Workflow

Sonar-tools

Latest version: v3.0

Safety actively analyzes 638396 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 6 of 9

1.5

Several sonar-audit improvements

Offline analysis of System Info File / Support Info File
Documentation and autogeneration of sonar-audit configuration file
Audit of unused tokens, too old tokens, tokens not used for too long
sonar-project-import/export improvement

sonar-project-import/sonar-project-export checks on compatibility of editions/version

What's Changed
* Add total loc count in final summary log by okorach in https://github.com/okorach/sonarqube-tools/pull/194
* Fix-issue-export-fails-on-branch by okorach in https://github.com/okorach/sonarqube-tools/pull/196
* Fixes 161 - Document sonar-audit configuration file by okorach in https://github.com/okorach/sonarqube-tools/pull/201
* Configurable-token-audit by okorach in https://github.com/okorach/sonarqube-tools/pull/204
* Make $HOME/.sonar-audit.properties a default config file by okorach in https://github.com/okorach/sonarqube-tools/pull/203
* SIF standalone audit by okorach in https://github.com/okorach/sonarqube-tools/pull/205
* Fixes 206 - Add GH pipeline by okorach in https://github.com/okorach/sonarqube-tools/pull/207
* Fixes 25 by okorach in https://github.com/okorach/sonarqube-tools/pull/209
* Generate sonar-audit config file by okorach in https://github.com/okorach/sonarqube-tools/pull/210
* Fixes 197 - Project export/import should display a clear message if edition/version is incompatible by okorach in https://github.com/okorach/sonarqube-tools/pull/211
* Project move check sq compatibility by okorach in https://github.com/okorach/sonarqube-tools/pull/212


**Full Changelog**: https://github.com/okorach/sonarqube-tools/compare/v1.4.7...v1.5

1.4.7.1

Final summary INFO log at the end displays the total loc count

1.4.7

The metrics on branches were incorrect, always returning metrics on the main branch
This is solved, each branch has its own set of metrics

1.4.6

Audits:
- Tokens created but never used
- Tokens not used for a configurable about of time (30 days by default)

1.4.5

- Audit that SonarQube is not using a database located on same server as SonarQube itself (JDBC URL using localhost)
- Fixed bug 184

1.4.3

Page 6 of 9

Links

Releases

Has known vulnerabilities

Previous Next

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.