Sonar-tools

What's new

* Refactoring on portfolios for hardening
* **sonar-findings-export** and **sonar-rules** now have a `--languages` option to filter findings/rules in a restrained list of languages
* **sonar-measures-export** can export measures for Applications and Portfolios. For this reason, a new column (col 2) has been added to the CSV output format which can be `PROJECT`, `BRANCH`, `APPLICATION`, `APPLICATIONBRANCH` or `PORTFOLIO`
* **sonar-findings-export**:
- Ability export findings for Applications and Portfolios, Application and Project branches
- Fixes in SARIF export format
- Adjustments to new issues taxonomy
- Added option to not export all Sonar findings custom properties in SARIF export for more compact output
- Added finding author and language column in CSV export, in JSON and SARIF too
- Updated SARIF format export to not export custom properties when already standard SARIF fields
- Have a new field language for the issue language
* **sonar-config**:
- Smart handling of properties that can be lists. If the list contains a comma, the property is exported as list, if no comma, as a more
compact comma separated string
- Settings that are the default are no longer exported unless `--exportDefaults` option is provided
- Changed the key for default branch from `__default__` to `-DEFAULT_BRANCH-` to make sure that this cannot conflict with a real branch name (because git forbids branches starting by `-`)
Portfolio export format has been slightly changed for consistency

Details

* SARIF export fixes by okorach in https://github.com/okorach/sonar-tools/pull/1148
* Add SARIF tests by okorach in https://github.com/okorach/sonar-tools/pull/1149
* Add filters for rules and findings export by okorach in https://github.com/okorach/sonar-tools/pull/1154
* Quality-pass-2 by okorach in https://github.com/okorach/sonar-tools/pull/1157
* Fix tests by okorach in https://github.com/okorach/sonar-tools/pull/1158
* Fix issue export with multiple filters by okorach in https://github.com/okorach/sonar-tools/pull/1159
* Improve sonar-config export by okorach in https://github.com/okorach/sonar-tools/pull/1164
* Fix regression by okorach in https://github.com/okorach/sonar-tools/pull/1165
* Remove issues deprecated apis by okorach in https://github.com/okorach/sonar-tools/pull/1166
* Make most CLI options as configurable params by okorach in https://github.com/okorach/sonar-tools/pull/1167
* Use CSV write to produce CSV by okorach in https://github.com/okorach/sonar-tools/pull/1168
* Configurable options everywhere by okorach in https://github.com/okorach/sonar-tools/pull/1170
* Fix double del TOKEN by okorach in https://github.com/okorach/sonar-tools/pull/1171
* Add portfolios and apps components by okorach in https://github.com/okorach/sonar-tools/pull/1172
* Branch for apps by okorach in https://github.com/okorach/sonar-tools/pull/1174
* Fix SARIF regression by okorach in https://github.com/okorach/sonar-tools/pull/1176
* Branch deletion fix by okorach in https://github.com/okorach/sonar-tools/pull/1177
* Fix unicity for apps and SIF not readable test by okorach in https://github.com/okorach/sonar-tools/pull/1178
* Fixes 1175 by okorach in https://github.com/okorach/sonar-tools/pull/1180
* Fix 1169 by okorach in https://github.com/okorach/sonar-tools/pull/1181
* Findings search on branches and PRs by okorach in https://github.com/okorach/sonar-tools/pull/1182
* LoC for apps by okorach in https://github.com/okorach/sonar-tools/pull/1183
* Issues for apps by okorach in https://github.com/okorach/sonar-tools/pull/1184
* Unique-cross-platform-object-ids by okorach in https://github.com/okorach/sonar-tools/pull/1185
* Reduce tech debt by okorach in https://github.com/okorach/sonar-tools/pull/1188
* Fix 1186 and 1187 plus final JSON, SARIF output format clean up by okorach in https://github.com/okorach/sonar-tools/pull/1189
* Adjust tests for 9.9 by okorach in https://github.com/okorach/sonar-tools/pull/1191
* Adjust-tests-for-sonarcloud by okorach in https://github.com/okorach/sonar-tools/pull/1192
* Fixes 1193 by okorach in https://github.com/okorach/sonar-tools/pull/1194

**Full Changelog**: https://github.com/okorach/sonar-tools/compare/3.1...3.2

https://github.com/okorach/sonar-tools/milestone/32?closed=1

Detailed changes
* Align-it-with-sonar-scripts by okorach in https://github.com/okorach/sonar-tools/pull/1070
* audit logs for errors or warnings by okorach in https://github.com/okorach/sonar-tools/pull/1074
* Display error when asking for non existing metric by okorach in https://github.com/okorach/sonar-tools/pull/1075
* skip export for projects with no access by okorach in https://github.com/okorach/sonar-tools/pull/1076
* Export measures history as table by okorach in https://github.com/okorach/sonar-tools/pull/1079
* Fix cache? by okorach in https://github.com/okorach/sonar-tools/pull/1080
* Add tests by okorach in https://github.com/okorach/sonar-tools/pull/1081
* Fix sonar-audit hang when no permission on project by okorach in https://github.com/okorach/sonar-tools/pull/1083
* Add-more-tests by okorach in https://github.com/okorach/sonar-tools/pull/1084
* Create SECURITY.md by okorach in https://github.com/okorach/sonar-tools/pull/1086
* Add test for measures history by branch by okorach in https://github.com/okorach/sonar-tools/pull/1094
* Add rules test by okorach in https://github.com/okorach/sonar-tools/pull/1095
* Fix 1096 by okorach in https://github.com/okorach/sonar-tools/pull/1097
* Fixes 1098 by okorach in https://github.com/okorach/sonar-tools/pull/1100
* Configurable Logging by okorach in https://github.com/okorach/sonar-tools/pull/1101
* sonar-loc for branches by okorach in https://github.com/okorach/sonar-tools/pull/1102
* Fix audit and config problems with sonarqube 10x by okorach in https://github.com/okorach/sonar-tools/pull/1106
* Add-loc-test-on-branches-and-portfolios by okorach in https://github.com/okorach/sonar-tools/pull/1107
* Add SIF tests by okorach in https://github.com/okorach/sonar-tools/pull/1108
* Add accept issues transition by okorach in https://github.com/okorach/sonar-tools/pull/1112
* Fix 1111 by okorach in https://github.com/okorach/sonar-tools/pull/1113
* Fix-1110 by okorach in https://github.com/okorach/sonar-tools/pull/1114
* Fix extra / by waynekhan in https://github.com/okorach/sonar-tools/pull/1109
* Improve tests and test coverage by okorach in https://github.com/okorach/sonar-tools/pull/1116
* Issues-sync performance improvement by okorach in https://github.com/okorach/sonar-tools/pull/1120
* issue sync fixes (check exact match before approx match) by okorach in https://github.com/okorach/sonar-tools/pull/1121
* Fix-1122 by okorach in https://github.com/okorach/sonar-tools/pull/1125
* Refactoring by okorach in https://github.com/okorach/sonar-tools/pull/1126

New Contributors
* waynekhan made their first contribution in https://github.com/okorach/sonar-tools/pull/1109

**Full Changelog**: https://github.com/okorach/sonar-tools/compare/3.0...3.1

What's Changed
* Most Sonar Tools are now compatible with SonarCloud
* sonar-measures-export can now export measures history instead of only the last value of a measure
* Several bug fixes
* Migrate wording from LTS to LTA by okorach in https://github.com/okorach/sonar-tools/pull/1050

**Full Changelog**: https://github.com/okorach/sonar-tools/compare/2.11...3.0

What's Changed

* `sonar-config -e` better handles new config parameters introduced with SonarQube 10.x (JCL/Secrets/IaC language params)
* `sonar-config -e` supports quality profile inheritance with disabled rules in child profile
* **sonar-tools** occasionally check for new versions on pypi.org and issue a warning log when this is the case

Detailed changes:
* sonar-rules export by okorach in https://github.com/okorach/sonar-tools/pull/1009
* Fixes 1012 Fixes 1013 by okorach in https://github.com/okorach/sonar-tools/pull/1015
* Occasionally check latest sonar-tool version by okorach in https://github.com/okorach/sonar-tools/pull/1017
* Null webhooks fix by okorach in https://github.com/okorach/sonar-tools/pull/1019
* Rules disabled in inherited QP by okorach in https://github.com/okorach/sonar-tools/pull/1020
* Include added rules, modified rules, etc... even if there are none by okorach in https://github.com/okorach/sonar-tools/pull/1024
* Update docs by okorach in https://github.com/okorach/sonar-tools/pull/1025


**Full Changelog**: https://github.com/okorach/sonar-tools/compare/2.10.1...2.11

Highlights

This release only fixes a critical bug in `sonar-findings-export` that hangs when exporting in CSV format

What's Changed
* Fixes 1007 https://github.com/okorach/sonar-tools/issues/1007


**Full Changelog**: https://github.com/okorach/sonar-tools/compare/2.10...2.10.1

What's Changed

* Support of issue/findings export in SARIF format (beta) - run `sonar-findings-export --format sarif -f my-issues-sarif.json`
* Configurable timeout for SonarQube server HTTP requests (was hardcoded to 10s before)
* Multiple bug fixes and hardening

Details:
* Fixes sonar-audit does not always find edition in SIF 982 by okorach in https://github.com/okorach/sonar-tools/pull/983
* Improve-sif-audit by okorach in https://github.com/okorach/sonar-tools/pull/987
* Fix audit rule for maintainability grid by okorach in https://github.com/okorach/sonar-tools/pull/989
* Raise ObjectNotFound when getting measure of non existing object by okorach in https://github.com/okorach/sonar-tools/pull/993
* Configurable HTTP timeout by okorach in https://github.com/okorach/sonar-tools/pull/994
* Add doc by okorach in https://github.com/okorach/sonar-tools/pull/995
* SARIF format export by okorach in https://github.com/okorach/sonar-tools/pull/997
* Fix message on ES heap too low by okorach in https://github.com/okorach/sonar-tools/pull/998
* Fix-sonarlint-config by okorach in https://github.com/okorach/sonar-tools/pull/1001
* More acccurate problems detection in `sonar-audit` by okorach in https://github.com/okorach/sonar-tools/pull/1003

**Full Changelog**: https://github.com/okorach/sonar-tools/compare/2.9...2.10