Bug
- [SONAR-11639] - Some directories are not collapsed in pull requests
- [SONAR-12169] - Provisioned applications should not act like a project
- [SONAR-12215] - Projects list is not accessible
- [SONAR-12255] - Docs nav tree non longer opened when accessing via a direct link
- [SONAR-12258] - Latest version shown as "old" when docs is updated
- [SONAR-12374] - Prevent double icons in documentation
- [SONAR-12375] - Floating TOC and wide content overlap in documentation
- [SONAR-12429] - 404 when opening the embedded doc in a new tab
- [SONAR-12452] - Scrolling problem when navigating issue locations
- [SONAR-12622] - Edition of an application's description does not behave properly
- [SONAR-12684] - Spinner is chopped-off when searching a specific rule in the issue page facets
- [SONAR-12762] - Rules Bulk Change Dropdown is partially hidden
- [SONAR-12802] - Moved File Detection should be used when calculating new lines
- [SONAR-12829] - Wrong error message is displayed on Portfolio/Application when license is invalid
- [SONAR-12862] - Fix open redirect vulnerability
- [SONAR-12864] - Fix XXE vulnerability in unused deprecated code
- [SONAR-12883] - Background task message is incorrect if exporting/importing a project
- [SONAR-12886] - Do not show an "Archived" warning for LTS documentation
- [SONAR-12912] - Tags should not misleadingly be associated to branches
- [SONAR-12927] - Moved File Detection doesn't work for Cobol
- [SONAR-12937] - Text indentation issue on Application and Portfolio activity page
- [SONAR-12941] - Project import/export loses new code period settings
- [SONAR-13019] - Keys of rules created from template are not renamed when template rule key is renamed
- [SONAR-13030] - Error when adding notifications to applications
- [SONAR-13072] - GitLab CI PR decoration infinite loop with SSL certificates
- [SONAR-13089] - Groups with permission are no more at the top when large number of groups in Permission Templates page
- [SONAR-13098] - Do not show Most Violated Projects breakdown for Security Hotspot rules
- [SONAR-13103] - Parsing errors in documentation page breaks the whole documentation app
- [SONAR-13117] - Fix unauthorized access to source code
- [SONAR-13583] - Project import fails on Windows
- [SONAR-14124] - Editing appplication branches fails after project deletion
New Feature
- [SONAR-12632] - Implement the new Project and Application dashboard design
- [SONAR-12717] - New dedicated project page displays the list of Security Hotspots
- [SONAR-12865] - Support PostgreSQL 11 and 12
- [SONAR-12962] - Display new Security Review measures in Projects/Applications Overview page
- [SONAR-13001] - Allow Bitbucket Server repositories to be imported as projects
- [SONAR-13003] - Detect and display previously imported Bitbucket Server projects during the onboarding
Task
- [SONAR-12831] - Upgrade jackson-databind from 2.9.9.2 to 2.10+
- [SONAR-12875] - Upgrade sonar-java to 6.0
- [SONAR-12888] - Migrate sonar.typescript.lcov.reportPaths to sonar.javascript.lcov.reportPaths
- [SONAR-12889] - Dockerfile should use some cryptographic signature to verify the downloaded zip
- [SONAR-12893] - Make the SQ QA fast&furious
- [SONAR-12895] - Upgrade sonar-cfamilly to 6.6
- [SONAR-13097] - Upgrade analyzers
- [SONAR-13142] - Separate storage of Projects and Applications from Components
Improvement
- [SONAR-12060] - Fix very long project names causing display issues
- [SONAR-12355] - Lack of visual feedback when adding a new condition to a Quality Gate
- [SONAR-12467] - "Return to list" button is misleading when reaching the rule through a permalink
- [SONAR-12488] - Make official that Docker images can be used in production
- [SONAR-12509] - Improve settings scrolling
- [SONAR-12608] - Update the Editions marketing content on the /Marketplace page
- [SONAR-12613] - No confirmation when saving the New Code period Setting
- [SONAR-12633] - Extract project information into a side drawer
- [SONAR-12637] - Improve activity list's tooltips
- [SONAR-12645] - Move project/application/portfolio administration menu
- [SONAR-12648] - Change "Metrics" label to "Main measures" on PR dashboard
- [SONAR-12678] - Use lines metric instead of ncloc to determine if a project is empty or not
- [SONAR-12718] - Security Hotspots page displays details of Security Hotpost
- [SONAR-12719] - Security Hotspots page allows to resolve a Security Hotspot
- [SONAR-12720] - Security Hotspots page allows to comment a Security Hotspot
- [SONAR-12721] - Display Security Hotspots page on branches and pull requests
- [SONAR-12722] - Drop "IN_REVIEW" status for Security Hotspots
- [SONAR-12723] - Do not display Security Hotspots in issue page anymore
- [SONAR-12724] - Update link for Security Hotspots count in Github PR decoration
- [SONAR-12725] - Drop manual Vulnerabilities
- [SONAR-12726] - Show Security Hotspots page on applications
- [SONAR-12727] - Security Hotspots page allows to filter hotspots assigned to the current user
- [SONAR-12745] - Change notifications to account for Hotspots not being issues anymore
- [SONAR-12751] - Security Hotspots page displays reviewed hotspots
- [SONAR-12753] - Security Hotspots page allows to change status of a reviewed hotspot
- [SONAR-12754] - Security Hotspots page allows to assign a hotspot to another user
- [SONAR-12793] - Simplify the configuration of PR decoration for editions with no support of multiple ALMs
- [SONAR-12796] - Permission template page's table padding is inconsistent
- [SONAR-12797] - Security Hotspots page allows to filter by hotspots keys param
- [SONAR-12874] - PR decoration link should point to new hotspots page
- [SONAR-12877] - Add aria-label to quality gate badges if shown without context
- [SONAR-12878] - Add aria-label to tag list group
- [SONAR-12880] - Improve tag select accessibility
- [SONAR-12882] - Add aria-label to Toggle button to distinguish states
- [SONAR-12922] - Manage comments on security hotspots
- [SONAR-12933] - Make link label of rule tabs more explicit
- [SONAR-12955] - Accept IPv6 adresses in cluster properties
- [SONAR-12960] - Make Security Review Rating more intuitive on Portfolios
- [SONAR-12961] - Add Security Review facet in Projects page
- [SONAR-12963] - Display new Security Review measures in Pull request Overview page
- [SONAR-12964] - Display Security Review % in Security Hotspots page
- [SONAR-12965] - Add new Security Review facet in Measures page
- [SONAR-12966] - Allow usage of new Security Review measures in Quality Gate
- [SONAR-13002] - Auto-configure PR decoration of imported Bitbucket Server projects
- [SONAR-13004] - Validate Bitbucket Server Personal Access Token during on-boarding
- [SONAR-13027] - Search for repositories on Bitbucket Server
- [SONAR-13033] - Display the new Security Review measures in the Project/Application's overview
- [SONAR-13035] - Group global ALM authentication and PR Decoration settings into a single category
- [SONAR-13068] - Add hotspots reviewed and rating to applications in portfolio list
- [SONAR-13077] - Drop support for "--init" parameter in SQ docker images
- [SONAR-13078] - Enable configuring the server by environment variables
- [SONAR-13079] - Remove support for using `/conf` and copying `sonar.properties` in SQ docker image
- [SONAR-13080] - Update provided docker-compose recipe for SQ docker images
- [SONAR-13081] - Revert to previous entrypoint location in SQ docker images
- [SONAR-13099] - ALM settings WS for GitLab should support URL and project binding
- [SONAR-13100] - Decorate GitLab MR based on settings
- [SONAR-13101] - Configure URL and Project IDs for GitLab MR decoration
- [SONAR-13108] - Portfolio report email should contain the "Security Review" measure
- [SONAR-13113] - Deprecate environment variable interpolation mechanism in sonar.properties
Documentation
- [SONAR-12854] - Update documentation for new Security Hotspots page
- [SONAR-12905] - Update paths in the docs for new projects UI
- [SONAR-12956] - Update C++ part of the Azure DevOps documentation
- [SONAR-13070] - Update docs for creating projects from BBS repos and auto PR configuration
- [SONAR-13091] - Update docs to officially support Docker
Edit/Copy Release Notes
The text area below allows the project release notes to be edited and copied to another document.