SonarQube Java 4.1发布了。Sonar (SonarQube)是一个开源平台,用于管理源代码的质量。Sonar 不只是一个质量数据报告工具,更是代码质量管理平台。支持的语言包括:Java、PHP、C#、C、Cobol、PL/SQL、Flex 等。SonarQube Java 是Sonar的一个插件,用来分析 Java 代码。
该版本提供了七个新的规则:
Simple class names should be used (Code Smell, confusing)
Unit tests should throw exceptions (Code Smell, clumsy, tests)
Value-based objects should not be serialized (Bug, java8, serialization)
Private fields only used as local variables in methods should become local variables (Code Smell, pitfall)
“null” should not be used with “Optional” (Bug, java8)
Zero should not be a possible denominator (Bug, cert, cwe, denial-of-service)
Optional value should only be accessed after calling isPresent() (Bug, cwe)
更新日志:
Bug
[SONARJAVA-1775] - Thrown exceptions should be correctly computed on method types
[SONARJAVA-1780] - Status of Object Constraint is lost on null check
[SONARJAVA-1797] - AVLTree: fix handling of collisions of hash codes, get rid of integer overflow
False-Positive
[SONARJAVA-1753] - FP on S2386 for public static final empty arrays
[SONARJAVA-1757] - FP on S1118: when on a serializable class
改进:
[SONARJAVA-1422] - Improving try-catch flow of instruction
[SONARJAVA-1591] - Emulating try-catch with a branch to the exception path at first is incorrect
[SONARJAVA-1770] - S1172 UnusedParameters FN : if method is annotated with @SuppressWarnings with known suppressions
[SONARJAVA-1777] - Rule UndocumentedAPI: update default parameter value
[SONARJAVA-1779] - Put "case" expression into CFG
[SONARJAVA-1782] - S2068 should detect string constant used in java.net.PasswordAuthentication API
新特性:
[SONARJAVA-372] - Rule S1450: Private fields used only as local variables in methods should become local variables
[SONARJAVA-520] - Rule S1942: Simple class names should be used
[SONARJAVA-1750] - Rule S3658: Unit test should throw exception instead of failing in a catch block
[SONARJAVA-1758] - Rule S3437: Value-based classes should not be serialized
[SONARJAVA-1759] - Rule S2789: "null" should not be used with "Optional"
[SONARJAVA-1760] - Add firstToken() and lastToken() methods to the Tree API
[SONARJAVA-1762] - Rule S3518: Zero should not be a possible denominator
[SONARJAVA-1767] - Rule S3655: Optional value should only be accessed after calling isPresent()
Task
[SONARJAVA-1771] - Deprecate Unused protected methods check
[SONARJAVA-1774] - Deprecate Architectural Constraint Rule Template
[SONARJAVA-1784] - Deprecate getMethodComplexityNodes in JavaFileScannerContext
[SONARJAVA-1790] - Update rule descriptions to RSPECs
[SONARJAVA-1799] - Upgrade to OSS parent pom 36
软件详情:http://www.sonarsource.com/2016/08/04/sonarqube-java-4-1-released/
下载地址:http://www.sonarqube.org/downloads/
来自:开源中国社区
