Releases: SonarSource/sonar-xml
Releases · SonarSource/sonar-xml
2.5.0.3376
Release Notes - SonarXML - Version 2.5
Bug
- [SONARXML-149] - NPE parsing XML empty CDATA
Task
- [SONARXML-135] - Move all rules targeting XML from SonarQube Java Analyzer to SonarXML
- [SONARXML-151] - Update sonar-plugin-api to version 8.9
- [SONARXML-152] - Declare XML sensor as a sensor processing files independently
- [SONARXML-153] - Update rules metadata
2.4.0.3273
Release Notes - SonarXML - Version 2.4
New Feature
- [SONARXML-137] - Rule S6358: Allowing application backup is security-sensitive
- [SONARXML-138] - Rule S5322: Receiving intents is security-sensitive
- [SONARXML-140] - Rule S6361: Defining a single permission for read and write access of Content Providers is security-sensitive
Task
- [SONARXML-144] - Update rules metadata
Improvement
- [SONARXML-139] - Rule S6359: Custom permissions should not be defined in the 'android.permission' namespace
- [SONARXML-141] - Rule S5332: Using clear-text protocols is security-sensitive
- [SONARXML-143] - S2647: remove CWE-311 from "securityStandards" to match the "See" section
False-Positive
- [SONARXML-142] - S5594 should not raise on activities expecting android.intent.action.SEND* intents
2.3.0.3155
Release Notes - SonarXML - Version 2.3
Task
- [SONARXML-136] - Update rules metadata
Improvement
- [SONARXML-117] - Update description for sonar.xml.file.suffixes
False-Positive
- [SONARXML-118] - S5594 should handle activity-alias component
- [SONARXML-119] - S2068 should not raise on "android:password" attribute
2.2.0.2973
Release Notes - SonarXML - Version 2.2.0.2973
Bug
- [SONARXML-114] - NPE in xml:S2068 on entity node
Task
- [SONARXML-115] - Update Rules Metadata
Improvement
- [SONARXML-113] - S5594 should not raise on a activity expecting a android.intent.action.MAIN intent
2.1.0.2861
Release Notes - SonarXML - Version 2.1
Bug
- [SONARXML-102] - XPathCheck should not throw an exception when no message is configured
New Feature
- [SONARXML-95] - Rule S5122: Having a permissive Cross-Origin Resource Sharing policy is security-sensitive
- [SONARXML-96] - Rule S3330: "HttpOnly" should be set on cookies
- [SONARXML-97] - Rule S2647: Basic authentication should not be used
- [SONARXML-103] - Rule S5594: Restrict access to exported components with appropriate permissions
- [SONARXML-104] - Rule S4507: Delivering code in production with debug features activated is security-sensitive
- [SONARXML-105] - Rule S5604: Requesting dangerous Android permissions is security-sensitive
- [SONARXML-106] - Rule S2068 Hard-coded credentials are security-sensitive
Task
- [SONARXML-99] - Remove usage of deprecated methods in ITs
- [SONARXML-100] - Add static analyzer documentation
- [SONARXML-110] - Update to common-xml-parser version 1.12
- [SONARXML-111] - Update rules metadata
Improvement
- [SONARXML-94] - Update message of IndentCheck
- [SONARXML-107] - Update branding to drop 'SonarXML'
- [SONARXML-108] - S105: limit the number of secondary locations and add secondary location messages
SonarXML 1.4.3.1017
XML Plugin 1.4.1-RC1
This version provides a fix for a bug in syntax highlighting with CDATA sections.
XML Plugin 1.4 RC-2
1.4-RC2 Add IT for highlighting with BOM
XML Plugin 1.4 RC
Support for Developer Cockpit Plugin and bug fixes