search

IBM / sonar-cryptography

This repository contains a SonarQube Plugin that detects cryptographic assets in source code and generates CBOM.
Apache License 2.0
18 stars 1 forks source link

Bump org.sonarsource.api.plugin:sonar-plugin-api from 9.13.0.360 to 10.8.0.2329 #26

Closed dependabot[bot] closed 1 week ago

dependabot[bot] commented 3 weeks ago

Bumps org.sonarsource.api.plugin:sonar-plugin-api from 9.13.0.360 to 10.8.0.2329.

Release notes

Sourced from org.sonarsource.api.plugin:sonar-plugin-api's releases.

10.8.0.2329

Release notes - Sonar Plugin API - 10.8

Improvement

PLUGINAPI-92 Do not fail on unknown rule parameters

PLUGINAPI-94 Make it possible to not require response example on an endpoint to be set

10.7.0.2191

PLUGINAPI-88 Deprecate metrics of old taxonomy PLUGINAPI-89 Introduce metrics 'new_reliablity_issues', 'new_security_issues' and 'new_maintainability_issues' PLUGINAPI-90 Change domain for metrics

10.6.0.2114

PLUGINAPI-82 Add clean code taxonomy metrics for branch overview page PLUGINAPI-83 Fix Javadoc for CoreMetrics SECURITY_ISSUES, MAINTAINABILITY_ISSUES, RELIABILITY_ISSUES PLUGINAPI-84 Deprecate metric high_impact_accepted_issues

10.5.0.2090

PLUGINAPI-72 Deprecate Status/Resolution in favour of issueStatus

10.4.0.2064

PLUGINAPI-74 - Update promotion step PLUGINAPI-76 - Javadoc for org.sonar.api.config.Configuration is wrong PLUGINAPI-77 - Deprecate Confirm transition PLUGINAPI-79 - Add new metric pull_request_fixed_issues PLUGINAPI-80 - Add new metrics new_accepted_issues and high_impact_accepted_issues

10.3.0.1951

PLUGINAPI-70 Add new resolution 'Accepted' and default transition 'Accept' PLUGINAPI-71 Replace won't fix metric with accepted

10.2.0.1908

What's Changed

Task

PLUGINAPI-65 Change order of selection for best impact selection for backmapping

PLUGINAPI-67 Remove CCT and Impacts from security hotspots

Improvement

PLUGINAPI-68 Introduce email property type

10.1.0.809

What's Changed

Bug

... (truncated)

Changelog

Sourced from org.sonarsource.api.plugin:sonar-plugin-api's changelog.

Changelog

10.8

  • Fixed an issue where WebService which was not meant to return any response still showed the warning in the logs when response example was not set.
  • Introduced 'org.sonar.api.server.ws.WebService.NewAction.setContentType' for optionally setting a response type of Action.
  • Replace internal library commons-lang:commons-lang by org.apache.commons:commons-lang3.
  • Do not throw an exception when a rule parameter is not known in org.sonar.api.batch.rule.Checks

10.7

  • Change domain of metrics org.sonar.api.measures.CoreMetrics.SECURITY_ISSUES, org.sonar.api.measures.CoreMetrics.MAINTAINABILITY_ISSUES, org.sonar.api.measures.CoreMetrics.RELIABILITY_ISSUES, org.sonar.api.measures.CoreMetrics.NEW_SECURITY_ISSUES, org.sonar.api.measures.CoreMetrics.NEW_MAINTAINABILITY_ISSUES and org.sonar.api.measures.CoreMetrics.NEW_RELIABILITY_ISSUES to SECURITY, MAINTAINABILITY and RELIABILITY domains instead of ISSUES domain.
  • Add new metrics org.sonar.api.measures.CoreMetrics.NEW_SECURITY_ISSUES, org.sonar.api.measures.CoreMetrics.NEW_MAINTAINABILITY_ISSUES and org.sonar.api.measures.CoreMetrics.NEW_RELIABILITY_ISSUES.
  • Deprecate metrics org.sonar.api.measures.CoreMetrics.BLOCKER_VIOLATIONS, org.sonar.api.measures.CoreMetrics.CRITICAL_VIOLATIONS, org.sonar.api.measures.CoreMetrics.MAJOR_VIOLATIONS, org.sonar.api.measures.CoreMetrics.MINOR_VIOLATIONS, org.sonar.api.measures.CoreMetrics.INFO_VIOLATIONS, org.sonar.api.measures.CoreMetrics.NEW_BLOCKER_VIOLATIONS, , org.sonar.api.measures.CoreMetrics.NEW_CRITICAL_VIOLATIONS, org.sonar.api.measures.CoreMetrics.NEW_MAJOR_VIOLATIONS, org.sonar.api.measures.CoreMetrics.NEW_MINOR_VIOLATIONS, org.sonar.api.measures.CoreMetrics.NEW_INFO_VIOLATIONS, org.sonar.api.measures.CoreMetrics.CODE_SMELLS, org.sonar.api.measures.CoreMetrics.NEW_CODE_SMELLS, org.sonar.api.measures.CoreMetrics.BUGS, org.sonar.api.measures.CoreMetrics.NEW_BUGS, org.sonar.api.measures.CoreMetrics.VULNERABILITIES, org.sonar.api.measures.CoreMetrics.NEW_VULNERABILITIES. Use org.sonar.api.measures.CoreMetrics.SECURITY_ISSUES, org.sonar.api.measures.CoreMetrics.MAINTAINABILITY_ISSUES and org.sonar.api.measures.CoreMetrics.RELIABILITY_ISSUES instead.

10.6

  • Deprecate metric org.sonar.api.measures.CoreMetrics.HIGH_IMPACT_ACCEPTED_ISSUES.
  • Add new metrics org.sonar.api.measures.CoreMetrics.SECURITY_ISSUES, org.sonar.api.measures.CoreMetrics.MAINTAINABILITY_ISSUES and org.sonar.api.measures.CoreMetrics.RELIABILITY_ISSUES.

10.5

  • Introduce org.sonar.api.issue.IssueStatus to simplify status and resolution on issues.
  • Deprecate org.sonar.api.ce.measure.Issue.status() and org.sonar.api.ce.measure.Issue.resolution(). Use org.sonar.api.ce.measure.Issue.issueStatus() method instead.
  • Deprecate org.sonar.api.issue.Issue.status() and org.sonar.api.issue.Issue.resolution(). No replacement.
  • Deprecate STATUS_OPEN, STATUS_CONFIRMED, STATUS_REOPENED, STATUS_RESOLVED, STATUS_CLOSED, RESOLUTION_FIXED, RESOLUTION_FALSE_POSITIVE, RESOLUTION_REMOVED, RESOLUTION_WONT_FIX, use org.sonar.api.issue.IssueStatus enum instead
  • Deprecate RESOLUTION_SAFE, RESOLUTION_ACKNOWLEDGED, STATUS_TO_REVIEW, STATUS_REVIEWED. No replacement.
  • Deprecate org.sonar.api.measures.CoreMetrics.REOPENED_ISSUES, org.sonar.api.measures.CoreMetrics.OPEN_ISSUES. Use org.sonar.api.measures.CoreMetrics.VIOLATIONS instead.
  • Deprecate org.sonar.api.measures.CoreMetrics.CONFIRMED_ISSUES. No replacement.

10.4

  • Add new metrics org.sonar.api.measures.CoreMetrics.NEW_ACCEPTED_ISSUES and org.sonar.api.measures.CoreMetrics.HIGH_IMPACT_ACCEPTED_ISSUES.
  • Add new metric org.sonar.api.measures.CoreMetrics.PULL_REQUEST_FIXED_ISSUES to represent issues that would be fixed by the pull request.
  • Fixed misleading javadoc of org.sonar.api.config.Configuration to make it clear that at Compute Engine level project configuration is not provided.
  • Deprecate org.sonar.api.issue.DefaultTransitions.UNCOMFIRM. There is no replacement as org.sonar.api.issue.DefaultTransitions.CONFIRM is subject to removal in the future.
  • Deprecate org.sonar.api.issue.DefaultTransitions.CONFIRM. Use org.sonar.api.issue.DefaultTransitions.ACCEPT instead.

10.3

  • Deprecate org.sonar.api.measures.CoreMetrics.WONT_FIX_ISSUES metric and related key.
  • Introduce org.sonar.api.measures.CoreMetrics.ACCEPTED_ISSUES which effectively replaces org.sonar.api.measures.CoreMetrics.WONT_FIX_ISSUES
  • Introduce org.sonar.api.issue.DefaultTransitions.ACCEPT which effectively replaces org.sonar.api.issue.DefaultTransitions.WONT_FIX.
  • Deprecate org.sonar.api.issue.DefaultTransitions.WONT_FIX. Use org.sonar.api.issue.DefaultTransitions.ACCEPT instead.

10.2

  • Introduce email property type: org.sonar.api.PropertyType.EMAIL

... (truncated)

Commits
  • ea34fdc PLUGINAPI-94 added enum to define response type for the endpoints
  • 0d3821a BUILD-4839 Update the release workflow to the latest version
  • da7bdde PLUGINAPI-92 Do not fail when a rule parameter is not found
  • e38f110 NOJIRA Remove unused import
  • a991ab6 PLUGINAPI-81 Fix code issues
  • d304e69 PLUGINAPI-81 Replace commons-lang by commons-lang3
  • 21928eb Change codeowners to analysis-experience
  • 22fb5c1 NO-JIRA Prepare for next development iteration
  • 7159389 PLUGINAPI-90 Change domain of 'reliability_issues','security_issues','mainta...
  • 93ab5e7 PLUGINAPI-88 Deprecate metrics based on old status and type
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
n1ckl0sk0rtge commented 1 week ago

@dependabot rebase

dependabot[bot] commented 1 week ago

Superseded by #38.