2.4

CodeScan Article Author Icon
Will O'brien
  • Updated

Release notes

Can only run on SonarQube™ version 4.2+

Changes

  • Improvement: Changes to supports SonarQube™ 4.2. This brings with it a lot of improvements including Technical Debt classification and time estimates. Note that the Technical Debt classification is not 100% complete.
  • Improvement: Experimental full type resolution. Before this, type resolution was only done on a file-by-file basis. Full type resolution will allow for new rules which affect multiple files. This feature is still experimental at this stage.
  • New Feature: VisualForce rules. Currently 16 rules exist, including XPath rules so you can build your own rules. To activate this make sure you do not have the “sonar.language=sf” directive in your project. New standard rules are:
    • Avoid inline CSS styles
    • “strong” tags should be used instead of “b”
    • “em” tags should be used instead of “i”
    • Images tags should have an “alt” attribute
    • Images tags should always have a “width” and a “height” attribute
    • “autocomplete” should be set to “off” on input elements of type “password”
    • Meta tags should not be used to refresh the page nor for redirection
    • Tags no longer supported in HTML5 should not be used
    • Avoid non consecutive heading tags
    • Avoid long lines
    • Avoid html comments
    • Files should have a header comment
    • Mouse events should have equivalent keyboard events
    • Avoid large Javascript scriptlets
    • XPath rule template
  • New Rule: Avoid creating multiple triggers on the same object (multiple triggers on the same object will trigger this rule)
  • New Rule: Future method used from within loop (calling a method marked with @future from within a loop will trigger this rule) – Note that this is uses an experimental feature so may return false positives or false negatives
  • New Rule: Empty block statements serve no purpose and should be removed.
  • Fix trigger variable instantiation. Allows for private/static variables in triggers 
    trigger XYZAfterUpdate on XYZ__c (after update) {
  private final static String XYZRecordTypeId = ‘asdf’; //private/static variables work now
}
  • Bug Fix: No longer using XML for communicating internally. This was causing problems on very large projects and several other issues.
  • Bug Fix: Hard Coded ID false positive: 18 character strings were causing false positives. Added a check for both integers and strings as it’s fairly unlikely a Salesforce ID won’t have a number in it.
  • Bug Fix: Trigger code complexity was not being calculated