Release Notes v5.0

We’re thrilled to announce that we’ve released version 5.0.0 onSep 23, 2021

Download on the Atlassian Marketplace for Data Center and Server

When upgrading from app version 4.x, please read our Migration guide to app version 5.

Improvements

Simplified SonarQube server configuration by auto-detecting the SonarQube edition

The app is now able to configure the SonarQube edition-specific fields like commercial branching/pull request automatically based on the detected SonarQube edition.

Improved app’s repository settings and removed obsolete options

To make the configuration of the app simpler, we removed obsolete configuration options and re-grouped the existing ones to make the configuration easier to understand.

Also, when using project settings inheritance, we now hide the repository-level settings to not confuse the user about which settings are actually taken.

Prevent merging in case a SonarQube analysis task is ongoing

The app prevents merging a pull request if there is no existing analysis for a pull request. However, it did not prevent merging if the analysis is ongoing in the SonarQube task queue.

This situation results from follow-up commits to a PR. The app would then allow merging a PR even though the quality gates could change after the analysis of the follow-up commits.

With this release, the app will check if there is an ongoing analysis, and will prevent merging in that case.

Improved debug logging for a better support experience

The amount of debug logs was reduced in this release to facilitate support sessions. Debug log statements now also contain context information like the repository slug and pull request ID to be able to extract the log statements of interest only.

Improved display of Sonar annotations to require less space in the PR diff

The old Sonar annotations required a lot of vertical space. Now, annotations only show the most used actions, while less used actions are collapsed by default.

Removed compatibility mode for analysis

Compatibility mode was introduced to help users of not-supported build systems like .NET Core or when the build-specific analysis support failed due to some reasons (e.g., complex multi-module builds). With compatibility mode, we could make pull request annotation work in such scenarios, at the cost of performance.

With the removal of modules and the alignment of component keys with the directory structure in recent SonarQube versions, compatibility mode is obsolete.

 

Improved security and performance! by deprecating username/password authentication

The username/password authentication mode is deprecated and hidden for new SonarQube server configurations, thus promoting token-based authentication. Using username/password authentication can produce high CPU load, so that is beside security another reason to switch to token-based auth.

Removed entering password/user token in the edit server dialog for every change

In older app versions, for every change of the SonarQube server configuration, the user/password had to be entered again. Now, you can change settings without this extra step.

Bug fixes

  • Only show "Refresh Sonar analysis" button in case the app is enabled for the current repository

  • Provide “Refresh Sonar Analysis” button in Bitbucket 6 as well

  • The project settings inheritance should also be available in forked repositories, as long as they are part of a regular project (and not a personal fork)

  • Sonar code insight report counts issue types as annotations which are not displayed in the pull request diff as they are not on changed lines

  • App does not allow to delete a SonarQube server configuration not being used by any repos

  • Prevent duplicated Sonar server configuration after failed webhook creation

  • Show 'DISABLED' as quality gate status for pull requests when app is disabled

  • Saving the repository settings does not show the chosen SonarQube project key with commercial SonarQube versions >= 8.9

  • Merge checks fail for repos without enabled app configuration

  • Coverage and duplicated lines statistics are not correctly rounded in pull request popup

  • Getting error with status 500 on fork repo source view after forking a repo

  • Webhook call gives error response when no Sonar project is configured for the reported repo

 

Do you have any questions, suggestions, or problems?

Let us know. We’re glad to help!

Changelog

5.0.3: released on Nov 9, 2021

  • Fix illegal branch character replacement handling for older SonarQube versions

5.0.2: released on Nov 5, 2021

  • Fix link to dashboard on SonarCloud.io and newer SonarQube versions (>9.x)

5.0.1: released on Oct 14, 2021

  • Fix error logs on ref change events in repositories where Sonar for Bitbucket is disabled

  • Fix missing quality gate status link on the pull request detail view for Bitbucket 6.x

 

SONAR™, SONARQUBE™ and SONARCLOUD™ are independent and trademarked products and services of SonarSource SA: see sonarsource.com, sonarqube.org, sonarcloud.io.