Releases: SonarSource/sonar-html
Releases · SonarSource/sonar-html
3.7.0.3298
Bug
- [SONARHTML-138] - S5254: language_attributes() call should be a valid language attribute supplier
- [SONARHTML-139] - S125: Should not raise issue on comment with @thymesVar
- [SONARHTML-162] - The '<' character can incorrectly be interpreted as a start tag
- [SONARHTML-165] - Fix 'Node#getLinesOfCode' method and adapt Web:LongJavaScriptCheck
False-Positive
- [SONARHTML-143] - Web:UnifiedExpressionCheck should support maps
- [SONARHTML-154] - FP S5256 - Tables should have headers in Razor .cshtml files
- [SONARHTML-155] - Web:UnifiedExpressionCheck should not raise on thymeleaf attributes
- [SONARHTML-160] - S5254 should not raise an issue when the lang is specified with Thymeleaf attributes
- [SONARHTML-161] - FP S5256: Table content included with Thymeleaf th:block and th:insert
New Feature
- [SONARHTML-156] - Provide OWASP Top 10 2021 security standards for rules metadata
Task
- [SONARHTML-135] - SonarHTML should not depend on sonar-channel
- [SONARHTML-163] - Update analyzer to use Java 11
Improvement
- [SONARHTML-153] - S125: Should not raise issue on comments annotated with @ elvariable
- [SONARHTML-157] - Update rules MetaData
- [SONARHTML-158] - FP and FN for multiple rules: Support Angular attribute binding
- [SONARHTML-164] - Update and remove unneeded dependencies
- [SONARHTML-166] - Verify that logs from ruling ITs are the expected ones
3.6.0.3106
Task
- [SONARHTML-141] - Add the `.twig` file extension to the default html suffix list
- [SONARHTML-150] - Declare HTML sensor as a sensor processing files independently
- [SONARHTML-152] - Update license headers for 2022
Improvement
- [SONARHTML-147] - S103 should not raise an issue on <svg><path d=xxx> property
False-Positive
- [SONARHTML-140] - S1077 should not raise an issue on "<img th:alt=..."
- [SONARHTML-151] - Web:TableHeaderHasIdOrScopeCheck should not raise for simple tables
3.5.0.3009
Release Notes - SonarHTML - Version 3.5
New Feature
- [SONARHTML-144] - Support SalesForce Aura Lightning Components: update default suffixes with ".cmp"
Improvement
- [SONARHTML-148] - InternationalizationCheck should raise an issue on the label rather than the entire line
False-Positive
- [SONARHTML-145] - MouseEventWithoutKeyboardEquivalentCheck should not raise on clickable lightning buttons
3.4.0.2754
Release Notes - SonarHTML - Version 3.4
Improvement
- [SONARHTML-131] - Remove dependency on sslr-squid-bridge because it's deprecated
- [SONARHTML-132] - [S1082] Allow special modifier keys and combinations to KEYDOWN events
- [SONARHTML-133] - [S5148] Update rule example to replace inappropriate link
3.3.0.2534
Release Notes - SonarHTML - Version 3.3
Bug
- [SONARHTML-115] - FP from Rule S1085 when "aria-label" or "aria-labelledby" are used
- [SONARHTML-116] - Rule S1935 is raising on "<style>" elements instead of "style" attributes
- [SONARHTML-117] - FP from S125 on Server Side Includes (SSI)
- [SONARHTML-119] - FP UnclosedTagCheck: generic type model in cshtml
- [SONARHTML-125] - Depcreated attribute as a compliant example of S1085 (TableWithoutCaptionCheck)
- [SONARHTML-130] - FP on S1092 (LinkToImageCheck) when "href" contains a PHP page
New Feature
- [SONARHTML-124] - Rule S1876 (AvoidHtmlCommentCheck): change rule type to Security Hotspot
Task
- [SONARHTML-122] - Update dependencies on Apache commons-io
- [SONARHTML-126] - Update rules metadata
- [SONARHTML-128] - Update dependency to SonarQube 7.9 LTS
Improvement
- [SONARHTML-118] - FP and FN for multiple rules: Support Angular attribute binding
- [SONARHTML-120] - Rule S5725 Disabling resource integrity features is security-sensitive
- [SONARHTML-121] - Update branding to drop 'SonarHTML'
- [SONARHTML-123] - Fix parameter key for S1829: should be 'attributes'
- [SONARHTML-127] - Rule S5148: update rule type to Security Hotspot and accept using "noopener" without "noreferrer"