename the first parameter
SONARPY-1176 Make use of the PolicyStatement data class for applicable CDK-related checks
SONARPY-1177 Apply default parameter annotation to CDK checks
SONARPY-1189 Improve Readme or add CONTRIBUTING.md
SonarPython 3.19.0.10254
Release notes - SonarPython - Version 3.19
Bug
SONARPY-1170 Fix the stub for aws_cdk.aws_ec2 recently added methods to have *args/**kwargs as additional parameters
New Feature
SONARPY-1162 Rule S6304: Policies granting access to all resources of an account are security-sensitive
SONARPY-1159 Rule S6463: Allowing unrestricted outbound communications is security-sensitive
SONARPY-1153 Rule S6302: Policies granting all privileges are security-sensitive
SONARPY-1145 Rule S6329: Allowing public network access to cloud resources is security-sensitive
SONARPY-1144 Rule S6270: Policies authorizing public access to resources are security-sensitive
SONARPY-1138 Rule S6333: Creating public APIs is security-sensitive
SONARPY-1135 Rule S6321: Administration services access should be restricted to specific IP addresses
SONARPY-1063 Rules support PCI DSS Security Standard
Task
SONARPY-1185 Update analyzer-commons to version 2.0
SonarPython 3.18.0.10116
Release notes - SonarPython - Version 3.18
Documentation
SONARPY-1134 Fix broken link in documentation
New Feature
SONARPY-1130 Rule S6319: Using unencrypted SageMaker notebook instances is security-sensitive
SONARPY-1127 Rule S4423: Weak SSL/TLS protocols should not be used
SONARPY-1119 Rule S5332: Using clear-text protocols is security-sensitive - Adding python CDK
SONARPY-1118 Rule S6332: Using unencrypted EFS file systems is security-sensitive
SONARPY-1117 Rule S6303: Using unencrypted RDS databases is security-sensitive
SONARPY-1116 Rule S6308: Using unencrypted OpenSearch domains is security-sensitive
SONARPY-1114 Rule S6327: Using unencrypted SNS topics is security-sensitive
SONARPY-1113 Rule S6330: Using unencrypted SQS queues is security-sensitive
SONARPY-1110 Rule S6275: Using unencrypted EBS volumes is security-sensitive