Releases: SonarSource/sonar-dotnet
Releases · SonarSource/sonar-dotnet
9.5
Release 9.5 introduces 9 new rules for C# and VB.NET developers, providing guidelines and best practices for handling date and time operations within their applications.
These rules cover a wide range of topics, including time zone conventions, common pitfalls, date parsing and formatting, time arithmetic, and more.
This release includes also one additional security rule and introduces fixes for false negatives and false positives.
Thanks to @Corniel for his contribution by implementing a new codefix for S6610 (#7517) and fixing a FP in S6354 (#7504).
New Rules
Date & time
- 7080 - [C#, VB.NET] New rule S6588: Use
DateTime(Offset).UnixEpochinstead of pointing to that date using the constructor - 7085 - [C#, VB.NET] New rule S6566: Always use
DateTimeOffsetinstead ofDateTime - 7083 - [C#, VB.NET] New rule S6561: Do not use
DateTime.Nowfor benchmarking or timing operations - 7081 - [C#, VB.NET] New rule S6562: Always set the
DateTimeKindwhen creating a newDateTimeobject - 7079 - [C#, VB.NET] New rule S6585: Don't hardcode the format provider when turning dates and times to string
- 7078 - [C#, VB.NET] New Rule S6580: Always use
DateTime.Parseoverloads with anIFormatProviderparameter - 7077 - [C#, VB.NET] New rule S6575: Use
TimeZoneInfo.FindSystemTimeZoneByIdinstead ofTimezoneConverter - 7076 - [C#, VB.NET] New Rule S6563: Use UTC when recoding
DateTimeinstants - 7490|7086 - [C#, VB.NET] New rule S3363: Date and time should not be used as types for primary keys
Others
Improvements
- 7516 - [C#, VB.NET] Rule S6588: implement CodeFix
- 7517 - [C#] Rule S6610: implement CodeFix
- 7469 - SE: Run for local functions
- 7468 - SE: Run for Top-Level statements
False Positive
- 7504 - [C#, VB.NET] Fix S6354 FP: Do not report on XML crefs and nameof
- 6223 - [C#, VB.NET] Fix S5332 FP: Improve detection of namespace uris
False Negative
Contributors
Corniel
Assets 6
9.4
Release 9.4 brings one new rule for C# and four new rules for VB.NET. It also brings improvements by migrating two more rules to the new symbolic execution engine, fixing false positives, and improving memory allocation.
Thanks to @sharwell for his contribution by reporting 7438.
Thanks to @Corniel for his contribution by implementing new rule S2925 in 7342.
New Rules
- 7305 - [VB.NET] New rule S3966: Objects should not be disposed more than once
- 7304 - [VB.NET] New rule S1944: Invalid casts should not be made
- 7303 - [VB.NET] New rule S4158: Empty collections should not be accessed or iterated
- 7342 - [C#, VB.NET] New Rule: S2925 Do not use Thread.Sleep() in a test
Improvements
- 7302 - [C#] Migrate S3966 to the new Symbolic Execution engine
- 7300 - [C#] Migrate S4158 to the new Symbolic Execution engine
- 7301 - [C#] Improve S1944: Rule now detects more issues
- 7322 - [C#] Symbolic Execution: Learn NotNull from ??= for nullable types
- 7267 - [C#, VB.NET] Symbolic Execution: Add BinaryOperation for literals: division, remainder, xor
- 7435 - [C#] Improve S4635: Update issue message
- 7365 - [C#] Improve S2198: Update issue message
- 7337 - Update RSPEC before 9.4 release
False Positives
- 4261 - [C#] Fix S4158 FP: When a collection was filled by using delegates
- 2147 - [C#] Fix S4158 FP: Variable instance mismatch
- 7308 - [C#] Fix S3655 FP: Recognize ??= for nullable types
- 6179 - [C#, VB.NET] Fix S4158 FP: When the collection was filled during for loops, was reported to be empty
Performance
- 7438 - Memory allocation improvement: HasMatchingScope should not allocate a new delegate on every call
Contributors
sharwell and Corniel
Assets 6
9.3
9.2
This release brings a new implementation of S3949 rule, that is now part of SonarWay again.
New features
- 7147 - [VB.NET] New rule S3949: Integral operations should not overflow - for VB.NET
- 7239 - [C#] Rule S6613: implement CodeFix
False Positive fixes
- 7104 - [C#] Fix S2259 FP: Conditional access checked for bool
- 3491 - [C#] Fix S3949 FP: Do not report inside GetHashCode
Improvements
- 4631 - [C#] Migrate S3949 to the new Symbolic Execution engine
- 7148 - [C#] S3949: Add rule to SonarWay profile
- 7138 - [C#] Remove CBDE dependency
- 7212 - [C#] Modify S3237 message to be more accurate
- 7262 - [C#, VB.NET] Revert "UtilityAnalyzer: Use RegisterCompilationStartAction" - fix performance regression
- 7234 - [C#, VB.NET] SE Fix FPs: Improve fixed-count loops
- 7156 - [C#, VB.NET] SE: Cache NumberConstraint
- 7111 - [C#, VB.NET] SE: Concatenate string expression returns non-null string
- 7260 - Update RSPEC before 9.2 release
Bug Fixes
9.1
Release 9.1 brings a set of rules that help users avoid performance pitfalls.
New Rules
- 7132 - [C#] New rule S6618: "string.Create" should be used instead of "FormattableString"
- 7131 - [C#, VB.NET] New rule S6617: "Contains" should be used instead of "Any" for simple equality checks
- 7129 - [C#, VB.NET] New rule S6613: "First" and "Last" properties of "LinkedList" should be used instead of the "First()" and "Last()" extension methods
- 7128 - [C#, VB.NET] New rule S6612: The lambda parameter should be used instead of capturing arguments in "ConcurrentDictionary" methods
- 7127 - [C#, VB.NET] New rule S6610: "StartsWith" and "EndsWith" overloads that take a "char" should be used instead of the ones that take a "string"
- 7126 - [C#, VB.NET] New rule S6609: "Min/Max" properties of "Set" types should be used instead of the "Enumerable" extension methods
- 7125 - [C#, VB.NET] New rule S6608: Indexing should be used instead of "Enumerable" methods on types implementing "IList"
- 7124 - [C#, VB.NET] New rule S6607: The collection should be filtered before sorting by using "Where" before "OrderBy"
- 7123 - [C#, VB.NET] New rule S6605: Collection-specific "Exists" method should be used instead of the "Any" extension
- 7122 - [C#, VB.NET] New rule S6603: The collection-specific "TrueForAll" method should be used instead of the "All" extension
- 7121 - [C#, VB.NET] New rule S6602: "Find" method should be used instead of the "FirstOrDefault" extension
Improvements
- 7197 - [VB.NET] Improve S2302 Message: Use NameOf for VB.NET
- 7133 - [C#] Extend S3260 to include file access modifier on types
Bug Fixes
False Negative
- 2528 - [C#] FPs and FNs in the Symbolic Execution rules when null coalescing is combined with arithmetic expressions because we do not support constraints on integers
9.0
Release 9.0 changes the target framework from net46 to netstandard2.0. Thus the minimal support version is .NET Framework 4.6.2 now.
Thanks to @Corniel for fixing an FP in S2049.
Improvements
- 7095 - Update RSPEC before 9.0 release
- 6028 - Target netstandard2.0 instead of net46
- 4824 - [C#, VB.NET] SE: Update rule activation to be compatible with .editorconfig
False Positive
- 3400 - [C#] Fix S3900 FP: When parameter reassigned from a method
- 2591 - [C#] Fix S3900 FP: Re-assignment of parameters is ignored
- 6972 - [C#] Fix S3900 FP: Ignore parameters with assigned values
- 5729 - [C#] Fix S3900 FP: Recognize ArgumentNullException.ThrowIfNull()
- 6953 - [C#] Fix S2094 FP: Records which set the base record's properties in their initializer
Contributors
Corniel
Assets 6
8.56
Release 8.56 is here and it brings a whole lot of improvements. We implemented S3900 and S3655 for VB.NET and at the same time, we also got improvements to the C# versions of S3900, S3655, S2222, and S2259. Special kudos to @Corniel who contributed new rule S5856 and several other enhancements.
New Rules
- 6797 - [VB.NET] New Rule S3900 for VB.NET: Arguments of public methods should be validated against Nothing
- 6795 - [VB.NET] New Rule S3655 for VB.NET: Empty nullable value should not be accessed
- 6691 - [C#, VB.NET] New Rule S5856: Regex literals should be valid by @Corniel
Improvements (S3900, S3655, S2222, and S2259)
- 6794 - [C#] Improve S3655: Support C# 9 and C# 10 syntax
- 6793 - [C#] Improve S3900: Support C# 9 and C# 10 syntax
- 6997 - [C#] Fix S3900: FN and FP
- 7060 - [C#] Fix S3900 FP: Don't raise if parameter is captured
- 2775 - [C#] Fix S3900 FP:
isis not considered as null-check - 2670 - [C#] Fix S3900 FP: with string.IsNullOrEmpty
- 7004 - [C#] Fix S3900: Change parameter dereference check to top-down
- 6682 - [C#] Fix S3655 FP: HasValue checked with Pattern matching
- 4250 - [C#] Fix S2259 FP: Lifted operator results in null value in value type comparison
- 6994 - [C#, VB.NET] Fix S2222: Branch on
createdNewparameter on Mutex constructor - 6840 - [C#, VB.NET] Fix S2259 FP/FN: Do not raise on Nullable members
- 6241 - [C#, VB.NET] Fix S2259 FP:
is nullcheck on generic type - 6930 - [C#, VB.NET] Fix S2259 FN: Auto-Properties don't learn ObjectConstraint
- 6898 - [C#, VB.NET] Fix S2259 FN: Raise on fields and events
- 7048 - [VB.NET] Fix S2259 FP:
ValidatedNotNullAttributein extension method - 7047 - [VB.NET] Fix S3900 FP: Recognize VB extensions
- 6991 - [VB.NET] Fix S3655 FN: VB implicit conversions
Other improvements
- 6899 - Update RSPEC
- 6910 - Fix S2094 FP: Allow to have empty classes, used as generic parameter
- 6878 - [C#] Fix S1168 FP: Does not respect nullable annotations by @Corniel
- 6890 - [C#, VB.NET] Fix S1123 FN: The explanation should not be null or whitespace by @Corniel
@Corniel contributions
Contributors
Corniel
Assets 6
8.55
This version contains the prerequisite to support sonar.exclusions, sonar.inclusions, sonar.global.exclusions, sonar.test.exclusions, sonar.test.inclusions and sonar.global.test.exclusions parameters when the analysis is run inside SonarLint for Visual Studio. Stay tuned, the second and final part of the feature will be implemented soon by the SonarLint team.
In the meantime, if you are wondering what these parameters are, you can find more information about them in our documentation.
- 6877 - Support exclusion and inclusion parameters when run by SonarLint
New Rules
- 6885 - [C#, VB.NET] ExcludeFromCodeCoverage attributes should include a justification
Special thanks to @Corniel for implementing this new rule!
Improvements
- 6798 - Update RSPEC before 8.55 release
False Positive
Contributors
Corniel
Assets 6
8.54
In this release we added six code structure and best practice rules.
Thank you @teo-tsirpanis, for contributing #6580
New Rules
- 6706 - [C#] New Rule S3398: "private" methods called only by inner classes should be moved to those classes
- 6704 - [C#] New Rule S2094: Classes should not be empty
- 6703 - [C#, VB.NET] New Rule S4545: "DebuggerDisplayAttribute" strings should reference existing members
- 6701 - [C#] New Rule S2445: Blocks should be synchronized on read-only fields
- 6662 - [C#] New rule S2970: Assertions should be complete
- 6854 - [C#] New rule S6507: Blocks should not be synchronized on local variables
Improvements
- 6763 - Update RSPEC before 8.54 release
- 6761 - Improve Rule S2223: cleanup and performance
- 6678 - Report deprecation analysis warning for MsBuild 14/15
Performance
- 6785 - Performance: Token Type Utility Analyzer: Avoid allocations
Bug Fixes
- 6766 - [C#] Old SE: Handle unsupported syntax gracefully
False Positive
False Negative
Contributors
teo-tsirpanis
Assets 6
8.53
New Rules
- 6658 - [C#] New rule S2198: Silly mathematical comparisons should not be made
- 6705 - [C#, VB.NET] New rule S2166: Classes named like "Exception" should extend "Exception" or a subclass
- 6663 - [C#, VB.NET] New rule S4663: Comments should not be empty
- 6659 - [C#, VB.NET] New rule S3063: "StringBuilder" data should be used
- 6657 - [C#, VB.NET] New rule S3878: Arrays should not be created for params parameters
- 6656 - [C#, VB.NET] New rule S1133: Deprecated code should be removed
Improvements
- 6676 - Update RSPEC before 8.53 release
- 6634 - Enable Incremental Analysis ITs
- 6521 - [C#] Improve S1244: Add message to use "IsX" instead of "== double.X"
- 6331 - [C#] Improve S3927: Interfaces should be excluded
- 6321 - [C#] Improve S1144: Highlight only the identifier name