Stronger AI Capabilities
Use your own quality gate for AI Code Assurance
In SonarQube 10.7, we released AI Code Assurance, which allows users to flag projects with AI-generated code and uses the Sonar way quality gate. In this release, Sonar provides a new recommended AI Code Assurance quality gate which covers both new code and overall code. For those of you who want to use your own quality gate for AI Code Assurance, you can mark your custom quality gates as “Qualified for AI Code Assurance” enabling teams to use your company-trusted quality gate for AI Code Assurance.
Available in Developer Edition | Enterprise Edition | Data Center Edition
AI CodeFix updates
AI CodeFix Early Access is being extended to Developer Edition. Now, every developer who uses SonarQube Server can leverage the power of AI-assisted code fix suggestions in every edition of SonarQube Server. In 10.7, we released the ability to open AI CodeFix suggestions in IntelliJ, VS Code, and Eclipse. In this release, we round out that capability to all the IDEs with the final addition of Visual Studio.
Available in Developer Edition | Enterprise Edition | Data Center Edition
Flexible Administration
Dual operating modes: Standard Experience and Multi Quality Rule (MQR) Mode
There are now two different operating modes for SonarQube Server: Standard Experience and Multi Quality Rule (MQR) Mode. The Standard Experience preserves the familiar rule and issue qualities (Bug, Vulnerability, and Code Smell) and custom severities Sonar has historically offered. MQR Mode shows the new Clean Code Taxonomy model, where rules and issues can have multiple qualities, including a severity setting per quality. In MQR Mode we’ve also added the ability to set custom severity levels in a similar way to the Standard Experience, so you can override the default with a severity level that suits your business needs. Moreover, you can decide which model works best for your business and switch at any time without disruption.
Available in Developer Edition | Enterprise Edition | Data Center Edition
Automatic provisioning: group membership visibility
When automatically provisioning users and groups with GitHub or GitLab, admins can now see which users are assigned to each group in the SonarQube Server UI for both GitHub and GitLab projects. This makes it easier to identify any differences between SonarQube Server and GitHub or GitLab.
Available in Developer Edition | Enterprise Edition | Data Center Edition
Powerful Language Updates
Introducing architecture rules for Java
Poor architecture leads to architectural technical debt, excessive coupling, and an unmanageable codebase. Our introduction to architecture rules helps developers find circular dependencies across classes in Java code. For example, this happens when class A references class B, class B references class C, and class C references class A. These kinds of circular dependencies can be hard to find on your own. Now SonarQube Server helps developers uncover and correct these issues in your Java code.
Available in Developer Edition | Enterprise Edition | Data Center Edition
New language: Ansible IaC
Ansible is an infrastructure-as-code (IaC) tool for automating application provisioning, configuration, updating, and deployment, using an approach similar to managing inventory. It does this through command-line scripting with Ansible Playbooks, which are YAML files. Now, SonarQube Server helps developers improve the quality and security of your Ansible IaC.
Available in Developer Edition | Enterprise Edition | Data Center Edition
Dart/Flutter moves to a fully supported language
Dart is the fastest-growing multiplatform developer language and is increasingly popular for building mobile apps, especially mobile games. With the addition of 39 new rules, bringing the coverage to 115 Dart rules, we move Dart/Flutter from Early Access to a fully supported language. Now, you can feel confident Sonar has your back when coding in Dart and with SonarQube Server, you can build high-quality and secure Flutter apps.
Available in Developer Edition | Enterprise Edition | Data Center Edition
Advanced Secrets Detection
Our commercial editions of SonarQube Server get a further boost in secrets detection with the addition of 29 new rules, bringing the total to a whopping 119 rules covering 166 secrets patterns and 113 cloud services. Our goal is to deliver industry-leading secrets detection not only as we scan your code repository but also to enable you to start left in your IDE when SonarQube Server and SonarQube for IDE are connected together.
Available in Developer Edition | Enterprise Edition | Data Center Edition
The details of these and many more 10.8 language updates are in the SonarQube Server release notes.