SonarQube JavaScript 2.13 和 SonarQube Java 3.14 发布了,Sonar (SonarQube)是一个开源平台,用于管理源代码的质量。Sonar 不只是一个质量数据报告工具,更是代码质量管理平台。支持的语言包括:Java、PHP、C#、C、Cobol、PL/SQL、Flex 等。
SonarQube JavaScript 2.13 改进记录如下:
Bug
[SONARJS-692] - False Positive BooleanEqualityComparisonCheck: not condition expression
[SONARJS-693] - False Positive EqualInForLoopTerminationCheck: complex condition
[SONARJS-697] - Exception on function call on Angular module with empty array
[SONARJS-702] - FP in DeadStore on complex left-hand side expression
New Feature
[SONARJS-659] - Rule: Properties should not be accessed on an undefined or null value
[SONARJS-700] - Provide an easy way to unit test precise issue locations
[SONARJS-706] - Highlight pairs of curly braces
Task
[SONARJS-694] - Remove "Sonar Security Way" quality profile
SonarQube Java 3.14 改进记录如下:
“toArray” should be passed an array of the proper type (Bug)
Classes that don’t define “hashCode()” should not be used in hashes (Bug)
Getters and setters should be synchronized in pairs (Bug, cert, multi-threading)
Return values should not be ignored when they contain the operation status code (Vulnerability, cert, cwe, error-handling, misra)
软件详情:http://www.sonarsource.com/2016/05/30/sonarqube-javascript-2-13-released/
下载地址:http://www.sonarqube.org/downloads/
来自:开源中国社区
