SonarSource/sonar-java 6.14.0.25463

on GitHub

    Release Notes - SonarJava - Version  6.14.0.25463

Task

• [SONARJAVA-3702] - Rule S3066: change rule type to Code-Smell
• [SONARJAVA-3703] - Add custom rules examples from tutorial in repository
• [SONARJAVA-3708] - Rule S3751: change rule type to Code-Smell
• [SONARJAVA-3709] - Deprecate S3369
• [SONARJAVA-3727] - Update rules metadata

Improvement

• [SONARJAVA-3215] - S1166 add heuristics to support custom log frameworks
• [SONARJAVA-3558] - Issue filter should extends its filter to IDE-specific suppressed warnings
• [SONARJAVA-3568] - S5852 should use automata to increase its accuracy
• [SONARJAVA-3624] - Regex FP/FN with Supplementary Multilingual Plane
• [SONARJAVA-3629] - Improve S6002 RegexLookaheadCheck to support negative lookahead
• [SONARJAVA-3636] - Improve secondary message for regex rules when issues are reported across different string literals
• [SONARJAVA-3689] - Improve rule S110 to not report when hierarchy is too big already in library code
• [SONARJAVA-3701] - Prepare the move of the regex parser into its own project
• [SONARJAVA-3729] - Change S4434 to a security-hotspot
• [SONARJAVA-3730] - Add an exception to rule S121 for early returns
• [SONARJAVA-3733] - ReDoS: Don't call cubic and worse runtimes quadratic
• [SONARJAVA-3735] - Upgrade ECJ to 3.25.0

False-Positive

• [SONARJAVA-3570] - Relax Rule S5411 for boxed booleans if there is a null-checked before
• [SONARJAVA-3603] - FP on S4276 when Function is using "compose" or "andThen" methods
• [SONARJAVA-3625] - Possible FP in S5998 when using backreferences to large groups
• [SONARJAVA-3631] - FP in S6001 parsing of multi-digit backreferences
• [SONARJAVA-3635] - S2384 should not raise an issue when mutable members in temporary variable are not stored
• [SONARJAVA-3669] - S2325 should not raise on empty methods
• [SONARJAVA-3696] - S2755 should not raise when a xml document is build
• [SONARJAVA-3706] - FP in S2384, S2386: support any unmodifiable and immutable methods
• [SONARJAVA-3713] - FP in S5852 (ReDoS) involving possessive quantifiers
• [SONARJAVA-3747] - FPs in S5852 when repetition overlaps with non-repetition part

False Negative

• [SONARJAVA-2745] - FN on S2142: no issue raised when catching the generic Exception
• [SONARJAVA-3639] - FN in S5994 when `*+` is followed by a repetition
• [SONARJAVA-3640] - FN in S6002 for full matches and anchored patterns
• [SONARJAVA-3641] - FN in S5998
• [SONARJAVA-3653] - S5996 should raise issues even if the regex can match the empty string
• [SONARJAVA-3710] - Include Eclipse’s NonNullByDefault annotation on nonNullFields check