Bug

• [SONAR-12101] - When a branch is deleted from a project, it's not deleted from applications
• [SONAR-12323] - Cannot clear the GitHub endpoint setting at project level
• [SONAR-12454] - [Azure DevOps] PR decoration is failing with unauthorized status code
• [SONAR-13645] - GitHub binding will be broken when SQ project key get updated
• [SONAR-13709] - When an Application is set as a Local Reference of a Portfolio, the Portfolio computation will be executed, regardless of the computation hours
• [SONAR-13713] - Directory and File facets search is broken on Applications and Portfolios
• [SONAR-13765] - Permission page doesn't behave properly at minimum width
• [SONAR-13849] - handle multi-schema during database upgrade & data migration
• [SONAR-14045] - Deleting an application branch will not remove it from the branch list until the app is recomputed
• [SONAR-14078] - Errors raised because of duplication of notification keys after upgrading to SonarQube 8.4+
• [SONAR-14115] - When an app is in a sub-portfolio there is issue when deleting the app
• [SONAR-14253] - Authenticated JMX remote access not working with the Compute Engine
• [SONAR-14320] - Unable to start SQ when switching admin account from SSO to local
• [SONAR-14322] - api/issues/search returns all issues if provided rule key doesn't exist
• [SONAR-14570] - Email notifications show numerical rating value rather than letter
• [SONAR-14585] - Fix TOC-TOU race conditon in Webhook
• [SONAR-14619] - Azure DevOps PR Decoration not working due to wrong iteration inferral
• [SONAR-14642] - Unescaped HTML in JSON server responses
• [SONAR-14659] - Bitbucket onboarding should not be possible when several bindings are configured
• [SONAR-14660] - Can't download sonar-DATE.log from the web UI
• [SONAR-14668] - Fix XSS via the About page
• [SONAR-14682] - Fix Blind Server-Side Request Forgery (SSRF) in Webhook
• [SONAR-14683] - Cannot delete an ALM configuration (at admin level) in Community
• [SONAR-14684] - Do not disclose sensitive information in the authentication settings form
• [SONAR-14685] - 8.8 installation fails on Oracle with quoted schema name
• [SONAR-14691] - Upgrade #4122 fail on corrupted application structure
• [SONAR-14693] - Setting a new code period reference branch fails when selected branch name is longer than 40 characters
• [SONAR-14697] - Wrong instruction when adding azure DevOps sonar scanner for .Net
• [SONAR-14698] - Live indexation is not using all Compute Engine workers
• [SONAR-14699] - Deletion & purge of project is slow
• [SONAR-14715] - API call errors are shown on the About page when the issue indexation is in progress
• [SONAR-14731] - Fix GitScmProvider logs
• [SONAR-14733] - Duplicate warning about default admin credentials in startup logs
• [SONAR-14734] - Minimum width not respected on Settings page
• [SONAR-14739] - JGit's logs are too verbose with debug enabled
• [SONAR-14746] - BitbucketServer integration: errors are not logged

New Feature

• [SONAR-14770] - Improve CFamily analysis: 16+ rules dedicated to C++20 standard (experimental)
• [SONAR-14774] - Improve SonarJava analysis: new rules specific to Java 9-15 and existing rules adapted to Java 9-15
• [SONAR-14781] - Improve C# analysis: 3 new security rules related to Authentication & Web Access Control

Task

• [SONAR-13468] - Sign publications before publishing to the artifactory
• [SONAR-14571] - Add index on WEBHOOK_UUID to WEBHOOK_DELIVERIES
• [SONAR-14624] - Add external plugin consent information to system info file and support info file
• [SONAR-14675] - Community Edition should have an EditionProvider
• [SONAR-14676] - Shade core jars into a single jar
• [SONAR-14677] - Adjust Server base URL description to include HTTPS
• [SONAR-14729] - Ensure DB migration 7.9->8.9 on PostgreSQL is performant after Hardening on small dataset
• [SONAR-14730] - Ensure DB migration 7.9->8.9 on PostgreSQL is performant after Hardening on big dataset
• [SONAR-14744] - Ensure DB migration 7.9->8.9 on SQL Server is performant after Hardening on big dataset
• [SONAR-14748] - Create an SonarQube Helm Chart Github repository
• [SONAR-14758] - Update dependencies for Flex
• [SONAR-14762] - Update dependencies for VB6
• [SONAR-14763] - Update dependencies for PLSQL
• [SONAR-14764] - Update dependencies for Apex
• [SONAR-14765] - Update dependencies for Scala
• [SONAR-14766] - Update dependencies for Go
• [SONAR-14767] - Update dependencies for Ruby
• [SONAR-14768] - Update dependencies for Kotlin
• [SONAR-14769] - Update dependencies for Python
• [SONAR-14771] - Update dependencies for ABAP
• [SONAR-14775] - Update dependencies for PLI
• [SONAR-14776] - Update dependencies for RPG
• [SONAR-14777] - Update dependencies for COBOL
• [SONAR-14778] - Update dependencies for Swift
• [SONAR-14779] - Update dependencies for JaCoCo XML Import
• [SONAR-14784] - Update dependencies for TSQL
• [SONAR-14787] - Update dependencies for CSS
• [SONAR-14788] - Update dependencies for JS

Improvement

• [SONAR-10485] - Provide a way to always enforce coverage and duplication Quality Gate conditions
• [SONAR-11834] - Add line wrapping to codeviewer
• [SONAR-11958] - Enhance anchors in embedded documentation navigation
• [SONAR-12082] - Adjust keyboard navigation instruction visibility
• [SONAR-12332] - System upgrades should refer to SonarQube Announcements
• [SONAR-12586] - Add back Portfolio Description feature in Portfolio dashboard
• [SONAR-12885] - PostgreSQL 9.3, 9.4, 9.5 end of support / PostgreSQL 13 support
• [SONAR-13123] - No handling of errors on issue search api call
• [SONAR-13141] - Standard code view for issues with a single secondary location on same line
• [SONAR-13217] - Auto scroll to uncovered lines
• [SONAR-13309] - Alt key select the first location for issues with secondary
• [SONAR-13360] - Drop multiple ALM Settings when downgrading from DCE/EE to DE
• [SONAR-13737] - Descriptive errors for GitLab token validation
• [SONAR-13740] - Run GitLab ITs on-premise on latest+minimum supported versions
• [SONAR-13906] - Prevent ALM binding configuration modal from closing when clicking outside
• [SONAR-14132] - Clarify the meaning of the "New quality gate status" notification setting
• [SONAR-14213] - Do not follow redirects when interacting with GitLab API
• [SONAR-14214] - Add the ability to unassign a security hotspot
• [SONAR-14333] - Tooltip hiding the line it is referring to
• [SONAR-14337] - Improve the readability of issue's comment in case of word breaking
• [SONAR-14440] - Better message for Branch Analysis tooltip
• [SONAR-14450] - Improve "add project" button labels
• [SONAR-14557] - Improve Issue resolution tooltip messages
• [SONAR-14572] - Update under maintenance message
• [SONAR-14582] - Update password hashing algorithm
• [SONAR-14583] - Allow users to enable authentication for Elasticsearch
• [SONAR-14604] - Improve reset password form layout
• [SONAR-14606] - Require risk consent to install plugins
• [SONAR-14618] - Use gender neutral wording on GitHub/GitLab Auth group sync description
• [SONAR-14620] - Update our list of officially supported database versions
• [SONAR-14625] - Upgrade Hazelcast to 4.0+
• [SONAR-14626] - Improve code line permalink
• [SONAR-14628] - ADO integration: Make API endpoint used version-specific
• [SONAR-14632] - Update EE promo on Background Tasks page
• [SONAR-14633] - Update edition promotion on Marketplace page
• [SONAR-14644] - Update Accept header for Github API calls
• [SONAR-14646] - Copy issue state when new issues are merged from a branch to its reference branch
• [SONAR-14647] - Display SonarSource T&Cs in DockerHub
• [SONAR-14661] - Disable plugin installation from marketplace page
• [SONAR-14662] - Redirected sysadmin to consent page after login if consent is required
• [SONAR-14670] - Wrap calls to dompurify
• [SONAR-14671] - Update Github Enterprise supported version to 2.21
• [SONAR-14678] - Heap Size of processes should have sane defaults per edition
• [SONAR-14681] - Improve database upgrade speed for migration 3208
• [SONAR-14686] - Database migration deleting table/PK should not fail when the object don't exist
• [SONAR-14690] - Upgrade Elasticsearch to 7.12.X
• [SONAR-14692] - Add docs reference to 'sonar.branch.target' deprecation message
• [SONAR-14700] - Switch from replica set to stateful set
• [SONAR-14701] - Create meaningful liveness/readiness/startup probes
• [SONAR-14703] - include optional nginx-ingress helm chart dependency
• [SONAR-14704] - include node tenancy option
• [SONAR-14706] - Support and Document secret mounts
• [SONAR-14725] - Remove embedded documentation's calls to the update-center
• [SONAR-14726] - Don't restrict GitHub Actions tutorial to github.com
• [SONAR-14728] - Improve UX around scanner's download from an in-app tutorial
• [SONAR-14735] - Improve logs for Plugin Risk Consent
• [SONAR-14736] - Highlight that installing plugins is manual
• [SONAR-14738] - Use api/alm_settings/list instead of api/alm_settings/list_definitions in tutorials
• [SONAR-14740] - Improve PHP analysis - several improvements and fixes
• [SONAR-14741] - Improve HTML analysis - several improvements
• [SONAR-14745] - Update README in extensions/plugins directory
• [SONAR-14749] - Overwrite DNS TTL on all docker images
• [SONAR-14750] - Improve PR Warning when base branch is not found to identify common ancestor
• [SONAR-14757] - Improve XML analysis - several improvements and fixes
• [SONAR-14761] - Improve JS analysis - many improvements and fixes
• [SONAR-14780] - Improve VB analysis - many improvements and fixes
• [SONAR-14783] - Link to Java upgrade notes in scanner warning
• [SONAR-14785] - Improve Java, JS/TS, PHP, C# taint analysis: 120 improvements and fixes
• [SONAR-14797] - Microsoft SQL Server 2019 support
• [SONAR-14798] - Oracle 11G end of support

Documentation

• [SONAR-14398] - Help users migrate projects analyses to Java 11
• [SONAR-14592] - Don't make Bitbucket Pipelines wait on the Quality Gate by default
• [SONAR-14623] - Add note about accepting plugin risk to docs
• [SONAR-14636] - Include Azure DevOps Server 2020 as supported
• [SONAR-14645] - Update fail the pipeline analysis parameter documentation
• [SONAR-14702] - Document readiness delays
• [SONAR-14705] - Document missing sidecar config
• [SONAR-14707] - Document missing monitoring solution
• [SONAR-14708] - Document missing log collection
• [SONAR-14711] - Finalize Upgrade Notes
• [SONAR-14713] - Reinstalling admin access query need to be updated
• [SONAR-14737] - Use consistent wording for plugin risk consent
• [SONAR-14759] - Database schema upgrade can consume a lot of disk space

Edit/Copy Release Notes

The text area below allows the project release notes to be edited and copied to another document.