Releases: RIGS-IT/sonar-xanitizer
Releases · RIGS-IT/sonar-xanitizer
2.2.0
2.1.0
2.0.0
- Support for SonarQube 7.3
- Integration into SonarQubes "Security Reports"
- Added tags for OWASP Top 10 and SANS Top 25 categories
- Moved plugin configuration into "External Analyzers" section
- Added new option "Import All" to optionally create issues for Xanitizer findings detected by OWASP Dependency Check and SpotBugs as well as issues for findings without any detected code location to allow consistent numbers in SonarQube and Xanitizer itself.
- Support of the new protocol check problem types introduced with Xanitizer 4.1.
- Added several new rules for problem types introduced with Xanitizer 4.1.
Fixed Issues:
#8
1.5.0
1.4.0
1.3.3
Added additional information for SonarQube Update Center to the pom file
1.3.2
Reworked plugin some more:
- Messages now say what to do
- Only issues for findings that can be matched in the code are created
- Secondary locations for taint sources / taint sinks
- Removed Quality Profile
- Improved detection of corresponding file
1.3.1
Reworked plugin:
- removed FindBugs and OWASP Dependency Check rules
- single rule for each Xanitizer problem type
- avoid NoSuchMethod error in newer versions of the Java plugin
- added descriptions to rules
- renamed configuration parameter and provide default value
- reduced length of issue messages
- many small improvements
First GitHub release
First release of the plugin as open source version.
- Fixed some minor bugs
- Added error messages
- Do not run sensor when no Xanitizer rule is set active in the quality profile