Releases: SonarSource/sonar-php
3.38.0.12239
Release notes - SonarPHP - 3.38
New Feature
SONARPHP-1017 S5797: Constants should not be used as conditions
Improvement
SONARPHP-1471 Adopt the new Clean Code Taxonomy
3.37.0.12086
Release notes - SonarPHP - 3.37
Bug
SONARPHP-1498 Crash (Stack Overflow) when scanning a file from the Drupal project
SONARPHP-1503 PHPstan report is not imported UnsupportedOperationException: null
False-Positive
SONARPHP-1508 S1764 should not report exponent operator "**"
New Feature
SONARPHP-1505 Add STIG metadata support
SONARPHP-1509 Implement a FrameworkDetectionVisitor to identify usage of the Drupal framework
SONARPHP-1512 Allow users to deactive the Drupal Framework detection and adaption of rules
Improvement
SONARPHP-1502 Import of PHPUnit test reports should allow specifying multiple files
SONARPHP-1510 Adapt S100 to change the default pattern based on the identified Framework
SONARPHP-1511 Adapt S1781 to change the behavior based on the identified Framework
SONARPHP-1513 Scanner constructor should be provided a charset directly instead of its name
SONARPHP-1514 S1131 should skip lines with very common last characters
SONARPHP-1516 Analyzer should avoid pattern recompilation
SONARPHP-1517 Remove the usage of `LinkedList` in `IteratorUtils`
3.36.0.11813
Release notes - SonarPHP - 3.36
- Update rule descriptions
3.35.0.11659
Release notes - SonarPHP - 3.35
Bug
SONARPHP-1491 Ensure CPD tokens for readonly property promotion are submitted in the right order
False-Positive
SONARPHP-1381 S905 should not raise issue on string concatenation if separate function is called
SONARPHP-1383 FP S5856 Regex: Expected octal digit, but found '\'
SONARPHP-1390 S5328 should not raise issue in specific case when session id is not user supplied
SONARPHP-1391 S2068 should not raise issue on invalid uri
SONARPHP-1395 S122 should have a clearer message in case of multiple function expressions per line
SONARPHP-1399 S3699 Do not raise issue when method is overridden
SONARPHP-1453 S3415 should not raise an issue when expected is a field of a parameter
SONARPHP-1490 S2201: ignored return value of strtok() should not be reported as an issue
False Negative
SONARPHP-1400 S4423 should raise if sensitive value is assigned into an existing array
Improvement
SONARPHP-1414 S1820 include promoted property in our count of fields
SONARPHP-1415 S107 adapt rule to exclude promoted properties in its count
SONARPHP-1467 S4144 Align logic for top-level functions and class methods
SONARPHP-1480 Deprecate rule S6339
SONARPHP-1486 Deprecate rule S4792
SONARPHP-1495 S1820 should not count constants as fields
3.34.0.11311
SonarPHP - 3.34
Improvement
SONARPHP-1468 Use Java 17 to build project
SONARPHP-1477 Support on-demand plugin downloading
3.33.0.11274
Release notes - SonarPHP - 3.33
- Update rule descriptions to include Learn as You Code changes
False-Positive
SONARPHP-1476 S1144 should not raise an issue when a magic method is available via a trait
3.32.0.10180
Release notes - SonarPHP - 3.32
Bug
SONARPHP-1374 Wrong line detected for S1757
SONARPHP-1441 Solve ruling test results due to nondeterministic symbol creation
False-Positive
SONARPHP-1373 S2046 should not raise an issue for a shebang line
SONARPHP-1379 S4144 should not raise an issue when number of parameters or declared return type differ
SONARPHP-1387 S5899 public static methods should not raise issue on test discoverable
SONARPHP-1394 S115 raises issue if namespace is defined in constant
SONARPHP-1396 S5785 assertSame is suggested, but assertTrue will be better
SONARPHP-1397 S125 should not be raised on annotations that follow a comment opener
SONARPHP-1401 S2187 should not raise an issue when there are test methods in a parenting test class
SONARPHP-1407 S1185 should not raise an issue when method input parameters have different type declarations or change in signature visibility
SONARPHP-1408 S1144 should not raise an issue when a private method is called externally via the magic method __call()
SONARPHP-1412 S1848 Allow object creation for format validation when used in try-catch block
SONARPHP-1413 S2187 does not recognize test methods with attributes
SONARPHP-1440 S1144 raises an issue when a private method is used as a first class callable
Improvement
SONARPHP-1366 Get rid of `SetUtils::immutableSetOf`
SONARPHP-1376 Change title of S1200 and add secondary location to clarify detection logic
SONARPHP-1377 S1131 should only highlight the useless trailing whitespace
SONARPHP-1410 S117 allow use of underscore in variables
SONARPHP-1460 S4144 Add exceptions for simple return statements
3.31.0.9993
Release notes - SonarPHP - 3.31
False-Positive
SONARPHP-1378 S2001 should not raise an issue in case the FQN is not a deprecated function name
SONARPHP-1385 S3415 wrong arguments order in assertInstanceOf
SONARPHP-1386 S3415 wrong arguments order in assertSame($expected, $actual);
SONARPHP-1392 S1451 raises issue when header is included
New Feature
SONARPHP-1411 Support Anonymous readonly classes
SONARPHP-1430 Add support for typehinting class constants
Improvement
SONARPHP-1143 Remove dependency on guava
SONARPHP-1422 Make use of `InputFile::md5Hash()` for Streamlined File Fingerprinting
3.30.0.9766
3.29.0.9684
Release notes - SonarPHP - 3.29
Bug
SONARPHP-1356 UnknownMethodSymbols should provide the correct FQN
SONARPHP-1370 S2068 leads to crash in updated projects
False-Positive
SONARPHP-1363 Concatenation with parentheses on construct param should not raise an issue S6600
SONARPHP-1375 S4833 should not raise issue on autoload import
New Feature
SONARPHP-1297 Use Attributes and PhpDoc Comments to suppress specific Rules
SONARPHP-1347 New Rule: Parentheses should not be used for calls of language constructs
SONARPHP-1350 Rule S6437: Credentials should not be hard-coded
SONARPHP-1351 Rule S2068: Move functions to S6437
SONARPHP-1359 Don't create CPD tokens for PHP attributes
SONARPHP-1364 Log a warning when undeclared test files are identified
Improvement
SONARPHP-1178 Move PHPUnit report importing to dedicated sensor
SONARPHP-1352 Reduce log level for failing symbol creation to DEBUG
SONARPHP-1354 Do not depend on a local file system when accessing InputFile
SONARPHP-1362 Deprecate rule S2041
SONARPHP-1371 S2068 issue message should start with an uppercase letter