SonarPython 2.12

    Release Notes - SonarPython - Version 2.12

New Feature

• [SONARPY-675] - Rule S5799: Implicit string and byte concatenations should not be confusing
• [SONARPY-676] - Rule S5806: Builtins should not be shadowed
• [SONARPY-678] - Rule S5807: Only defined names should be listed in "__all__"
• [SONARPY-679] - Rule S2823: Only strings should be listed in "__all__"
• [SONARPY-685] - Rule S3457: Strings should be formatted correctly
• [SONARPY-686] - Rule S2275: String formatting should not fail
• [SONARPY-688] - Rule S5828: The "open" builtin should be called with a valid mode
• [SONARPY-695] - Typeshed: Support packages without transitive module resolution
• [SONARPY-696] - Typeshed: Support importing of submodules

False-Positive

• [SONARPY-699] - Fix FP on S1481: variables used as a nested format specification in f-string
• [SONARPY-713] - RSPEC-5708 (CaughtExceptionsCheck) shouldn't raise on variables holding tuples

sonar-python 2.11

    Release Notes - SonarPython - Version 2.11

Bug

• [SONARPY-687] - Analysis stuck when computing type of a long sequence of binary expressions

New Feature

• [SONARPY-216] - Rule S2201: Return values from functions without side effects should not be ignored
• [SONARPY-467] - Rule S5549: Function arguments should be passed only once
• [SONARPY-650] - Rule S2836 - Loops without "break" should not have "else" clauses
• [SONARPY-663] - Rule S5780: Expressions creating dictionaries should not have duplicate keys
• [SONARPY-664] - Rule S5781: Expressions creating sets should not have duplicate values
• [SONARPY-666] - Rule S3984: Exceptions should not be created without being raised
• [SONARPY-667] - Rule S905: Non-empty statements should change control flow or have at least one side-effect
• [SONARPY-669] - Rule S2208: Wildcard imports should not be used
• [SONARPY-672] - Rule S5797 Constants should not be used as conditions
• [SONARPY-673] - Rule S5795: Identity comparisons should not rely on interpreter's cache
• [SONARPY-674] - Rule S5796: New objects should not be created just to check their identity

Improvement

• [SONARPY-684] - Count module-level docstrings as comments

sonar-python 2.10.0.6571

    Release Notes - SonarPython - Version 2.10

False-Positive

• [SONARPY-637] - FP on S5720 when using the method as a decorator
• [SONARPY-665] - FP raised by S1192 on type hints

New Feature

• [SONARPY-357] - Rule S4830: Server certificates should be verified during SSL⁄TLS connections
• [SONARPY-469] - Rule S5547: Cipher algorithms should be robust
• [SONARPY-651] - Rule S4433: LDAP connections should be authenticated
• [SONARPY-652] - Import Flake8 external issues: core rules
• [SONARPY-653] - Import Flake8 external issues: plugins rules
• [SONARPY-655] - Add property to import flake8 report paths
• [SONARPY-661] - Deprecate S5439 in favor of S5247
• [SONARPY-662] - Rule S5542 Encryption algorithms should be used with secure mode and padding scheme
• [SONARPY-668] - Rule S4502: Disabling CSRF protection is security-sensitive
• [SONARPY-682] - Add parser for Python code to plugin API

Task

• [SONARPY-648] - Declare Typeshed as git submodule
• [SONARPY-660] - Show a deprecation warning in SonarQube/SonarCloud when Pylint rules are activated

Improvement

• [SONARPY-646] - Update branding to drop 'SonarPython'

SonarPython 2.9

    Release Notes - SonarPython - Version 2.9

New Feature

• [SONARPY-525] - Rule S5655: Arguments given to functions should be of an expected type
• [SONARPY-587] - Rule S1515: functions and lambdas should not reference variables defined in enclosing loops
• [SONARPY-607] - Type inference: include types defined in "typings.pyi" ("generator", "iterator", ...)
• [SONARPY-642] - Add standard library type definitions from Typeshed

Improvement

• [SONARPY-616] - FN on S5632: raise an issue when inferred type is "str"
• [SONARPY-618] - FN on S2159: Builtin functions with overloading
• [SONARPY-619] - FN on S2159: builtin functions returning generic types
• [SONARPY-639] - FN on S1045 due to missing type hierarchy for Python Builtin Exceptions

SonarPython 2.8

    Release Notes - SonarPython - Version 2.8

False-Positive

• [SONARPY-628] - FP on S1226 and S1481 when the parameter is used in a raw f-string

Bug

• [SONARPY-623] - Parse error on backslash before empty line
• [SONARPY-624] - Parse error on non-ASCII character in identifier
• [SONARPY-625] - Exception thrown when highlighting symbols in nested f-string

New Feature

• [SONARPY-482] - Rule S4487 Unread "private" attributes should be removed
• [SONARPY-483] - Rule S1144: Unused class-private methods should be removed
• [SONARPY-484] - Rule S3985: Unused private nested classes should be removed
• [SONARPY-532] - Support assignment expression syntax (Python 3.8)
• [SONARPY-533] - Support positional-only parameters (Python 3.8)
• [SONARPY-534] - Iterable unpacking in yield and return statements no longer requires enclosing parentheses (Python 3.8)
• [SONARPY-540] - Assignment expressions: update LVA-based rules (Python 3.8)
• [SONARPY-541] - Assignment expressions: update rules targeting assignments (Python 3.8)
• [SONARPY-542] - Assignment expressions: update rules targeting arguments' expressions (Python 3.8)
• [SONARPY-543] - Rule S5685: Walrus operator should not make code confusing
• [SONARPY-579] - Rule S2638: Method overrides should not change contracts
• [SONARPY-583] - Rule S5717: Function parameters' default values should not be modified or assigned
• [SONARPY-584] - Rule S5719: Instance and class methods should have at least one parameter
• [SONARPY-585] - Rule S5720: "self" should be the first argument to instance methods
• [SONARPY-586] - Rule S2710: The first argument to class methods should follow the naming convention
• [SONARPY-588] - Rule S5722: Special methods should have an expected number of parameters
• [SONARPY-589] - Rule S5724: Property getter, setter and deleter methods should have the expected number of parameters

Improvement

• [SONARPY-621] - Update symbol table with assignment expressions
• [SONARPY-630] - Support equal specifiers in f-string (Python 3.8)

SonarPython 2.7

    Release Notes - SonarPython - Version 2.7

New Feature

• [SONARPY-562] - Rule S5747: Bare "raise" statements should only be used in "except" blocks
• [SONARPY-563] - Rule S5704: Bare "raise" should not be used in "finally" blocks
• [SONARPY-564] - Rule S1045: All "except" blocks should be able to catch exceptions
• [SONARPY-566] - Rule S5754: "SystemExit" should be re-raised
• [SONARPY-567] - Rule S5706: Special method "__exit__" should not re-raise the provided exception
• [SONARPY-568] - Rule S5708: Caught Exceptions must derive from BaseException
• [SONARPY-569] - Rule S5709: Custom Exception classes should inherit from "Exception" or one of its subclasses
• [SONARPY-570] - Rule S112: "Exception" and "BaseException" should not be raised
• [SONARPY-571] - Rule S5712: Some special methods should return "NotImplemented" instead of raising "NotImplementedError"
• [SONARPY-572] - Rule S5714: Boolean expressions of exceptions should not be used in "except" statements:
• [SONARPY-573] - Rule S1143: Break, continue and return statements should not occur in "finally" blocks
• [SONARPY-574] - Rule S5713: A subclass should not be in the same "except" statement as a parent class
• [SONARPY-575] - Rule S5707: Exceptions' "__cause__" should be either an Exception or None
• [SONARPY-615] - Rule S5727: Comparison to None should not be constant

SonarPython 1.8-RC1

This release brings 2 new rules:

• Variables should not be self-assigned
• Unused local variables should be removed

It also fixes 3 false positives.

Release notes: https://jira.sonarsource.com/jira/secure/ReleaseNote.jspa?projectId=10958&version=13676

SonarPython 1.7 RC1

SNAPSHOT version to allow users to test SonarPython during the feedback period for version 1.7.
This version brings 2 new rules

• Cognitive Complexity of functions should not be too high (for details see this paper)
• Identical expressions should not be used on both sides of a binary operator

Release Notes

Python Plugin 1.6 RC1

SNAPSHOT version of the plugin to allow users to test the plugin during the vote for release 1.6.
This version requires SonarQube 5.6 (LTS version) and Java 8.
It brings precise issue location for all rules and support for Python <=3.6.