Sonar-tools

Latest version: v3.1

Safety actively analyzes 640400 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 6 of 9

1.6

What's Changed

New **sonar-loc** tool
* Outputs number of lines of code of each projects as computed by the SonarQube commercial licenses
* Add total loc count in final summary log by okorach in https://github.com/okorach/sonarqube-tools/pull/194

**sonar-audit** tool improvements
- A configuration file
- Audit of stale branches and pull requests
- Audit of empty portfolios and Applications

* Fixes 161 - Document sonar-audit configuration file by okorach in https://github.com/okorach/sonarqube-tools/pull/201
* Improvement: Make token audit age configurable by okorach in https://github.com/okorach/sonarqube-tools/pull/204
* Make $HOME/.sonar-audit.properties a default audit config file by okorach in https://github.com/okorach/sonarqube-tools/pull/203
* Fix 221: Allow to perform a SIF standalone audit by okorach in https://github.com/okorach/sonarqube-tools/pull/205
* Make check for duplicate projects configurable by okorach in https://github.com/okorach/sonarqube-tools/pull/219
* Allow sonar-audit to generate a default configuration file okorach in https://github.com/okorach/sonarqube-tools/pull/210
* sonar-audit audits stale branches and PRs by okorach in https://github.com/okorach/sonarqube-tools/pull/224
* Audit-empty-portfolios by okorach in https://github.com/okorach/sonarqube-tools/pull/229
* Add sonar-audit portfolio doc by okorach in https://github.com/okorach/sonarqube-tools/pull/230
* Fixes 228 - Empty applications by okorach in https://github.com/okorach/sonarqube-tools/pull/233
* Branches and PR as objects and auditable by okorach in https://github.com/okorach/sonarqube-tools/pull/226

**sonar-housekeeper** tool improvements
* Also include PRs to compute last analysis date okorach in https://github.com/okorach/sonarqube-tools/pull/220
* Delete stale branches and pull requests
* Housekeeper deletes old branches and PRs by okorach in https://github.com/okorach/sonarqube-tools/pull/227

**Bug fixes:**
* Fix: Measures export fail on branch by okorach in https://github.com/okorach/sonarqube-tools/pull/196
* Fix 206 - Add GH pipeline by okorach in https://github.com/okorach/sonarqube-tools/pull/207
* Fix 25 by okorach in https://github.com/okorach/sonarqube-tools/pull/209
* Fixes 197 - Project export/import should display a clear message if edition/version is incompatible by okorach in https://github.com/okorach/sonarqube-tools/pull/211
* Project move check sq compatibility by okorach in https://github.com/okorach/sonarqube-tools/pull/212
* Cleanup-logs-2 by okorach in https://github.com/okorach/sonarqube-tools/pull/215
* Fix-doc-typos-nov-2021 by okorach in https://github.com/okorach/sonarqube-tools/pull/213
* Fixes 217 - Add link to release notes in README by okorach in https://github.com/okorach/sonarqube-tools/pull/218
* Fixes 221 - sonar-audit should gracefully fail when the JSON file is not a SIF by okorach in https://github.com/okorach/sonarqube-tools/pull/222
* Fix docs by okorach in https://github.com/okorach/sonarqube-tools/pull/238
* sonar-measure-export honors -k option by okorach in https://github.com/okorach/sonarqube-tools/pull/242
* Fixes 40 - Don't raise deprecated rule if inherit from built-in by okorach in https://github.com/okorach/sonarqube-tools/pull/243
* Sonar-housekeeper-crash-on-branches by okorach in https://github.com/okorach/sonarqube-tools/pull/225
* Fixes 234 by okorach in https://github.com/okorach/sonarqube-tools/pull/235
* sonar-loc new tool by okorach in https://github.com/okorach/sonarqube-tools/pull/236
* Add reference to sonar-loc by okorach in https://github.com/okorach/sonarqube-tools/pull/237

**Full Changelog**: https://github.com/okorach/sonarqube-tools/compare/v1.5...v1.6

1.5

Several sonar-audit improvements

Offline analysis of System Info File / Support Info File
Documentation and autogeneration of sonar-audit configuration file
Audit of unused tokens, too old tokens, tokens not used for too long
sonar-project-import/export improvement

sonar-project-import/sonar-project-export checks on compatibility of editions/version

What's Changed
* Add total loc count in final summary log by okorach in https://github.com/okorach/sonarqube-tools/pull/194
* Fix-issue-export-fails-on-branch by okorach in https://github.com/okorach/sonarqube-tools/pull/196
* Fixes 161 - Document sonar-audit configuration file by okorach in https://github.com/okorach/sonarqube-tools/pull/201
* Configurable-token-audit by okorach in https://github.com/okorach/sonarqube-tools/pull/204
* Make $HOME/.sonar-audit.properties a default config file by okorach in https://github.com/okorach/sonarqube-tools/pull/203
* SIF standalone audit by okorach in https://github.com/okorach/sonarqube-tools/pull/205
* Fixes 206 - Add GH pipeline by okorach in https://github.com/okorach/sonarqube-tools/pull/207
* Fixes 25 by okorach in https://github.com/okorach/sonarqube-tools/pull/209
* Generate sonar-audit config file by okorach in https://github.com/okorach/sonarqube-tools/pull/210
* Fixes 197 - Project export/import should display a clear message if edition/version is incompatible by okorach in https://github.com/okorach/sonarqube-tools/pull/211
* Project move check sq compatibility by okorach in https://github.com/okorach/sonarqube-tools/pull/212


**Full Changelog**: https://github.com/okorach/sonarqube-tools/compare/v1.4.7...v1.5

1.4.7.1

Final summary INFO log at the end displays the total loc count

1.4.7

The metrics on branches were incorrect, always returning metrics on the main branch
This is solved, each branch has its own set of metrics

1.4.6

Audits:
- Tokens created but never used
- Tokens not used for a configurable about of time (30 days by default)

1.4.5

- Audit that SonarQube is not using a database located on same server as SonarQube itself (JDBC URL using localhost)
- Fixed bug 184

Page 6 of 9

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.