Release Notes - SonarCFamily - Version 6.13 - HTML format

Bug

  • [CPP-2610] - Fix probing of Texas Instruments compilers
  • [CPP-2611] - Fix regression in use of incremental analysis cache after AST scope reduction
  • [CPP-2617] - Fix crash when using QNX compiler
  • [CPP-2637] - Fix the mapping of "Returning null reference"
  • [CPP-2647] - Debug message "SE is disabled" should be displayed when cache entry is used
  • [CPP-2648] - S3628: Fix crash when string literal is split between multiple files
  • [CPP-2683] - Clang: Fix crash in PCH serialization of late parsed template with annotation token
  • [CPP-2684] - Clang: Fix crash when building PCHs that contain __builtin_bit_cast

New Feature

  • [CPP-1437] - Rule S5827: "auto" should be used to avoid repetition of types
  • [CPP-2507] - Rules S5965 S5966: Classes/structs should have explicit access-specifier in a base-specifier
  • [CPP-2512] - Rule S5802: Jail directories created with chroot-type functions should change the current working directory
  • [CPP-2516] - Rule S2612: Setting loose POSIX file permissions is security-sensitive
  • [CPP-2519] - Rule S5951: Return type of functions shouldn't be const qualified value
  • [CPP-2520] - Rule S5964: "std::initializer_list" constructor should not overlap with other constructors
  • [CPP-2522] - Rule S5955: Loop variables should be declared in the minimal possible scope
  • [CPP-2523] - Rule S5962: Threads should not be detached
  • [CPP-2524] - Rule S5912: Objects should not be sliced
  • [CPP-2529] - Rule S5950: Use "make_unique" and "make_shared" to construct "unique_ptr" and "shared_ptr"
  • [CPP-2530] - Rule S5954: "shared_pointer" should not be taken by rvalue reference
  • [CPP-2532] - Rule S1155: Do not check emptiness with a size method when a dedicated function exists
  • [CPP-2533] - Rule S5946: "std::endl" should not be used
  • [CPP-2538] - Rule S5832: Account validity should be verified when authenticating users with PAM
  • [CPP-2540] - Rule S5945: C-style array should not be used
  • [CPP-2542] - Rule S5847: Accessing files should not introduce TOCTOU vulnerabilities
  • [CPP-2543] - Rule S5849: Setting capabilities is security-sensitive
  • [CPP-2559] - Rule S5952: Inheriting constructors should be used
  • [CPP-2582] - Add support for IAR BXARM iccarm
  • [CPP-2601] - Rule S5415: "std::move" should only be used where moving can happen
  • [CPP-2638] - Rule S5978: Multicharacter literals should not be used
  • [CPP-2642] - Rule S5981: "dynamic_cast" should be used for downcasting

Task

  • [CPP-2602] - Harmonize "non compliant" vs "noncompliant" in all our RSPECS
  • [CPP-2609] - Remove "CommentRegularExpression" rule
  • [CPP-2615] - build-wrapper windows: Drop minidump feature

Improvement

  • [CPP-1249] - build-wrapper: on cygwin should preserve the complete command line
  • [CPP-1602] - Improve performance of analysis in SonarQube and SonarCloud by utilizing knowledge about precompiled header files
  • [CPP-2438] - Improve Cygwin support by translating unix style paths
  • [CPP-2595] - Improve error reporting when failing scanner api
  • [CPP-2623] - S5798: Improve issue message
  • [CPP-2626] - S995 S5350: Improve message wording
  • [CPP-2627] - S5802&S5982 Raise when the return value of chroot or chdir is unchecked
  • [CPP-2645] - Add support for avr-gcc "-mmcu" option

False-Positive

  • [CPP-2474] - S3654: Fix false-positives
  • [CPP-2570] - S3608 & S5495: Consider immediately invoked lambdas as immune from dangling issues
  • [CPP-2605] - S926: Template deduction guides should not be reported as missing argument names
  • [CPP-2607] - S1314: avoid false positives if multiple integer literal arguments are used in a white-flagged function
  • [CPP-2639] - S3642: Exclude the case where the enum is a private member of a class
  • [CPP-2641] - S853: Fix false-postives when the resulting type of the cast differs innocuously from the source type

Documentation

  • [CPP-2475] - Update documententation: build-wrapper log file
  • [CPP-2476] - Make it clear that sonar docker image is not supported

False Negative

  • [CPP-2608] - S3400: fix FN when using const variable in C
  • [CPP-2613] - FunctionComplexity: Fix false-negatives for Objective-C methods

Edit/Copy Release Notes

The text area below allows the project release notes to be edited and copied to another document.