Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump sonar.version from 10.9.0.2362 to 10.10.0.2391 #9540

Merged

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jul 23, 2024

Bumps sonar.version from 10.9.0.2362 to 10.10.0.2391.
Updates org.sonarsource.api.plugin:sonar-plugin-api from 10.9.0.2362 to 10.10.0.2391

Release notes

Sourced from org.sonarsource.api.plugin:sonar-plugin-api's releases.

10.10.0.2391

New Feature

PLUGINAPI-98 Add new security standard for STIG

Changelog

Sourced from org.sonarsource.api.plugin:sonar-plugin-api's changelog.

Changelog

10.10

  • Introduce org.sonar.api.server.rule.RulesDefinition.addStig to support STIG security standards

10.8

  • Fixed an issue where WebService which was not meant to return any response still showed the warning in the logs when response example was not set.
  • Introduce 'org.sonar.api.server.ws.WebService.NewAction.setContentType' for optionally setting a response type of Action.
  • Replace internal library commons-lang:commons-lang by org.apache.commons:commons-lang3.
  • Do not throw an exception when a rule parameter is not known in org.sonar.api.batch.rule.Checks

10.7

  • Change domain of metrics org.sonar.api.measures.CoreMetrics.SECURITY_ISSUES, org.sonar.api.measures.CoreMetrics.MAINTAINABILITY_ISSUES, org.sonar.api.measures.CoreMetrics.RELIABILITY_ISSUES, org.sonar.api.measures.CoreMetrics.NEW_SECURITY_ISSUES, org.sonar.api.measures.CoreMetrics.NEW_MAINTAINABILITY_ISSUES and org.sonar.api.measures.CoreMetrics.NEW_RELIABILITY_ISSUES to SECURITY, MAINTAINABILITY and RELIABILITY domains instead of ISSUES domain.
  • Add new metrics org.sonar.api.measures.CoreMetrics.NEW_SECURITY_ISSUES, org.sonar.api.measures.CoreMetrics.NEW_MAINTAINABILITY_ISSUES and org.sonar.api.measures.CoreMetrics.NEW_RELIABILITY_ISSUES.
  • Deprecate metrics org.sonar.api.measures.CoreMetrics.BLOCKER_VIOLATIONS, org.sonar.api.measures.CoreMetrics.CRITICAL_VIOLATIONS, org.sonar.api.measures.CoreMetrics.MAJOR_VIOLATIONS, org.sonar.api.measures.CoreMetrics.MINOR_VIOLATIONS, org.sonar.api.measures.CoreMetrics.INFO_VIOLATIONS, org.sonar.api.measures.CoreMetrics.NEW_BLOCKER_VIOLATIONS, , org.sonar.api.measures.CoreMetrics.NEW_CRITICAL_VIOLATIONS, org.sonar.api.measures.CoreMetrics.NEW_MAJOR_VIOLATIONS, org.sonar.api.measures.CoreMetrics.NEW_MINOR_VIOLATIONS, org.sonar.api.measures.CoreMetrics.NEW_INFO_VIOLATIONS, org.sonar.api.measures.CoreMetrics.CODE_SMELLS, org.sonar.api.measures.CoreMetrics.NEW_CODE_SMELLS, org.sonar.api.measures.CoreMetrics.BUGS, org.sonar.api.measures.CoreMetrics.NEW_BUGS, org.sonar.api.measures.CoreMetrics.VULNERABILITIES, org.sonar.api.measures.CoreMetrics.NEW_VULNERABILITIES. Use org.sonar.api.measures.CoreMetrics.SECURITY_ISSUES, org.sonar.api.measures.CoreMetrics.MAINTAINABILITY_ISSUES and org.sonar.api.measures.CoreMetrics.RELIABILITY_ISSUES instead.

10.6

  • Deprecate metric org.sonar.api.measures.CoreMetrics.HIGH_IMPACT_ACCEPTED_ISSUES.
  • Add new metrics org.sonar.api.measures.CoreMetrics.SECURITY_ISSUES, org.sonar.api.measures.CoreMetrics.MAINTAINABILITY_ISSUES and org.sonar.api.measures.CoreMetrics.RELIABILITY_ISSUES.

10.5

  • Introduce org.sonar.api.issue.IssueStatus to simplify status and resolution on issues.
  • Deprecate org.sonar.api.ce.measure.Issue.status() and org.sonar.api.ce.measure.Issue.resolution(). Use org.sonar.api.ce.measure.Issue.issueStatus() method instead.
  • Deprecate org.sonar.api.issue.Issue.status() and org.sonar.api.issue.Issue.resolution(). No replacement.
  • Deprecate STATUS_OPEN, STATUS_CONFIRMED, STATUS_REOPENED, STATUS_RESOLVED, STATUS_CLOSED, RESOLUTION_FIXED, RESOLUTION_FALSE_POSITIVE, RESOLUTION_REMOVED, RESOLUTION_WONT_FIX, use org.sonar.api.issue.IssueStatus enum instead
  • Deprecate RESOLUTION_SAFE, RESOLUTION_ACKNOWLEDGED, STATUS_TO_REVIEW, STATUS_REVIEWED. No replacement.
  • Deprecate org.sonar.api.measures.CoreMetrics.REOPENED_ISSUES, org.sonar.api.measures.CoreMetrics.OPEN_ISSUES. Use org.sonar.api.measures.CoreMetrics.VIOLATIONS instead.
  • Deprecate org.sonar.api.measures.CoreMetrics.CONFIRMED_ISSUES. No replacement.

10.4

  • Add new metrics org.sonar.api.measures.CoreMetrics.NEW_ACCEPTED_ISSUES and org.sonar.api.measures.CoreMetrics.HIGH_IMPACT_ACCEPTED_ISSUES.
  • Add new metric org.sonar.api.measures.CoreMetrics.PULL_REQUEST_FIXED_ISSUES to represent issues that would be fixed by the pull request.
  • Fixed misleading javadoc of org.sonar.api.config.Configuration to make it clear that at Compute Engine level project configuration is not provided.
  • Deprecate org.sonar.api.issue.DefaultTransitions.UNCOMFIRM. There is no replacement as org.sonar.api.issue.DefaultTransitions.CONFIRM is subject to removal in the future.
  • Deprecate org.sonar.api.issue.DefaultTransitions.CONFIRM. Use org.sonar.api.issue.DefaultTransitions.ACCEPT instead.

10.3

  • Deprecate org.sonar.api.measures.CoreMetrics.WONT_FIX_ISSUES metric and related key.
  • Introduce org.sonar.api.measures.CoreMetrics.ACCEPTED_ISSUES which effectively replaces org.sonar.api.measures.CoreMetrics.WONT_FIX_ISSUES
  • Introduce org.sonar.api.issue.DefaultTransitions.ACCEPT which effectively replaces org.sonar.api.issue.DefaultTransitions.WONT_FIX.
  • Deprecate org.sonar.api.issue.DefaultTransitions.WONT_FIX. Use org.sonar.api.issue.DefaultTransitions.ACCEPT instead.

10.2

... (truncated)

Commits

Updates org.sonarsource.api.plugin:sonar-plugin-api-test-fixtures from 10.9.0.2362 to 10.10.0.2391

Release notes

Sourced from org.sonarsource.api.plugin:sonar-plugin-api-test-fixtures's releases.

10.10.0.2391

New Feature

PLUGINAPI-98 Add new security standard for STIG

Changelog

Sourced from org.sonarsource.api.plugin:sonar-plugin-api-test-fixtures's changelog.

Changelog

10.10

  • Introduce org.sonar.api.server.rule.RulesDefinition.addStig to support STIG security standards

10.8

  • Fixed an issue where WebService which was not meant to return any response still showed the warning in the logs when response example was not set.
  • Introduce 'org.sonar.api.server.ws.WebService.NewAction.setContentType' for optionally setting a response type of Action.
  • Replace internal library commons-lang:commons-lang by org.apache.commons:commons-lang3.
  • Do not throw an exception when a rule parameter is not known in org.sonar.api.batch.rule.Checks

10.7

  • Change domain of metrics org.sonar.api.measures.CoreMetrics.SECURITY_ISSUES, org.sonar.api.measures.CoreMetrics.MAINTAINABILITY_ISSUES, org.sonar.api.measures.CoreMetrics.RELIABILITY_ISSUES, org.sonar.api.measures.CoreMetrics.NEW_SECURITY_ISSUES, org.sonar.api.measures.CoreMetrics.NEW_MAINTAINABILITY_ISSUES and org.sonar.api.measures.CoreMetrics.NEW_RELIABILITY_ISSUES to SECURITY, MAINTAINABILITY and RELIABILITY domains instead of ISSUES domain.
  • Add new metrics org.sonar.api.measures.CoreMetrics.NEW_SECURITY_ISSUES, org.sonar.api.measures.CoreMetrics.NEW_MAINTAINABILITY_ISSUES and org.sonar.api.measures.CoreMetrics.NEW_RELIABILITY_ISSUES.
  • Deprecate metrics org.sonar.api.measures.CoreMetrics.BLOCKER_VIOLATIONS, org.sonar.api.measures.CoreMetrics.CRITICAL_VIOLATIONS, org.sonar.api.measures.CoreMetrics.MAJOR_VIOLATIONS, org.sonar.api.measures.CoreMetrics.MINOR_VIOLATIONS, org.sonar.api.measures.CoreMetrics.INFO_VIOLATIONS, org.sonar.api.measures.CoreMetrics.NEW_BLOCKER_VIOLATIONS, , org.sonar.api.measures.CoreMetrics.NEW_CRITICAL_VIOLATIONS, org.sonar.api.measures.CoreMetrics.NEW_MAJOR_VIOLATIONS, org.sonar.api.measures.CoreMetrics.NEW_MINOR_VIOLATIONS, org.sonar.api.measures.CoreMetrics.NEW_INFO_VIOLATIONS, org.sonar.api.measures.CoreMetrics.CODE_SMELLS, org.sonar.api.measures.CoreMetrics.NEW_CODE_SMELLS, org.sonar.api.measures.CoreMetrics.BUGS, org.sonar.api.measures.CoreMetrics.NEW_BUGS, org.sonar.api.measures.CoreMetrics.VULNERABILITIES, org.sonar.api.measures.CoreMetrics.NEW_VULNERABILITIES. Use org.sonar.api.measures.CoreMetrics.SECURITY_ISSUES, org.sonar.api.measures.CoreMetrics.MAINTAINABILITY_ISSUES and org.sonar.api.measures.CoreMetrics.RELIABILITY_ISSUES instead.

10.6

  • Deprecate metric org.sonar.api.measures.CoreMetrics.HIGH_IMPACT_ACCEPTED_ISSUES.
  • Add new metrics org.sonar.api.measures.CoreMetrics.SECURITY_ISSUES, org.sonar.api.measures.CoreMetrics.MAINTAINABILITY_ISSUES and org.sonar.api.measures.CoreMetrics.RELIABILITY_ISSUES.

10.5

  • Introduce org.sonar.api.issue.IssueStatus to simplify status and resolution on issues.
  • Deprecate org.sonar.api.ce.measure.Issue.status() and org.sonar.api.ce.measure.Issue.resolution(). Use org.sonar.api.ce.measure.Issue.issueStatus() method instead.
  • Deprecate org.sonar.api.issue.Issue.status() and org.sonar.api.issue.Issue.resolution(). No replacement.
  • Deprecate STATUS_OPEN, STATUS_CONFIRMED, STATUS_REOPENED, STATUS_RESOLVED, STATUS_CLOSED, RESOLUTION_FIXED, RESOLUTION_FALSE_POSITIVE, RESOLUTION_REMOVED, RESOLUTION_WONT_FIX, use org.sonar.api.issue.IssueStatus enum instead
  • Deprecate RESOLUTION_SAFE, RESOLUTION_ACKNOWLEDGED, STATUS_TO_REVIEW, STATUS_REVIEWED. No replacement.
  • Deprecate org.sonar.api.measures.CoreMetrics.REOPENED_ISSUES, org.sonar.api.measures.CoreMetrics.OPEN_ISSUES. Use org.sonar.api.measures.CoreMetrics.VIOLATIONS instead.
  • Deprecate org.sonar.api.measures.CoreMetrics.CONFIRMED_ISSUES. No replacement.

10.4

  • Add new metrics org.sonar.api.measures.CoreMetrics.NEW_ACCEPTED_ISSUES and org.sonar.api.measures.CoreMetrics.HIGH_IMPACT_ACCEPTED_ISSUES.
  • Add new metric org.sonar.api.measures.CoreMetrics.PULL_REQUEST_FIXED_ISSUES to represent issues that would be fixed by the pull request.
  • Fixed misleading javadoc of org.sonar.api.config.Configuration to make it clear that at Compute Engine level project configuration is not provided.
  • Deprecate org.sonar.api.issue.DefaultTransitions.UNCOMFIRM. There is no replacement as org.sonar.api.issue.DefaultTransitions.CONFIRM is subject to removal in the future.
  • Deprecate org.sonar.api.issue.DefaultTransitions.CONFIRM. Use org.sonar.api.issue.DefaultTransitions.ACCEPT instead.

10.3

  • Deprecate org.sonar.api.measures.CoreMetrics.WONT_FIX_ISSUES metric and related key.
  • Introduce org.sonar.api.measures.CoreMetrics.ACCEPTED_ISSUES which effectively replaces org.sonar.api.measures.CoreMetrics.WONT_FIX_ISSUES
  • Introduce org.sonar.api.issue.DefaultTransitions.ACCEPT which effectively replaces org.sonar.api.issue.DefaultTransitions.WONT_FIX.
  • Deprecate org.sonar.api.issue.DefaultTransitions.WONT_FIX. Use org.sonar.api.issue.DefaultTransitions.ACCEPT instead.

10.2

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps `sonar.version` from 10.9.0.2362 to 10.10.0.2391.

Updates `org.sonarsource.api.plugin:sonar-plugin-api` from 10.9.0.2362 to 10.10.0.2391
- [Release notes](https://github.com/SonarSource/sonar-plugin-api/releases)
- [Changelog](https://github.com/SonarSource/sonar-plugin-api/blob/master/CHANGELOG.md)
- [Commits](SonarSource/sonar-plugin-api@10.9.0.2362...10.10.0.2391)

Updates `org.sonarsource.api.plugin:sonar-plugin-api-test-fixtures` from 10.9.0.2362 to 10.10.0.2391
- [Release notes](https://github.com/SonarSource/sonar-plugin-api/releases)
- [Changelog](https://github.com/SonarSource/sonar-plugin-api/blob/master/CHANGELOG.md)
- [Commits](SonarSource/sonar-plugin-api@10.9.0.2362...10.10.0.2391)

---
updated-dependencies:
- dependency-name: org.sonarsource.api.plugin:sonar-plugin-api
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: org.sonarsource.api.plugin:sonar-plugin-api-test-fixtures
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@zsolt-kolbay-sonarsource
Copy link
Contributor

/azp run

Copy link

Azure Pipelines successfully started running 1 pipeline(s).

Copy link

sonarcloud bot commented Jul 23, 2024

Copy link

sonarcloud bot commented Jul 23, 2024

Copy link
Contributor

@zsolt-kolbay-sonarsource zsolt-kolbay-sonarsource left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@zsolt-kolbay-sonarsource zsolt-kolbay-sonarsource merged commit c839979 into master Jul 23, 2024
20 checks passed
@zsolt-kolbay-sonarsource zsolt-kolbay-sonarsource deleted the dependabot/maven/sonar.version-10.10.0.2391 branch July 23, 2024 13:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant