Releases: SonarSource/sonar-python
Releases · SonarSource/sonar-python
SonarPython 3.8.0.8883
Release Notes - SonarPython - Version 3.8
Bug
- [SONARPY-898] - Avoid failing on older SonarLint
- [SONARPY-925] - Project Python version should be set to `MAX_SUPPORTED_VERSION` when setting 'sonar.python.version=3.11 or more'
- [SONARPY-931] - Fix parse error: assignment expression within subscription
- [SONARPY-932] - Fix parse error: decorators can be any valid expression
- [SONARPY-933] - Fix parse error: lambda parameter list can have a trailing comma
New Feature
- [SONARPY-908] - Basic support of match / case statement
- [SONARPY-914] - Match / case statement: support sequence patterns
- [SONARPY-915] - Match / case statement: support mapping patterns
- [SONARPY-916] - Match / case statement: support class patterns
- [SONARPY-917] - Match / case statement: support wildcard and group patterns
- [SONARPY-918] - Match / case statement: as patterns
- [SONARPY-919] - Match / case statement: OR patterns
- [SONARPY-924] - Add Python 3.10 to supported versions
- [SONARPY-929] - Match / case statement: support value patterns
- [SONARPY-934] - Support syntax highlighting for match / case keyword
False-Positive
- [SONARPY-909] - S5953 (Undefined symbols) Avoid FP with names bound in match/case statements
- [SONARPY-913] - S1854 (DeadStore): take into account statements inside match / case
SonarPython 3.7.0.8753
Bug
- [SONARPY-860] - Parse error on `with` statements with parens
New Feature
- [SONARPY-882] - Rule S5850: Alternatives in regular expressions should be grouped when used with anchors
- [SONARPY-883] - Rule S6019 Reluctant quantifiers in regular expressions should be followed by an expression that can't match the empty string
- [SONARPY-884] - Rule S6035 Single-character alternations in regular expressions should be replaced with character classes
- [SONARPY-885] - Rule S5996 Regex boundaries should not be used in a way that can never be matched
- [SONARPY-886] - Rule S5855 Regex alternatives should not be redundant
- [SONARPY-887] - Extend existing RegexParser to parse Python regular expressions
- [SONARPY-888] - Rule S5868 Unicode Grapheme Clusters should be avoided inside regex character classes
- [SONARPY-889] - Rule S5869 Character classes in regular expressions should not contain the same character twice
- [SONARPY-891] - Rule S5857 Character classes should be preferred over reluctant quantifiers in regular expressions
- [SONARPY-892] - Rule S6002 Regex lookahead assertions should not be contradictory
- [SONARPY-893] - Rule S5843 Regular expressions should not be too complicated
- [SONARPY-894] - Rule S5842 Regex repetition pattern's body should not match the empty String
- [SONARPY-895] - Rule S5361 "str.replace" should be preferred to "re.sub"
- [SONARPY-923] - Analyze regex in variables whose values we can infer
Task
- [SONARPY-911] - Provide global regex flags to the parser
SonarPython 3.6.0.8488
Release Notes - SonarPython - Version 3.6
New Feature
- [SONARPY-631] - Add a python version parameter and raise a warning when it is not set
- [SONARPY-867] - Use serialized "annoy" library from TypeShed
- [SONARPY-870] - Use serialized version of TypeShed core modules (builtins and its dependencies)
Improvement
- [SONARPY-881] - Support medium-size projects accurate analysis in SonarLint
Documentation
- [SONARPY-861] - Show "custom rules" documentation only in SonarQube
- [SONARPY-875] - Fix broken links in embedded documentation
SonarPython 3.5.0.8244
Release Notes - SonarPython - Version 3.5
Sub-task
- [SONARPY-851] - Introduce PythonIndexer to wrap Project Symbol Table
- [SONARPY-852] - Declare PythonIndexer as SonarLint component with module scope
New Feature
- [SONARPY-845] - Create and persist project symbols in SonarLint analyses
- [SONARPY-847] - Activate Project Symbol Table in SonarLint only for small/medium projects
- [SONARPY-848] - Update project-level symbols when a file is changed in SonarLint
- [SONARPY-857] - Add cross-file secondary location for SonarLint
Task
- [SONARPY-842] - Add missing remediation functions
- [SONARPY-854] - Use released version of dependencies
False-Positive
- [SONARPY-859] - Fix FP on S2325 for decorated methods
SonarPython 3.4.1.8066
Release Notes - SonarPython - Version 3.4.1
Task
- [SONARPY-843] - Update dependencies to latest version when possible
SonarPython 3.4.1.8063
Release Notes - SonarPython - Version 3.4.1
Task
- [SONARPY-843] - Update dependencies to latest version when possible
SonarPython 3.4.1
Release Notes - SonarPython - Version 3.4.1
Task
- [SONARPY-843] - Update dependencies to latest version when possible
SonarPython 3.4
Release Notes - SonarPython - Version 3.4
Improvement
- [SONARPY-839] - Upgrade Apache commons-io dependency to 2.8
sonar-python 3.3
Release Notes - SonarPython - Version 3.3
New Feature
- [SONARPY-825] - Rule S2257: Using non-standard cryptographic algorithms is security-sensitive
- [SONARPY-826] - Rule S2612: Setting loose POSIX file permissions is security-sensitive
- [SONARPY-828] - Rule S3329: Cipher Block Chaining IV's should be random and unique
- [SONARPY-829] - Rule S5659: JWT should be signed and verified with strong cipher algorithms
- [SONARPY-831] - Rule S3752: Allowing both safe and unsafe HTTP methods is security-sensitive
Improvement
- [SONARPY-833] - Add message to secondary locations
SonarPython 3.2
Release Notes - SonarPython - Version 3.2
Bug
- [SONARPY-799] - Avoid StackOverflow Error in presence of loop in class inheritance
- [SONARPY-827] - Rule S5780 (DictionaryDuplicateKeyCheck) should not fail when comparing hex long integers
New Feature
- [SONARPY-791] - S4790 should support "cryptography.hazmat.primitives.hashes"
- [SONARPY-818] - Parser should allow decorators to be any valid expression
- [SONARPY-819] - Update Typeshed to support Python 3.9
- [SONARPY-820] - Type inference: standard collections as generics
- [SONARPY-822] - Type inference: support typing.Annotated
Task
- [SONARPY-798] - S4784 should be deprecated because it's too noisy
- [SONARPY-821] - Update license file headers
False-Positive
- [SONARPY-704] - Rule S4790 should raise only for weak hashs
- [SONARPY-814] - RSPEC-1481 (UnusedLocalVars) should not raise on annotated assignments without RHS
- [SONARPY-815] - RSPEC-1481 (UnusedLocalVars) should not raise on vars used inside f-strings containing conditional expressions
- [SONARPY-816] - S1720 should not raise on empty __init__.py
- [SONARPY-817] - InsufficientLineCoverage shouldn't raise issues on empty __init__.py
- [SONARPY-823] - RSPEC-5607 should not report on Python 3.9 dict union operator