Releases: SonarSource/sonar-xml
2.11.0.5671
Release notes - SonarXML - 2.11
Documentation
SONARXML-189 Update license headers
SONARXML-194 S3422: Add Compliant code examples
False Negative
SONARXML-146 Rule S6358: {{android:fullBackupContent}} will be ignore for Android API is 22 or lower
SONARXML-195 FN S125: Rule does not raise an issue when two (or more) tags following each other are commented
False Positive
SONARXML-145 Rule S5332: clear-text traffic is disabled by default for Android API level 28 and above
Task
SONARXML-160 Move IT tests to JUnit 5
SONARXML-198 Update rule metadata
Improvement
SONARXML-185 Support on-demand plugin downloading
SONARXML-192 [S2647] Deprecate rule
2.10.0.4108
Release notes - SonarXML - 2.10
Task
SONARXML-178 Update rules metadata
SONARXML-179 Update sonar-analyzer-commons to 2.7.0.1482
2.9.0.4055
Release notes - SonarXML - 2.9
False Negative
SONARXML-169 [S2068] Add support for form based authentication in web.config
SONARXML-172 [S4507] Add support for web.config customErrors parameter
Task
SONARXML-176 Update rules metadata
2.8.1.4006
Release notes - SonarXML - 2.8.1
Documentation
SONARXML-174 Rule S140 (XPathCheck) metadata are not up to date and do not follow LayC format.
2.8.0.3982
Release notes - SonarXML - 2.8
Task
SONARXML-170 Upgrade sonar-analyzer-commons 2.5.0.1358
SONARXML-173 Update rule metadata
2.7.0.3820
Release notes - SonarXML - 2.7.0.3820
Bug
- SONARXML-163 xml:XPathCheck does not support correctly "::" syntax
- SONARXML-164 NumberFormatException for "*" in S3417, unable to build dependency from "*:.*log4j"
Documentation
- SONARXML-166 Update rules metadata
Task
- SONARXML-165 Upgrade sonar-analyzer-commons to 2.1.0.1111
2.6.1.3686
Release notes - SonarXML - Version 2.6.1.3686
Bug
SONARXML-162 XPathCheck supports schemeless namespace-uri() in xpath expressions
2.6.0.3672
Release notes - SonarXML - Version 2.6
Improvement
SONARXML-150 cls-meta.xml files should be excluded from the scope of XML analysis
SONARXML-148 S3417 resolves versions defined as properties within the same file
New Feature
SONARXML-161 Update rules metadata
SONARXML-157 Provide OWASP Top 10 2021 security standards for rules metadata
Task
SONARXML-159 Upgrade sonar-analyzer-commons
SONARXML-158 Remove dependency on xalan
2.5.0.3376
Release Notes - SonarXML - Version 2.5
Bug
- [SONARXML-149] - NPE parsing XML empty CDATA
Task
- [SONARXML-135] - Move all rules targeting XML from SonarQube Java Analyzer to SonarXML
- [SONARXML-151] - Update sonar-plugin-api to version 8.9
- [SONARXML-152] - Declare XML sensor as a sensor processing files independently
- [SONARXML-153] - Update rules metadata
2.4.0.3273
Release Notes - SonarXML - Version 2.4
New Feature
- [SONARXML-137] - Rule S6358: Allowing application backup is security-sensitive
- [SONARXML-138] - Rule S5322: Receiving intents is security-sensitive
- [SONARXML-140] - Rule S6361: Defining a single permission for read and write access of Content Providers is security-sensitive
Task
- [SONARXML-144] - Update rules metadata
Improvement
- [SONARXML-139] - Rule S6359: Custom permissions should not be defined in the 'android.permission' namespace
- [SONARXML-141] - Rule S5332: Using clear-text protocols is security-sensitive
- [SONARXML-143] - S2647: remove CWE-311 from "securityStandards" to match the "See" section
False-Positive
- [SONARXML-142] - S5594 should not raise on activities expecting android.intent.action.SEND* intents