Releases: SonarSource/SonarJS
10.9.0
What's Changed
- Add support for Sass syntax by @yassin-kammoun-sonarsource in #4306
- Tag RSPECs of JS/TS rules relying on type information by @yassin-kammoun-sonarsource in #4309
- Create rule S6836: "case" and "default" clauses should not contain lexical declarations by @yassin-kammoun-sonarsource in #4312
- Improve logging of JavaScript files type-checking in SonarLint context by @yassin-kammoun-sonarsource in #4311
- Improve S6544 (
no-misused-promises
): Report on the function's main token by @yassin-kammoun-sonarsource in #4313 - Only accept supported web languages for CSS analysis (and activate SASS by default) by @ilia-kebets-sonarsource in #4308
- Optimize plugin download on SonarCloud by @saberduck in #4314
- Ignore file size limits for CSS by @ilia-kebets-sonarsource in #4316
- Fix project size calculation for JavaScript type-checking in SonarLint context by @yassin-kammoun-sonarsource in #4317
- Fix FP S3800 (
function-return-type
): Make the exception of returning at least onethis
instead of allthis
by @ilia-kebets-sonarsource in #4320 - Fix FP S138 (
sonar-max-lines-per-function
): Ignore React Functional Components implemented as arrow function by @ilia-kebets-sonarsource in #4318 - Fix FP S4662 (
at-rule-no-unknown
): Ignore "@contain" by default by @yassin-kammoun-sonarsource in #4319 - Improve S6478 (
no-unstable-nested-components
): Replace message and refine location by @yassin-kammoun-sonarsource in #4323 - Fix FP S4023 (
no-empty-interface
): Ignore when extending external interfaces by @yassin-kammoun-sonarsource in #4326 - New implementation of S109
sonar-no-magic-numbers
by @saberduck in #4324 - Improve S4156 (
prefer-namespace-keyword
): Report on the "module" keyword by @yassin-kammoun-sonarsource in #4329 - Deprecate Node.js 16 by @saberduck in #4325
- Improve S5869 (
duplicates-in-character-class
): Mention character class escapes by @yassin-kammoun-sonarsource in #4331 - Fix FP S2699 (
assertions-in-tests
): add support forvitest
library by @ilia-kebets-sonarsource in #4335 - Upgrade embedded Node.js runtime to 20.9.0 by @ilia-kebets-sonarsource in #4333
- Fix regex-related rules: Skip issues with inconsistent locations by @vdiez in #4337
- Create rule CSS:S125: Sections of code should not be commented out by @yassin-kammoun-sonarsource in #4338
- Update eslint-plugin-sonarjs to v0.22.0 by @vdiez in #4347
This release will be part of SonarQube 10.3
Milestone: https://github.com/SonarSource/SonarJS/milestone/81?closed=1
10.8.0
What's Changed
MMF-2996: First-class React: Accessibility (part 1 of 2)
- Add rule S1082 (
mouse-events-a11y
): Mouse events should have corresponding keyboard events (#4301) by @saberduck - Modify rule S6747 (
no-unknown-property
): addjsx-a11y/aria-props
by @ilia-kebets-sonarsource - Add rule S6793 (
jsx-a11y/aria-proptypes
): ARIA properties in DOM elements should have valid values (#4265) by @ilia-kebets-sonarsource - Add rule S6807 (jsx-a11y/role-has-required-aria-props): DOM elements with ARIA roles should have the required properties by @alexander-kamushkin-sonarsource
- Add rule S6811 (
jsx-a11y/role-supports-aria-props
): DOM elements with ARIA role should only have supported properties (#4264) by @alexander-kamushkin-sonarsource - Add rule S6819 (
jsx-a11y/prefer-tag-over-role
): Prefer tag over ARIA role (#4267) by @alexander-kamushkin-sonarsource - Add rule S6821 (
jsx-a11y/aria-role
): DOM elements with ARIA roles should have a valid non-abstract role (#4268) by @ilia-kebets-sonarsource - Add rule S6822 (
jsx-a11y/no-redundant-roles
): No redundant ARIA role (#4270) by @alexander-kamushkin-sonarsource - Add rule S6823 (
jsx-a11y/aria-activedescendant-has-tabindex
): DOM elements with thearia-activedescendant
property should be accessible via the tab key (#4277) by @ilia-kebets-sonarsource - Add rule S6824 (
jsx-a11y/aria-unsupported-elements
): No ARIA role or property for unsupported DOM elements (#4275) by @ilia-kebets-sonarsource - Add rule S6825 (
jsx-a11y/no-aria-hidden-on-focusable
): Focusable elements should not havearia-hidden
attribute (#4292) by @alexander-kamushkin-sonarsource - Add rule S6827 (
jsx-a11y/anchor-has-content
): Anchors should contain accessible content (#4296) by @ilia-kebets-sonarsource
MMF-3393: Better diagnostics of memory issues
- Log memory configuration when bridge starts (#4263) by @saberduck
- Delegate analysis-related HTTP requests to a worker thread (#4261) by @yassin-kammoun-sonarsource
- Improve message when running in Docker (#4269) by @saberduck
- Handle out-of-memory errors in the worker thread (#4273) by @yassin-kammoun-sonarsource
- Improve reporting of memory size in docker env (#4274) by @saberduck
- Report heap usage status with sonar.javascript.node.debugMemory (#4294 by @saberduck
Miscellaneous
- Move css rule to a separate folder (#4201) by @alexander-kamushkin-sonarsource
- Refactor npm scripts (#4203) by @ilia-kebets-sonarsource
- Add sanity check on adding a new rule property (#4222) by @yassin-kammoun-sonarsource
- Clean up Git submodules and ruling tests (#4224, #4252) by @victor-diez-sonarsource
- Fix unescaped regexp chars and remove SQ exclusion (#4257) by @alexander-kamushkin-sonarsource
- Update babel to 7.23.2 to fix babel/traverse vulnerability (#4298) by @alexander-kamushkin-sonarsource
This release will be part of SonarQube 10.3
Full Changelog: 10.7.0.22914...10.8.0.24207
10.7.0
What's Changed
- Add rule S6746 (
react/no-direct-mutation-state
): In Reactthis.state
should not be mutated directly by @alexander-kamushkin-sonarsource in #4145 - Add rule S6747 (
no-unknown-property
): JSX elements should not use unknown properties and attributes by @yassin-kammoun-sonarsource in #4146 - Add rule S6749 (
jsx-no-useless-fragment
): Redundant React fragments should be removed by @yassin-kammoun-sonarsource in #4147 - Create rule S6748 (
react/no-children-prop
): Reactchildren
should not be passed as prop by @alexander-kamushkin-sonarsource in #4149 - Add rule S6750 (
no-render-return-value
): The return value of "ReactDOM.render" should not be used by @yassin-kammoun-sonarsource in #4148 - Add rule S6756 (
no-access-state-in-setstate
): "setState" should use a callback when referencing the previous state by @yassin-kammoun-sonarsource in #4154 - Add rule S6754 (
hook-use-state
): The return value of "useState" should be destructured and named symmetrically by @yassin-kammoun-sonarsource in #4152 - Create rule S6757 (
react/no-this-in-sfc
):this
should not be used in functional components by @alexander-kamushkin-sonarsource in #4155 - Add rule S6759 (
prefer-read-only-props
): React props should be read-only by @yassin-kammoun-sonarsource in #4157 - Add rule S6763 (
no-redundant-should-component-update
): "shouldComponentUpdate" should not be defined when extending "React.PureComponent" by @yassin-kammoun-sonarsource in #4160 - Add rule S6761 (
react/no-danger-with-children
):children
anddangerouslySetInnerHTML
should not be used together by @alexander-kamushkin-sonarsource in #4163 - Add rule S6767 (
no-unused-prop-types
): Unused React typed props should be removed by @yassin-kammoun-sonarsource in #4165 - Add rule S6766 (
react/no-unescaped-entities
): JSX special characters should be escaped by @alexander-kamushkin-sonarsource in #4166 - Add rule S6770 (
jsx-pascal-case
): User-defined JSX components should use Pascal case by @yassin-kammoun-sonarsource in #4169 - Add rule S6772 (
react/jsx-child-element-spacing
): Spacing between inline elements should be explicit by @alexander-kamushkin-sonarsource in #4171 - Add rule S6775 (
react/default-props-match-prop-types
): All defaultProps should have non-required PropType by @alexander-kamushkin-sonarsource in #4176 - Add rule S6774 (
prop-types
): React components should validate prop types by @yassin-kammoun-sonarsource in #4174 - Fix FP S6766 (
react/no-unescaped-entities
): Remove'
and"
from the list of forbidden entitiles by @alexander-kamushkin-sonarsource in #4181 - Fix FP S6759 (
prefer-read-only-props
): Restrict the scope to functional components by @yassin-kammoun-sonarsource in #4182 - Fix windows build issues by @alexander-kamushkin-sonarsource in #4189
- [MMF-2861] Embed Node.js runtime in analyzer by @saberduck in #4150
- Fix FP S6749 (
jsx-no-useless-fragment
): Ignore empty React fragments by @yassin-kammoun-sonarsource in #4193 - Bundled Node.js runtime: add MacOS x64 support by @ilia-kebets-sonarsource in #4194
New Contributors
- @david-cho-lerat-sonarsource made their first contribution in #4177
This release will be part of SonarQube 10.3
Full Changelog: 10.6.0.22520...10.7.0.22914
10.6.0
What's Changed
- prepare next development iteration: 10.6.0 by @ilia-kebets-sonarsource in #4093
- Remove unused code by @victor-diez-sonarsource in #4087
- Avoid circular dependencies between packages by @victor-diez-sonarsource in #4097
- Add quick fix for S6326: Regular expressions should not contain multiple spaces by @yassin-kammoun-sonarsource in #4096
- Allow comment-based fixtures to be named
*.fixture.<ext>
instead ofcb.fixture.<ext>
by @yassin-kammoun-sonarsource in #4099 - Improve S5689: Use different messages if sensitive header is set explicitely or by default by @ilia-kebets-sonarsource in #4100
- Fix Babel fallback for JS files by @victor-diez-sonarsource in #4088
- Allow Stylelint imports for projects without CSS files by @victor-diez-sonarsource in #4102
- Improve S2699 (
assertions-in-tests
): Support Sinon.JS assertion statements by @ilia-kebets-sonarsource in #4095 - Allow having duplications when importing issues by @victor-diez-sonarsource in #4101
- Improve S2068: Ignore linted files from l10n folders by @yassin-kammoun-sonarsource in #4104
- Remove S2814 (
no-redeclare
) for TypeScript by @ilia-kebets-sonarsource in #4098 - Fix S6535 (unnecessary-character-escapes): Disambiguate conflicting message ids by @yassin-kammoun-sonarsource in #4108
- Log the filename for which an issue is saved by @yassin-kammoun-sonarsource in #4111
- Fix S2699 (
assertions-in-tests
): infinite loop by @ilia-kebets-sonarsource in #4119 - Update metadata for the external rules by @alexander-kamushkin-sonarsource in #4107
- Rename remaining ESLint bridge-related components by @yassin-kammoun-sonarsource in #4121
- Add Node.js 20 as a possible recommended version by @yassin-kammoun-sonarsource in #4110
- Improve S1874 (
deprecation
): Report deprecations from TypeScript compiler by @yassin-kammoun-sonarsource in #4122 - Change run-node error message when Node.js is not found by @victor-diez-sonarsource in #4112
- Fix FP S4123 (
no-invalid-await
): Improve thenable type detection by @yassin-kammoun-sonarsource in #4123 - Update metadata by @yassin-kammoun-sonarsource in #4124
Full Changelog: 10.5.1.22382...10.6.0.22520
Part of SonarQube 10.3
10.5.1
Small fix release, because we forgot to include the eslint-plugin-sonarjs
update in 10.5.0
milestone: https://github.com/SonarSource/SonarJS/milestone/78?closed=1
This release will be part of SonarQube 10.2
10.5.0
milestone: https://github.com/SonarSource/SonarJS/milestone/76?closed=1
This release will be part of SonarQube 10.2
10.4.0
What's Changed
- Prepare next development iteration by @saberduck in #4023
- Add rule S6653 (
prefer-object-has-own
): Use Object.hasOwn static method instead of hasOwnProperty by @alexander-kamushkin-sonarsource in #4018 - Add rule S6660 (
no-lonely-if
):If
statements should not be the only statement inelse
blocks by @alexander-kamushkin-sonarsource in #4022 - Upgrade sonar-lits-plugin to 0.11.0.2659 by @Godin in #4017
- Add rule S6661 (
prefer-object-spread
): Object spread syntax should be used instead ofObject.assign
by @alexander-kamushkin-sonarsource in #4024 - Update ruling results formatting due to sonar-lits-plugin change by @alexander-kamushkin-sonarsource in #4026
- Add rule S6666 (
prefer-spread
): Spread syntax should be used instead of apply() by @alexander-kamushkin-sonarsource in #4029 - Add rule S6671 (
prefer-promise-reject-errors
): Literals should not be used for promise rejection by @alexander-kamushkin-sonarsource in #4030 - Add rule S1199 (
no-lone-block
): Nested code blocks should not be used by @alexander-kamushkin-sonarsource in #4032 - Add rule S6676 (
no-useless-call
): Calls to .call() and .apply() methods should not be redundant by @alexander-kamushkin-sonarsource in #4033 - Add rule S1068 (
no-unused-private-class-members
): Unused private class members should be removed by @alexander-kamushkin-sonarsource in #4034 - Update "submit review" and "request review" actions to work for projectsV2 by @ilia-kebets-sonarsource in #4012
- Update S1523 (
code-eval
): merge ESLintno-script-url
by @alexander-kamushkin-sonarsource in #4037 - Add rule S6679 (
no-self-compare
):Number.isNaN()
should be used to check forNaN
value by @alexander-kamushkin-sonarsource in #4040 - Update rule descriptions after migration to LAYC by @victor-diez-sonarsource in #4041
- Actions point to production branch by @ilia-kebets-sonarsource in #4039
- Update S1192 (
no-duplicate-string
): AddignoreStrings
rule property by @yassin-kammoun-sonarsource in #3959 - Update rule metadata by @yassin-kammoun-sonarsource in #4044
Full Changelog: 10.3.2.22047...10.4.0.22160
Part of SonarQube 10.2
10.3.2
Bugfix release to fix performance regression on projects with many tsconfig.json
files.
10.3.1
10.3.0
milestone: https://github.com/SonarSource/SonarJS/milestone/72?closed=1
This brings 5 new and 7 improved rules for core JavaScript and TypeScript features.
Also, analysis now works with all TypeScript 5 code and compiler options.
The updates are available in SonarCloud, and will be included in SonarQube 10.1, and in the next release of SonarLint.
New rules
- S6643: Prototypes of builtin objects should not be modified
- S6638 (no-constant-binary-expression) Binary expressions should not always return the same value
- S6637 (no-extra-bind): Unnecessary calls to .bind() should not be used
- S6635 (no-constructor-return) Constructors should not return values
- S2430 (new-cap) Constructor names should start with an uppercase letter
Improved rules
- S3796 (array-callback-without-return): cover new array functions, typed arrays and bracket notation
- S1528 (array-constructor): add quickfix
- S4043 (no-misleading-array-reverse) to suggest using toReversed or toSorted
- S4622 (max-union-size): Ignore unions used with utility types
- S1128 (unused-import): Support usage in JSDoc comments
- S1128 (unused-import): Ignore imported symbols used as Vue.js directives
- S6544 (no-misused-promises): Don't flag Promise-returning function provided to attribute where a void return was expected in JSX attributes. Also do not flag not awaited, resolved or error-handled promises.
Rule descriptions
300+ small fixes to rule descriptions where there were small inconsistencies in casing, titles, etc.