- This is the first release with SpotBugs under the hood.
- Plugins updated FB-contrib 7.0.0 and FindSecurityBugs 1.6.0 are included.
- Multiples fixes related to SonarQube new versions.
3.5.0 (2017-06-02)
Implemented enhancements:
- FindBugs Security JSP can conflict with other plugins #67
- Missing project name in "This project contains Java source files that are not compiled" error #65
- Don't use deprecated sonar classes #62
- Update fb-contrib to v.6.8.0 #58
- Update find-sec-bugs to v.1.5.0 #57
- Add basic syntax highlighter #84 #104 (h3xstream)
- [#65] Add project path to error messages #76 (szpak)
- #51: Find issues in nonstandard source file layouts #73 (KLBonn)
Fixed bugs:
- Findbugs plugin still being started when no rule enabled #87
- Generating too much logs for findsec bug rules #78
- ArrayIndexOutOfBoundsException with sonar-findbugs-plugin(3.4.4) #75
- FindBugs Security JSP can conflict with other plugins #67
- Bugs are in findbugs-result xml but not displayed in sonar dashboard for test classes. #66
- Warning not reported for package private classes inside source file of other class #53
- Cannot match classes to source files when not using default project layout #51
- Findbugs needs sources to be compiled. Please build project before executing sonar or check the location of compiled classes to make it possible for Findbugs to analyse your project. #49
Closed issues:
- Problem with Findbugs of SonarQube-5.6.6 version. #103
- finbugs version that contains findsecbugs 1.6.0? #101
- Upgrade to find-sec-bugs 1.6.0 #88
- Can not execute Findbugs #86
- Lacking FindBugs rules after upgrade #85
- Incompatibility with SQ 6.4 because of code colorizer API #84
- Why is the latest release 3.4.4 not available on Maven Central ? #82
- The class '...' could not be match to its original source file. #77
- Compiled classes in JARs not recognized #71
- Update plugin in Update Center #64
- RequireFilesSize failed for sonar-findbugs-plugin.jar size #60
- Configure the project to be analysed on SonarQube.com #31
Merged pull requests:
- bump up SpotBugs version #102 (KengoTODA)
- Update version information #99 (marschall)
- Register experimental rules #98 (marschall)
- fb-contrib 7.0.0 findsecbugs 1.6.0 #97 (kzaikin)
- Work around CVE-2017-7957 #96 (marschall)
- Document SpotBugs usage #94 (marschall)
- Remove JSP Colorizer #93 (marschall)
- Update dependencies #92 (marschall)
- FYI: Replace FindBugs 3.0.1 with SpotBugs 3.1.0-RC1 #90 (KengoTODA)
- [#77] Change bytecode to source mapping #81 (pstibrany)
- Update versions in .groovy, generate descriptions for sonar #58 #63 (kzaikin)
- Update jar size limits #61 (kzaikin)
- Update fb_contrib to 6.8.0, find_sec_bugs to 1.5.0 #59 (kzaikin)