7.3

Bug Fixes

• 1438 - Fix string formats in the csharp plugin

False Positive

• 1493 - Fix S107: Do not raise for P/Invoke methods (#1459)
• 1464 - S4055 should not raise issues for string literal used in the 'message' of Debug.Assert
• 1436 - Fix S4586: False positive when returning null from inside Task.Run
• 1419 - Fix S1192: False positive for [SuppressMessage()] attribute
• 1417 - Fix S2259: False positive on switch statement with conditional access operator
• 1411 - Fix S1118: Rule should not raise issue on abstract classes
• 1400 - Fix S2583: Rule should not report false positives when combined with async methods
• 1378 - Fix S4023: False positive on interfaces that derive from other non-empty interfaces
• 1366 - Update S4261: should not raise on async unit test methods
• 1325 - Fix S1125: FP with nullable and VS2015/MSBuild 14
• 1324 - Rule S2259: False positive on 'try/catch' with exception filter
• 1279 - Fix S2228: Rule should ignore calls within DEBUG preprocessor
• 1265 - Rule S3626: "Jump statements should not be redundant" issues false positive with try/catch/finally clause
• 1180 - Fix S1200: Should not count generic type parameters of extension methods
• 947 - S2583: False-positive when Monitor.Wait is used
• 621 - CFG does not correctly support try-catch blocks with unconditional return insude
• 496 - Fix S2234: Check for parameter types before reporting it as bug

False Negative

• 247 - Update S3776: Cogntive Complexity should handle C# 7 inner methods

New Rules

• 823 - Rule S4275: Getters and setters should access the right field
• 634 - Rule S4143: Dictionary values should not be replaced unconditionally
• 257 - Rule S2327: "try" statements with identical "catch" and/or "finally" blocks should be merged
• 221 - Rule S3973: A conditionally executed single line should be denoted by indentation

7.2

Removed Rules

• #1386 - Drop S3649: to be replaced by SonarQube functionality

Improvements

• #1387 - Update S4457: make message clearer

False Positives

• #1380 - Fix S4457 - false positive with local functions
• #1404 - Update S4457: FP when func/action is async/await

Bug fixes

• #1389 - AD0001 - NullReferenceException - Object reference not set to an instance of an object

7.1

New features

• #1057 - Rule S4211: Members should not have conflicting transparency annotations
• #1072 - Rule S3400: Methods should not return constants
• #1079 - Rule S3923: All branches in a conditional structure should not have exactly the same implementation
• #1151 - Rule S881: Increment (++) and decrement (--) operators should not be used in a method call or mixed with other operators in an expression
• #1159 - Rule S4462: Calls to 'async' methods should not be blocking
• #1164 - Rule S4457: Parameter validation in "async"/"await" methods should be wrapped
• #1165 - Rule S4456: Parameter validation in yielding methods should be wrapped
• #1166 - Rule S4428: "PartCreationPolicyAttribute" should be used with "ExportAttribute"
• #1167 - Rule S4426: Cryptographic keys should not be too short
• #1171 - Rule S1192: String literals should not be duplicated
• #1267 - Rule S4524: Switch 'default' case should be first or last
• #1287 - Rule S2255: Cookies should not be used to store sensitive information
• #1290 - Rule S3330: "HttpOnly" should be set on cookies
• #1292 - Rule S2092: Cookies should be "secure"
• #1294 - Rule S2245: Pseudorandom number generators (PRNGs) should not be used in secure contexts
• #1303 - Rule S4432: AES encryption algorithm should be used with secured mode
• #1310 - Rule S4433: LDAP connections should be authenticated
• #1313 - Rule S4564: ASP.NET HTTP request validation feature should not be disabled
• #1329 - Rule S4581: "new Guid()" should not be used
• #1344 - Rule S4586: Non-async "Task/Task" method should not return null

Improvements

• #1087 - Rules should use analysis scope from RSPEC and not be hardcoded
• #1222 - Deprecate rule S4142
• #1236 - Update S4040: Rule should also cover char calls
• #1256 - Update S1313: Rule should not be run against test sources
• #1258 - Update S2228: Rule should not be run on test sources
• #1260 - Update S1104: Rule should not be run on test sources
• #1262 - Fix S3433: Rule should not report on non-public test methods for xUnit
• #1263 - Adjust the behavior of S131 to not raise an issue when "default" is not at the correct position
• #1282 - Update S4061: Rule should be part of SonarWay
• #1288 - Update S1751: Rule should be a BUG
• #1291 - Update S2486: Rule should be a VULNERABILITY
• #1357 - Fix SonarC# category under SonarQube/SonarCloud general settings
• #1368 - Remove deprecated TEST_SUCCESS_DENSITY

False Positives

• #825 - Fix S1905: Rule should not report on Cast over multi-dimensional arrays
• #1037 - Fix S1168: "Return empty collection" should not raise when the method return type is XmlNode
• #1083 - Fix S4056: False positives when calling Convert.ToInt32(double x)
• #1123 - Fix S3264: Rule should not raise when 'BeginInvoke' or 'EndInvoke' are called
• #1149 - Fix S2971: Do not trigger on ToList().AsEnumerable()
• #1189 - Fix S4015: Incorrectly Identifies Descendent Overload as Member Hiding
• #1210 - Fix S2933: issue should not be raised for types marked with [Serializable]
• #1219 - Fix S3264: FP when using add/remove syntax
• #1223 - Fix S2228: Should not raise any issue when in a console application
• #1224 - Fix S1694 - message should suggest protected constructor
• #1244 - Fix S109: Rule should not raise FP when using enums
• #1283 - Fix S4061: Rule should not report when method is interop
• #1284 - Fix S4061: Rule should not raise issue when overriding/implenting interface
• #1296 - Fix S4159: Rule should handle generic interfaces correctly

Bug fixes

• #1274 - Parameterized rules should be disabled by default

7.0.1

Bug-fix related to the usage of the analyzer in SonarLint for Visual Studio

7.0

New Features

• #780 - Rule S4261: Methods should be named according to their synchronicity
• #996 - Rule S109: Magic numbers should not be used
• #1131 - Rule S1048: Destructors should not throw exceptions
• #1170 - Rule S1151: "switch case" clauses should not have too many lines of code
• #1172 - Rule S1264: A "while" loop should be used instead of a "for" loop
• #1184 - Rule S1821: "switch" statements should not be nested
• #1212 - [New SonarLint] Enable all rules by default

Improvements

• #1155 - Move analyzers to Roslyn 1.3.2 and drop compatibility with VS 2015 < Update 3

False Positives

• #1161 - Fix S3168: Rule should not be too strict on first parameter name
• #1162 - Fix S2302: Do not raise issue when C# < 6.0
• #1175 - Fix S1118 (Utility classes should not have public constructors) ignores its exceptions
• #1196 - Fix S2187: Rule should not raise False Positives for class inheriting class with tests

Notes

• Breaking change: #1155 - Move analyzers to Roslyn 1.3.2 and drop compatibility with VS 2015 < Update 3
• Breaking change: #1212 - [New SonarLint] Enable all rules by default

6.8.2

Bug

• #1174 - SonarC# should compare paths using the OS case-sensitivity

6.8.1

New Features

• #1013 - Rule S138: Functions should not have too many lines of code
• #1056 - Rule S4277: "Shared" parts should not be created with "new"
• #1058 - Rule S4210: Windows Forms entry points should be marked with STAThread
• #1059 - Rule S4200: Native methods should be wrapped
• #1060 - Rule S4159: Classes should implement their "ExportAttribute" interfaces
• #1063 - Rule S3343: Caller information parameters should come at the end of the parameter list
• #1064 - Rule S3464: Type inheritance should not be recursive
• #1065 - Rule S3353: Unchanged local variables should be "const"
• #1066 - Rule S3060: "is" should not be used with "this"
• #1067 - Rule S3366: "this" should not be exposed from constructors
• #1070 - Rule S4212: Serialization constructors should be secured
• #1071 - Rule S1147: Exit methods should not be called
• #1073 - Rule S3358: Ternary operators should not be nested
• #1075 - Rule S2302: 'nameof' should be used

Improvements

• #998 - Reduce size of jar
• #1000 - Update S3440: "Variables should not be checked before assignment" should not raise on properties
• #1104 - Update S104: Multiline tokens should count as multiple lines
• #1106 - Update plugin properties to declare them as multi-values property
• #1112 - Update S3776: "Cognitive Complexity" should provide values for remediation function and cost
• #326 - Fix S2930: Should report on all classes implementing IDisposable
• #1124 - Fix S1607: Should be applied for test classes as well
• #242 - Fix S3459: False Positive with interop methods
• #710 - Fix S1144: False positive for partial methods/classes
• #760 - Fix S3881: "Implement IDisposable correctly" has inconsistent behaviour in partial classes
• #767 - Fix S4158: "Empty collections" raises false positive when analyzed method has too many branches
• #777 - Fix S2183: Add 2 exceptions to the rule to reduce the noise
• #789 - Fix S3254: False positive when used in Expression
• #1038 - False positive in S3966: calls to arg.Dispose() are not handled correctly
• #1076 - Fix S3925: Should not raise on explicit implementation of ISerializable
• #1126 - Fix S1607: Should not raise issues for [Ignore] attribute with a parameter
• #1138 - Fix S1643: check if expression is concatenation

6.7.1

Bug

• #992 - Fix S3532: default clauses with comments should not be reported
• #1002 - Fix EmptyCollectionsShouldNotBeEnumerated: Rule should not throw InvalidOperationException
• #1003 - Fix S3237: Rule should not throw NullReferenceException when using expression body accessor
• #1006 - Fix S101: Rule should not throw IndexOutOfRangeException
• #1009 - Fix S2933: Code Fix should handle regions
• #1014 - Support symbol highlighting for multi-targetting projects that use conditional compilation

False Positive

• #888 - Fix S1144: False positive on async Main
• #1010 - Fix S2187: rule should not warn on MSTest when using DataTestMethodAttribute
• #1015 - Fix S107: "Methods with too many parameters" should not raise on constructors calling base
• #1024 - Fix S1172: Rule should also ignore the new Main syntax

Improvement

• #1004 - Support syntax highlighting for multi-targetting projects that use conditional compilation

6.7

Bugs

• #934 - Don't fail to parse issues on file names with '['

False Positives

• #318 - Fix S101: Rule should not report an issue on auto-generated members
• #704 - Fix S3168: Rule should not raise FP with UWP event args
• #707 - Fix S4056 and S4058: False positive for string comparisons with StringComparison parameter
• #733 - Update S2325: Rule should exempt MVC / Web Api controller public methods
• #804 - Update S2583: Should not raise issues for boolean constants and literals in conditions
• #929 - Fix S2187: Rule should not raise an issue when class is abstract

Improvements

• #396 - Update S104: "Too many lines in a file" should only count lines of code
• #656 - Update sensors to support projects with linked (shared) files
• #722 - Update S3415: Support other test frameworks
• #752 - Rule S1110: Redundant parenthesis - move the implementation from S3235
• #786 - Update S2187: Rule should handle "TheoryAttribute"
• #836 - Update S2068: Make the rule parameterised
• #910 - Update S2436: Rule should provide another parameter for methods
• #917 - Remove support for deprecated 'sonar.cs.msbuild.testProjectPattern'
• #921 - Change the log level of the autogenerated file messages to DEBUG
• #973 - Update SonarC#: Unit Tests total and skipped numbers are not consistent
• #979 - Update S2187: Rule should handle TestCaseSourceAttribute
• #981 - Update S1607: Rule should handle 'TestCaseSourceAttribute'
• #983 - Update S2699: Rule should handle more test method attributes
• #989 - SonarC# should display a warning when coverage report doesn't cover any file imported in SonarQube
• #991 - Enable analysis on non-Windows OSes

New Features

• #955 - Rule S113: Files should contain an empty newline at the end

6.7-RC1

Milestone 6.7