Skip to content

Releases: SonarOpenCommunity/sonar-cxx

V2.0.0

04 May 13:59
@guwirth guwirth
cxx-2.0.0
ea9eca3
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
V2.0.0

We are pleased to announce the SonarQube C++ Community Plugin version 2.0.0.
See lists below for features added and bugs fixed in this release.

The version 2.0 of the cxx plugin is basically a completely new plugin. In version 2 the experiences from the previous versions have been considered and there were also numerous API and UI changes on the side of SonarQube that had to be taken into account.

Make sure to read the Upgrade Instructions before you get started.

SonarQube compability

Enhancements

with effect on configuration:

  • new language key cxx (c++ deprecated) #1860
  • use sonar.cxx.file.suffixes instead of sonar.cxx.suffixes.sources and sonar.cxx.suffixes.headers #1829
  • using xxx.reportPaths in all report sensors #1869 #1219
  • allow to turn off CXX language analysis (sonar.cxx.file.suffixes=-) #1841 #1807
  • add a sensor to detect outdated configuration settings and add a warning to the LOG file #1869

other:

  • completely revised Wiki for cxx plugin 2.0
  • report sensors support SonarCFamily plugin #2018 #1784
  • C++20 support #1985
  • add MISRA C 2012 Amendment 1 rules supported by PC-Lint #1857 #1856
  • add support of Facebook Infer static analyzer #1868
  • support Visual Studio (VS2019 / msvc-160) warnings #1981 #1488
  • support Cppcheck 2.41 warnings #2076 #2091
  • support Clang Static Analyzer v11 warnings #2088
  • support Clang-Tidy v11 support #2077 warnings #2088
  • support _ in Clang-Tidy rule ids [A-Z0-9-._] #1952 #1951
  • support block elements of BullsEye covxml 8.20.0 version #1978 #1977
  • evaluate BOM from text file reports #2020 #1859
  • make filtering in the UI for issues from one tool possible (add a tool tag) #1929 #1922
  • properties sonar.cxx.funccomplexity.threshold and sonar.cxx.funcsize.threshold renamed to make clear that they are metrics and no rule thresholds #1538 #2029
  • split coverage sensors to run them in parallel (sonar.cxx.coverage.reportPath) #1895

no more supported:

  • removed: Cppcheck XML format V1 support #1837 #1247
  • removed: CoreMetrics.COMMENT_LINES_DATA_KEY #1816 #1766
  • removed: sonar.cxx.cFilesPatterns parameter #1833
  • removed: module and multi-module support #1822
  • removed: sonar-c-plugin #1809

Bugfixes

  • parsing of nested templates is slow: template <... template<...>> #1685 #2128
  • cxx:FileHeader support files with BOMs #2118 #2121
  • handle type traits ...::type #2116 #793
  • support macros and function calls as template parameter #2115 #2009
  • parsing functions with default template parameter fail with non-POD return types #2025 #2102
  • initialization of data attribute with braces is mistakenly consider as a method #2030 #2027
  • extern "C" { ... } public api detection #1982 #1979
  • add exception when Lint file is invalid XML #1865
  • Squid Sensor fails to parse files with #define containing "/*"` #1903
  • recursive parsing does not seem to propagate compilation unit settings #1489 #1984

Known Issues

For an up to date list of known issues see the issue tracker.

  • only tested with Java 11
    • Message "The plugin [cxx] does not support Java 1.8.0, UnsupportedClassVersionError". To solve this download OpenJDK 11 und unzip it (http://jdk.java.net/archive/). Point with the JAVA_HOME environment variable to the Java 11 location.
  • In SonarQube, each file extension must be uniquely assigned to one programming language. When operating several C/C++ plugins in parallel, this must be taken into account during configuration. To avoid problems on a server with multiple C++ plugins, the CXX programming language sensor is disabled by default.
  • Ensure that a rule is enabled if you get no results. In new SQ versions the default profile is read-only. The cxx plugin does not enable rules for external tools per default.
  • Message: "C++ cannot be analyzed with current SonarQube edition. Please consider upgrading...". SonarQube issues this message when an input file with the file extension .c, .cc, .cpp, .cxx or .c++ is read in the Community Edition. Select "Dismiss permanently" to continue without the message.
  • C (Community) plugin is no longer shipped.

Thanks ....

go to all contributors (in alphabetical order):

@Dkapps
@Dudenman
@JuPrgn
@StanleySweet
@VirtualTim
@apriori
@begarco
@farshield
@guwirth
@kgiloo
@phcouton
@rufinio
@slebedev
@srpgilles
@tisoft

... and all people which were active on the issue tracker!

Loading

V1.3.3

17 Jan 08:55
@guwirth guwirth
cxx-1.3.3
6e5cb2d

Choose a tag to compare

View all tags
V1.3.3

We are pleased to announce the SonarQube C++ Community Plugin version 1.3.3.
This is only a small bugfix, see V1.3.2 for complete release notes.

Bugfixes

  • Visual Studio coverage parser is crashing #1874
Loading

V1.3.2

13 Feb 19:30
@guwirth guwirth
cxx-1.3.2
6dd6f74
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
V1.3.2

We are pleased to announce the SonarQube C++ Community Plugin version 1.3.2.
See lists below for features added and bugs fixed in this release.

SonarQube compability

Enhancements

  • improved JSON Compilation Database support:
  • Cppcheck 1.90 support #1783 #1778
  • duplicate issues with different relative paths resulting in same absolute path are only added once now #1776 #1777
  • customRules no more supported #1781 #1548
  • cxx-lint no more supported #1780
  • refactoring #1804

Bugfixes

  • fix syntax highlighting for Raw strings #1803 #1768
  • parser fix: improved literal-operator-id support #1798 #1785
  • fix multi-values/property warning #1782 #1775

Known Issues

For an up to date list of known issues see the issue tracker.

  • not tested with Java 9, 10 and 12
  • Ensure that a rule is enabled if you get no results. In new SQ versions the default profile is read-only. The cxx plugin does not enable rules for external tools per default.
  • Starting with SQ 6.2 there are some new metrics and some are no more available. Please have a look to the SonarQube release notes.
  • duplicated_lines_density values are different with SQ 7.5
  • project's duplication density value will likely rise with SQ 7.8 (SONAR-12188)
  • test execution metrics are not supported
  • The Cppcheck plugin is deprecated and not working in parallel to this plugin. This plugin provides an own Cppcheck sensor.
  • C plugin and JSON Compilation Database support are experimental only

Thanks ....

go to all contributors (in alphabetical order):

@guwirth
@tisoft

... and all people which were active on the issue tracker!

Loading

V1.3.1

03 Sep 05:34
@guwirth guwirth
cxx-1.3.1
2142826
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
V1.3.1

We are pleased to announce the SonarQube C++ Community Plugin version 1.3.1.
See lists below for features added and bugs fixed in this release.

SonarQube compability

Enhancements

Bugfixes

  • create debug message in case of Cppcheck parsing error #1753 #1718
  • fixed raw string parsing #1749 #1748

Known Issues

For an up to date list of known issues see the issue tracker.

  • not tested with Java 9, 10 and 12
  • Ensure that a rule is enabled if you get no results. In new SQ versions the default profile is read-only. The cxx plugin does not enable rules for external tools per default.
  • Starting with SQ 6.2 there are some new metrics and some are no more available. Please have a look to the SonarQube release notes.
  • duplicated_lines_density values are different with SQ 7.5
  • project's duplication density value will likely rise with SQ 7.8 (SONAR-12188)
  • test execution metrics are not supported
  • The Cppcheck plugin is deprecated and not working in parallel to this plugin. This plugin provides an own Cppcheck sensor.
  • C plugin and JSON Compilation Database support are experimental only

Thanks ....

go to all contributors (in alphabetical order):

@guwirth

... and all people which were active on the issue tracker!

Loading

V1.3.0

29 Jul 10:10
@guwirth guwirth
cxx-1.3.0
d410ab5
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
V1.3.0

We are pleased to announce the SonarQube C++ Community Plugin version 1.3.0.
See lists below for features added and bugs fixed in this release.

SonarQube compability

Enhancements

  • SQ 7.7 support #1696 #1695
  • SQ 7.8 support #1731 #1738
  • minimal supported SQ API is 6.7 #1317
  • Cppcheck 1.88 support #1733 #1739 #1741
  • Clang-Tidy:
    • rules updated (Clang 8.0) #1730
    • diagnostic notes are supported now #1742 #1720
  • Clang Static Analyzer
    • add path/flow support for .plist reports #1710 #1707
  • GCC
  • PC-Lint
    • support PC-Lint plus V1.2 messages #1716
    • support supplemental messages #1728
  • Visual Studio / Msbuild LOG file analysis:
    • support Visual Studio 2019 with v142 platform toolset #1725 #1726
    • improved analysis #1668
  • use of scanner 4.0 #1736
  • use of parent POM 51
  • static code analysis checks are removed #1704
    • BooleanEqualityComparisonCheck, CollapsibleIfCandidateCheck, CommentedCodeCheck, HardcodedAccountCheck, HardcodedIpCheck, MagicNumberCheck, MissingCurlyBracesCheck, NestedStatementsCheck, ReservedNamesCheck, SafetyTagCheck, StringLiteralDuplicatedCheck, SwitchLastCaseIsDefaultCheck, UnnamedNamespaceInHeaderCheck, UseCorrectIncludeCheck, UseCorrectTypeCheck, UselessParenthesesCheck, UsingNamespaceInHeaderCheck
    • use external tools like CppCheck, Clang, .... instead
  • seperate cxx-lint tool into own JAR (no more part of cxx plugin) #1705
  • refactoring #1737 #1691 #1690 #1689

Bugfixes

  • fixing OpenCppCoverage coverage report: not working since upgrade to 1.2.x #1669 #1709
  • fixing typo Highligthing => Highlighting #1724 #1723
  • support real paths in coverage sensor for C++/CLI #1701 #1688
  • Clang-Tidy: modernize-use-nodiscard check message breaks regex #1719 #1742
  • Clang-Tidy: missing rule [clang-diagnostic-warning] #1702

Known Issues

For an up to date list of known issues see the issue tracker.

  • not tested with Java 9, 10, 11
  • not tested with SonarQube 7.9.x LTS
  • Ensure that a rule is enabled if you get no results. In new SQ versions the default profile is read-only. The cxx plugin does not enable all rules per default.
  • Starting with SQ 6.2 there are some new metrics and some are no more available. Please have a look to the SonarQube release notes.
  • duplicated_lines_density values are different with SQ 7.5
  • project's duplication density value will likely rise with SQ 7.8 (SONAR-12188)
  • test execution metrics are not supported
  • The Cppcheck plugin is deprecated and not working in parallel to this plugin. This plugin provides an own Cppcheck sensor.
  • C plugin and JSON Compilation Database support are experimental only

Thanks ....

go to all contributors (in alphabetical order):

@Bertk
@bloodlee
@guwirth
@ivangalkin
@romanek-adam
@rudolfgrauberger
@stalb

... and all people which were active on the issue tracker!

Loading

V1.2.2

10 Feb 19:06
@guwirth guwirth
cxx-1.2.2
d1519ba
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
V1.2.2

We are pleased to announce the SonarQube C++ Community Plugin version 1.2.2.
See lists below for features added and bugs fixed in this release.

SonarQube compability

Enhancements

  • SQ 7.6 support #1674
  • minimal supported SQ API is 6.7 #1317
  • Cppcheck 1.87 support #1687
  • lowercase filenames in sensors are supported #1651 #1653 #1678 #1682 #1679 #1682
  • {Aggregate|Density} MeasureComputer: reduce and soften the logging #1640 #1641
  • improved preprocessor: performance, include and macro handling #1637 #1645 #1650 #1660 #1665
  • Optimized lexer and AST: some nodes are removed from AST. Please verify user defined checks and XPath expressions if they are still working #1664 #1646 #1667
  • use of scanner 3.3.0.1492 #1676
  • use of Maven 3.5.4 #1649
  • use of parent POM 49 #1686
  • Google Guava dependencies removed #1647
  • refactoring #1644 #1659 #1677

Bugfixes

  • none

Known Issues

For an up to date list of known issues see the issue tracker.

  • not compatible with Java 9
  • Ensure that a rule is enabled if you get no results. In new SQ versions the default profile is read-only. The cxx plugin does not enable all rules per default.
  • Starting with SQ 6.2 there are some new metrics and some are no more available. Please have a look to the SonarQube release notes.
  • duplicated_lines_density values are different with SQ 7.5
  • test execution metrics are not supported
  • The Cppcheck plugin is deprecated and not working in parallel to this plugin. This plugin provides an own Cppcheck sensor.
  • C plugin and JSON Compilation Database support are experimental only

Thanks ....

go to all contributors (in alphabetical order):

@guwirth
@ivangalkin

... and all people which were active on the issue tracker!

Loading

V1.2.1

21 Dec 23:45
@guwirth guwirth
cxx-1.2.1
fbb442e
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
V1.2.1

We are pleased to announce the SonarQube C++ Community Plugin version 1.2.1.
See lists below for features added and bugs fixed in this release.

SonarQube compability

Enhancements

Bugfixes

  • xUnit sensor couldn't parse test report with 0 testsuite tag #1595 #1599

Known Issues

For an up to date list of known issues see the issue tracker.

  • not compatible with Java 9
  • Ensure that a rule is enabled if you get no results. In new SQ versions the default profile is read-only. The cxx plugin does not enable all rules per default.
  • Starting with SQ 6.2 there are some new metrics and some are no more available. Please have a look to the SonarQube release notes.
  • duplicated_lines_density values are different with SQ 7.5
  • test execution metrics are not supported
  • The Cppcheck plugin is deprecated and not working in parallel to this plugin. This plugin provides an own Cppcheck sensor.
  • C plugin and JSON Compilation Database support are experimental only

Thanks ....

go to all contributors (in alphabetical order):

@guwirth
@ivangalkin

... and all people which were active on the issue tracker!

Loading

V1.2.0

09 Jan 16:29
@guwirth guwirth
cxx-1.2.0
27e695d

Choose a tag to compare

View all tags
V1.2.0

We are pleased to announce the SonarQube C++ Community Plugin version 1.2.0.
See lists below for features added and bugs fixed in this release.

SonarQube compability

Enhancements

  • SQ 7.3 and SQ 7.4 support #1541 #1581
  • minimal supported SQ API is 6.7 #1317
  • Complexity metrics are performed on original source code now #1547 #1552
    • In the past we were first preprocessing the code and were calculating the complexity metrics on base of the preprocessed code. This could lead to confusing metric numbers because macro code is counted multiple times and could also be from external libraries. Generated code (among others macro expansions) doesn't affect the calculation of cognitive / cyclomatic complexity now. This can lead to different but easier to understand metrics.
  • GCC and MSVC compiler sensor can be used at the same time now #1533 #1180
    • BREAKING CHANGE : sonar.cxx.compiler settings are no more supported!
      • use sonar.cxx.vc to read MSVC reports
      • use sonar.cxx.gcc to read GCC reports
      • use sonar.cxx.msbuild to read includes and defines from MSBuild log file
  • implement explanation for cyclomatic and cognitive complexity checks #1494 #1551 #1546 #1537 #1535
  • Clang-Tidy 8 support #1536 #1555 #1558 #1566
  • Cppcheck 1.85 support #1545 #1576
  • make default logging less verbose (move some parts to debug info) #1563 #1565 #1567
    • Setting sonar.cxx.missingIncludeWarnings is no more available. Turn debug info on to get information.
  • The naming of the following metrics have been changed, see Upgrade Instructions
    • perc_complex_functions -> CXX-PERC_COMPLEX_FUNCTIONS
    • loc_in_complex_functions -> LOC_IN_COMPLEX_FUNCTIONS
    • perc_loc_in_complex_functions -> CXX-PERC_LOC_IN_COMPLEX_FUNCTIONS
    • big_functions -> CXX-BIG_FUNCTIONS
    • loc_in_big_functions -> CXX-LOC_IN_BIG_FUNCTIONS
    • perc_big_functions -> CXX-PERC_BIG_FUNCTIONS
    • perc_loc_in_big_functions -> CXX-PERC_LOC_IN_BIG_FUNCTIONS
    • loc_in_functions -> CXX-LOC_IN_FUNCTIONS
  • refactoring #1526 #1529 #1530 #1532 #1582 #1562

Bugfixes

  • Sensors have problem to import results because of symbolic links and path normalization #1574 #1575
  • C++: support alternative operators #1569 #1572 #1577
  • MethodName check fails on constructor of nested class #1557 #1559
  • API check: Method defined in header file, but out of class, marked as undocumented / Public API: ignore methods outside of class #1543 #1544 #1580
  • xUnit sensor not run on maven projects #1523 #1524
  • C-Plugin: sensors use wrong rules repository keys / rules repository ignored the language specific repository suffix #1521 #1522
  • java.lang.StackOverflowError during parse of source file / protect ExpressionEvaluator from self-referential macros #1516 #1517
  • cppcheck sensor: wrong handling of warnings with multiple locations #1511 #1512
  • sonar-cxx custom metrics are not displayed/saved #1509 #1514
    • enable code metrics for public API
    • support multi-module projects
    • reduce memory footprint by moving of metric aggregation to the computation engine
  • Property 'sonar.cxx.coverage.reportPath' should be made using 'getStringArray' method. The SonarQube plugin using this property should be updated #1384 #1568
  • cppcheck.xml fix name and description of unmatchedSuppression #1564
  • [Travis/AppVeyor] Updates SQ distribution URL #1571
  • cannot find include files #1230
  • Symlink support #1574 #1575

Known Issues

For an up to date list of known issues see the issue tracker.

  • not compatible with Java 9
  • Ensure that a rule is enabled if you get no results. In new SQ versions the default profile is read-only. The cxx plugin does not enable all rules per default.
  • Starting with SQ 6.2 there are some new metrics and some are no more available. Please have a look to the SonarQube release notes.
  • test execution metrics are not supported
  • The Cppcheck plugin is deprecated and not working in parallel to this plugin. This plugin provides an own Cppcheck sensor.
  • C plugin and JSON Compilation Database support are experimental only

Thanks ....

go to all contributors (in alphabetical order):

@guwirth
@ivangalkin
@moriarty
@nathanaelg

... and all people which were active on the issue tracker!

Loading

V1.1.0

07 Jul 08:35
@guwirth guwirth
cxx-1.1.0
6a44b24
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
V1.1.0

We are pleased to announce the SonarQube C++ Community Plugin version 1.1.0.
See lists below for features added and bugs fixed in this release.

SonarQube compability

Enhancements

  • SQ 7.2 support #1491
  • minimal supported SQ API is 6.7 #1317
  • add function complexity and size metrics #1398:
    • new metrics:
      • Complex Functions: Number of functions with high cyclomatic complexity
      • Complex Functions (%): % of functions with high cyclomatic complexity
      • Complex Functions Lines of Code: Number of lines of code in functions with high cyclomatic complexity
      • Complex Functions Lines of Code (%): % of lines of code in functions with high cyclomatic complexity
      • Big Functions: Number of functions with too many lines
      • Big Functions Lines of Code: Number of lines of code in functions with too many lines
      • Big Functions (%): Number of lines of code in functions with too many lines
      • Big Functions Lines of Code (%): % of lines of code in functions with too many lines
      • Lines of Code in Functions: Number of lines of code in function bodies
    • new configuration properties:
      • sonar.cxx.funccomplexity.threshold / Cyclomatic complexity threshold:
        Cyclomatic complexity threshold used to classify a function as complex
      • sonar.cxx.funcsize.threshold / Function size threshold:
        Function size threshold to consider a function to be too big
  • Testwell CTC++ support (Verifysoft Technology GmbH) #1486
    • add coverage sensor 'Testwell CTC++' for textural reports
  • Cppcheck 1.84 support #1490 #1495
  • refactoring #1499 #1498 #1496 #1487 #1482 #1481 #1503 #1504

Bugfixes

  • Highlighting error for concatenated strings on multiple lines #1468 #1480

Known Issues

For an up to date list of known issues see the issue tracker.

  • not compatible with Java 9
  • Ensure that a rule is enabled if you get no results. In new SQ versions the default profile is read-only. The cxx plugin does not enable all rules per default.
  • Starting with SQ 6.2 there are some new metrics and some are no more available. Please have a look to the SonarQube release notes.
  • test execution metrics are not supported
  • The Cppcheck plugin is deprecated and not working in parallel to this plugin. This plugin provides an own Cppcheck sensor.
  • C plugin and JSON Compilation Database support are experimental only
  • Symlinks are not supported.

Thanks ....

go to all contributors (in alphabetical order):

@ericlemes
@guwirth
@ivangalkin
@rufinio

... and all people which were active on the issue tracker!

Loading

V1.0.0

13 May 20:25
@guwirth guwirth
cxx-1.0.0
785ef52
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
V1.0.0

We are pleased to announce the SonarQube C++ Community Plugin version 1.0.0.
See lists below for features added and bugs fixed in this release.

SonarQube compability

Enhancements

Bugfixes

  • problem with sonar.cxx.jsonCompilationDatabase when it includes testcode you don't want to scan #1474 #1476
  • clangsa report is not uploaded into sonar because of NullPointerException #1442 #1477
  • fix squid:S2259 #1431
  • wrong code coverage for empty line, constexpr, method declaration #1425

Know Issues

For an up to date list of known issues see the issue tracker.

  • not compatible with Java 9
  • Ensure that a rule is enabled if you get no results. In new SQ versions the default profile is read-only. The cxx plugin does not enable all rules per default.
  • Starting with SQ 6.2 there are some new metrics and some are no more available. Please have a look to the SonarQube release notes.
  • test execution metrics are not supported
  • The Cppckeck plugin is deprecated and not working in parallel to this plugin. This plugin provides an own Cppcheck sensor.
  • C plugin and JSON Compilation Database support are experimental only
  • Symlinks are not supported.

Thanks ....

go to all contributors (in alphabetical order):

@Bertk
@guwirth
@ivangalkin

... and all people which were active on the issue tracker!

Loading