Releases: SonarSource/sonar-python
Releases · SonarSource/sonar-python
sonar-python 3.1
Release Notes - SonarPython - Version 3.1
Bug
- [SONARPY-783] - Fix parse error on explicit line joining with empty line and dedent
- [SONARPY-788] - Fix parse error on annotated assignment for Python 3.8
New Feature
- [SONARPY-740] - RSPEC-5864 Equality between incompatible types
- [SONARPY-741] - RSPEC-5864 Identity check between incompatible types
- [SONARPY-742] - RSPEC-5864 Operations on incompatible types
- [SONARPY-743] - RSPEC-5864 Calling a non-callable type
- [SONARPY-744] - RSPEC-5864 Item operations should be done on objects supporting them
- [SONARPY-745] - RSPEC-5864 Iteration operation on a non-iterable type
- [SONARPY-747] - RSPEC-5864 'raise' used with a non-exception type
- [SONARPY-751] - RSPEC-5886 Function return types should be consistent with their type hint
- [SONARPY-778] - RSPEC-5890 Values assigned to variables should match their type annotations
- [SONARPY-786] - RSPEC-3827 Extract detection of never defined variable in a separate rule (RSPEC-5953)
False-Positive
- [SONARPY-689] - Update the default regex of rule S100 and S1542 to not raise on short names
- [SONARPY-690] - Update the default regular expression of rule S101 to not raise on valid PEP-8 class names
- [SONARPY-700] - Fix FP on S905 when contextlib.supress is used
- [SONARPY-716] - Rule S3516 raises False Positives on methods which have an implicit return None.
- [SONARPY-719] - S107 default threshold is too low and it miscounts parameters
- [SONARPY-720] - Fix FP on S5953 when using wildcard imports
- [SONARPY-777] - Fix FP on S1764 when expressions contain function calls
- [SONARPY-780] - Fix FP on ArgumentTypeCheck when parameter is declared as object
- [SONARPY-785] - Fix FP on S1764 for expressions in try/except blocks
- [SONARPY-789] - S5953: Avoid raising on names prefixed with underscore
sonar-python 3.0
Release Notes - SonarPython - Version 3.0
Bug
- [SONARPY-756] - Fix FP on S1656 when using deprecated built-in functions
New Feature
- [SONARPY-710] - Add API to access symbols generated from stub files
- [SONARPY-748] - Disable Pylint execution mode
- [SONARPY-749] - Update import of Pylint issues and enable Pylint plugins reports
- [SONARPY-752] - Update documentation for Pylint report importing
Improvement
- [SONARPY-693] - S5122 should support "response.headers.add" syntax
- [SONARPY-694] - S3330 should raise a Security Hotpost when Flask is configured to create session cookie with HttpOnly=False
- [SONARPY-724] - Introduce type declarations for third-party Python libraries using custom Python stub files
sonar-python 2.13
Release Notes - SonarPython - Version 2.13
Bug
- [SONARPY-734] - Fix Memory Leak in S5806 (BuiltinShadowingAssignment) implementation
New Feature
- [SONARPY-470] - Rule S5756: Calls should not be made to non-callable values
- [SONARPY-504] - Rule S5607: Operators should be used on compatible types
- [SONARPY-514] - Rule S2755: XML parsers should not be vulnerable to XXE attacks
- [SONARPY-517] - Rule S5644: Item operations should be done on objects supporting them
- [SONARPY-591] - Rule S3862: Iterable unpacking, "for-in" loops and "yield from" should use an Iterable object
- [SONARPY-722] - Flow sensitive type inference
Improvement
- [SONARPY-723] - Update vulnerable dependencies
- [SONARPY-728] - Improve secondary locations for type inference issues
SonarPython 2.12
Release Notes - SonarPython - Version 2.12
New Feature
- [SONARPY-675] - Rule S5799: Implicit string and byte concatenations should not be confusing
- [SONARPY-676] - Rule S5806: Builtins should not be shadowed
- [SONARPY-678] - Rule S5807: Only defined names should be listed in "__all__"
- [SONARPY-679] - Rule S2823: Only strings should be listed in "__all__"
- [SONARPY-685] - Rule S3457: Strings should be formatted correctly
- [SONARPY-686] - Rule S2275: String formatting should not fail
- [SONARPY-688] - Rule S5828: The "open" builtin should be called with a valid mode
- [SONARPY-695] - Typeshed: Support packages without transitive module resolution
- [SONARPY-696] - Typeshed: Support importing of submodules
False-Positive
- [SONARPY-699] - Fix FP on S1481: variables used as a nested format specification in f-string
- [SONARPY-713] - RSPEC-5708 (CaughtExceptionsCheck) shouldn't raise on variables holding tuples
sonar-python 2.11
Release Notes - SonarPython - Version 2.11
Bug
- [SONARPY-687] - Analysis stuck when computing type of a long sequence of binary expressions
New Feature
- [SONARPY-216] - Rule S2201: Return values from functions without side effects should not be ignored
- [SONARPY-467] - Rule S5549: Function arguments should be passed only once
- [SONARPY-650] - Rule S2836 - Loops without "break" should not have "else" clauses
- [SONARPY-663] - Rule S5780: Expressions creating dictionaries should not have duplicate keys
- [SONARPY-664] - Rule S5781: Expressions creating sets should not have duplicate values
- [SONARPY-666] - Rule S3984: Exceptions should not be created without being raised
- [SONARPY-667] - Rule S905: Non-empty statements should change control flow or have at least one side-effect
- [SONARPY-669] - Rule S2208: Wildcard imports should not be used
- [SONARPY-672] - Rule S5797 Constants should not be used as conditions
- [SONARPY-673] - Rule S5795: Identity comparisons should not rely on interpreter's cache
- [SONARPY-674] - Rule S5796: New objects should not be created just to check their identity
Improvement
- [SONARPY-684] - Count module-level docstrings as comments
sonar-python 2.10.0.6571
Release Notes - SonarPython - Version 2.10
False-Positive
- [SONARPY-637] - FP on S5720 when using the method as a decorator
- [SONARPY-665] - FP raised by S1192 on type hints
New Feature
- [SONARPY-357] - Rule S4830: Server certificates should be verified during SSL⁄TLS connections
- [SONARPY-469] - Rule S5547: Cipher algorithms should be robust
- [SONARPY-651] - Rule S4433: LDAP connections should be authenticated
- [SONARPY-652] - Import Flake8 external issues: core rules
- [SONARPY-653] - Import Flake8 external issues: plugins rules
- [SONARPY-655] - Add property to import flake8 report paths
- [SONARPY-661] - Deprecate S5439 in favor of S5247
- [SONARPY-662] - Rule S5542 Encryption algorithms should be used with secure mode and padding scheme
- [SONARPY-668] - Rule S4502: Disabling CSRF protection is security-sensitive
- [SONARPY-682] - Add parser for Python code to plugin API
Task
- [SONARPY-648] - Declare Typeshed as git submodule
- [SONARPY-660] - Show a deprecation warning in SonarQube/SonarCloud when Pylint rules are activated
Improvement
- [SONARPY-646] - Update branding to drop 'SonarPython'
SonarPython 2.9
Release Notes - SonarPython - Version 2.9
New Feature
- [SONARPY-525] - Rule S5655: Arguments given to functions should be of an expected type
- [SONARPY-587] - Rule S1515: functions and lambdas should not reference variables defined in enclosing loops
- [SONARPY-607] - Type inference: include types defined in "typings.pyi" ("generator", "iterator", ...)
- [SONARPY-642] - Add standard library type definitions from Typeshed
Improvement
- [SONARPY-616] - FN on S5632: raise an issue when inferred type is "str"
- [SONARPY-618] - FN on S2159: Builtin functions with overloading
- [SONARPY-619] - FN on S2159: builtin functions returning generic types
- [SONARPY-639] - FN on S1045 due to missing type hierarchy for Python Builtin Exceptions
SonarPython 2.8
Release Notes - SonarPython - Version 2.8
False-Positive
- [SONARPY-628] - FP on S1226 and S1481 when the parameter is used in a raw f-string
Bug
- [SONARPY-623] - Parse error on backslash before empty line
- [SONARPY-624] - Parse error on non-ASCII character in identifier
- [SONARPY-625] - Exception thrown when highlighting symbols in nested f-string
New Feature
- [SONARPY-482] - Rule S4487 Unread "private" attributes should be removed
- [SONARPY-483] - Rule S1144: Unused class-private methods should be removed
- [SONARPY-484] - Rule S3985: Unused private nested classes should be removed
- [SONARPY-532] - Support assignment expression syntax (Python 3.8)
- [SONARPY-533] - Support positional-only parameters (Python 3.8)
- [SONARPY-534] - Iterable unpacking in yield and return statements no longer requires enclosing parentheses (Python 3.8)
- [SONARPY-540] - Assignment expressions: update LVA-based rules (Python 3.8)
- [SONARPY-541] - Assignment expressions: update rules targeting assignments (Python 3.8)
- [SONARPY-542] - Assignment expressions: update rules targeting arguments' expressions (Python 3.8)
- [SONARPY-543] - Rule S5685: Walrus operator should not make code confusing
- [SONARPY-579] - Rule S2638: Method overrides should not change contracts
- [SONARPY-583] - Rule S5717: Function parameters' default values should not be modified or assigned
- [SONARPY-584] - Rule S5719: Instance and class methods should have at least one parameter
- [SONARPY-585] - Rule S5720: "self" should be the first argument to instance methods
- [SONARPY-586] - Rule S2710: The first argument to class methods should follow the naming convention
- [SONARPY-588] - Rule S5722: Special methods should have an expected number of parameters
- [SONARPY-589] - Rule S5724: Property getter, setter and deleter methods should have the expected number of parameters
Improvement
- [SONARPY-621] - Update symbol table with assignment expressions
- [SONARPY-630] - Support equal specifiers in f-string (Python 3.8)
SonarPython 2.7
Release Notes - SonarPython - Version 2.7
New Feature
- [SONARPY-562] - Rule S5747: Bare "raise" statements should only be used in "except" blocks
- [SONARPY-563] - Rule S5704: Bare "raise" should not be used in "finally" blocks
- [SONARPY-564] - Rule S1045: All "except" blocks should be able to catch exceptions
- [SONARPY-566] - Rule S5754: "SystemExit" should be re-raised
- [SONARPY-567] - Rule S5706: Special method "__exit__" should not re-raise the provided exception
- [SONARPY-568] - Rule S5708: Caught Exceptions must derive from BaseException
- [SONARPY-569] - Rule S5709: Custom Exception classes should inherit from "Exception" or one of its subclasses
- [SONARPY-570] - Rule S112: "Exception" and "BaseException" should not be raised
- [SONARPY-571] - Rule S5712: Some special methods should return "NotImplemented" instead of raising "NotImplementedError"
- [SONARPY-572] - Rule S5714: Boolean expressions of exceptions should not be used in "except" statements:
- [SONARPY-573] - Rule S1143: Break, continue and return statements should not occur in "finally" blocks
- [SONARPY-574] - Rule S5713: A subclass should not be in the same "except" statement as a parent class
- [SONARPY-575] - Rule S5707: Exceptions' "__cause__" should be either an Exception or None
- [SONARPY-615] - Rule S5727: Comparison to None should not be constant
SonarPython 1.8-RC1
This release brings 2 new rules:
- Variables should not be self-assigned
- Unused local variables should be removed
It also fixes 3 false positives.
Release notes: https://jira.sonarsource.com/jira/secure/ReleaseNote.jspa?projectId=10958&version=13676