Releases: SonarSource/sonar-php
3.31.0.9993
Release notes - SonarPHP - 3.31
False-Positive
SONARPHP-1378 S2001 should not raise an issue in case the FQN is not a deprecated function name
SONARPHP-1385 S3415 wrong arguments order in assertInstanceOf
SONARPHP-1386 S3415 wrong arguments order in assertSame($expected, $actual);
SONARPHP-1392 S1451 raises issue when header is included
New Feature
SONARPHP-1411 Support Anonymous readonly classes
SONARPHP-1430 Add support for typehinting class constants
Improvement
SONARPHP-1143 Remove dependency on guava
SONARPHP-1422 Make use of `InputFile::md5Hash()` for Streamlined File Fingerprinting
3.30.0.9766
3.29.0.9684
Release notes - SonarPHP - 3.29
Bug
SONARPHP-1356 UnknownMethodSymbols should provide the correct FQN
SONARPHP-1370 S2068 leads to crash in updated projects
False-Positive
SONARPHP-1363 Concatenation with parentheses on construct param should not raise an issue S6600
SONARPHP-1375 S4833 should not raise issue on autoload import
New Feature
SONARPHP-1297 Use Attributes and PhpDoc Comments to suppress specific Rules
SONARPHP-1347 New Rule: Parentheses should not be used for calls of language constructs
SONARPHP-1350 Rule S6437: Credentials should not be hard-coded
SONARPHP-1351 Rule S2068: Move functions to S6437
SONARPHP-1359 Don't create CPD tokens for PHP attributes
SONARPHP-1364 Log a warning when undeclared test files are identified
Improvement
SONARPHP-1178 Move PHPUnit report importing to dedicated sensor
SONARPHP-1352 Reduce log level for failing symbol creation to DEBUG
SONARPHP-1354 Do not depend on a local file system when accessing InputFile
SONARPHP-1362 Deprecate rule S2041
SONARPHP-1371 S2068 issue message should start with an uppercase letter
3.28.0.9490
Release notes - SonarPHP - 3.28
Bug
SONARPHP-1349 Remove ITs related to removed "Common Server Rules"
False-Positive
SONARPHP-1327 Rule S1192: Exclude duplicate literal starting with underscore
SONARPHP-1329 Rule S1808: Handle named arguments properly
SONARPHP-1342 Rule S5361: Do not suggest to replace preg_replace if 4 or 5 parameter is set
SONARPHP-1345 Rule S1313: Add broadcast address to exceptions
New Feature
SONARPHP-1244 Rule S3330: Using Symfony's cookie helper method without the "HttpOnly" flag is security-sensitive
SONARPHP-1247 Rule S2068: Using hard-coded credentials for Laravel's encryption methods is security-sensitive
Improvement
SONARPHP-1338 Remove LegacyIssue, Issue completely
SONARPHP-1348 Raise warning when coverage or test report file does not contain any record
3.27.1.9352
Release notes - SonarPHP - 3.27.1
Bug
SONARPHP-1344 Verify file status by file hashes before restoring from cache
3.27.0.9339
Release notes - SonarPHP - 3.27
Bug
SONARPHP-1341 Using file hash when writing and reading from cache
3.26.0.9313
Release notes - SonarPHP - 3.26
Bug
SONARPHP-1085 Parse error on namespace using keywords
Task
SONARPHP-1330 Serialize and deserialize the project level symbol table
SONARPHP-1331 Write/read Project Symbol Tables to/from cache
SONARPHP-1332 Avoid scanning files that don't need to be analyzed
SONARPHP-1333 Add integration tests for incremental PR analysis
SONARPHP-1334 `PHPSensor.AnalysisScanner` should become a stand-alone class
SONARPHP-1335 All constructors of the `PHPSensor` should be covered with UTs and ITs
SONARPHP-1336 Update API to expose data related to caching
SONARPHP-1339 Cache CPD tokens for main files
Improvement
SONARPHP-1337 Get rid of LegacyIssue class
3.25.0.9077
Release notes - SonarPHP - Version 3.25
Bug
SONARPHP-1316 Import of PHPStan reports without issues should not raise an error
SONARPHP-1313 PHP sensor should be executed also on TEST files.
SONARPHP-1308 The namespace resolver should not look into other namespaces to resolve
False-Positive
SONARPHP-1311 Rule S1313: Exclude reserved documentation IP ranges
Improvement
SONARPHP-1318 Adapt PHPUnit integration tests to reflect state-of-the art testing in PHP
SONARPHP-1312 External report information on files that are excluded from the analysis should not be processed
SONARPHP-1282 Adjust fully qualified path of external reports to prevent incorrect allocation
New Feature
SONARPHP-1315 Support readonly class syntax
3.24.0.8949
Release notes - SonarPHP - Version 3.24
Bug
SONARPHP-1300 Parsing error on the order of constructor promoted property characteristics
SONARPHP-1296 Parse error on keywords as enum case identifier
False Negative
SONARPHP-1267 Parser: All keywords should be case insensitive
SONARPHP-1170 S2050: FN on fully qualified name
SONARPHP-1168 S2755: FN with fully qualified names
False-Positive
SONARPHP-1303 Rule S1313: Exclude local IPv4-mapped IPv6 address
SONARPHP-1299 S1144 should take into account PHPDoc @uses
SONARPHP-1238 S5996 FP on line breaks after end boundaries
SONARPHP-1169 FP for S2277 when using fully qualified name
Improvement
SONARPHP-1298 Update Analyzer Commons to 1.25: minor changes on Regex checks
SONARPHP-1294 Rule S1192: Add period as allowed character for exceptions
SONARPHP-1136 S2755 should support cakephp xml utils
SONARPHP-593 Make S1697 cover PHP idiomatic cases
New Feature
SONARPHP-1306 Rules support PCI DSS Security Standard
SONARPHP-1293 Provide OWASP Top 10 2021 security standards for rules metadata
Task
SONARPHP-1309 Add Windows build and plugin qa step to CI
SONARPHP-1301 Remove deprecated DuplicatedBlocks rule from Sonar Way
Contributors
Assets 2
3.23.1.8766
Improvement
- [SONARPHP-1295] - Provide descriptions for rule properties of S1808
False-Positive
- [SONARPHP-1291] - S6328 should not raise on parsing error