Latest Snapshot

Builds

• deps: bump com.fasterxml.jackson.core:jackson-databind #2826 (dependabot[bot])

V2.2.0-beta.8

We are pleased to announce a beta version of the SonarQube C++ Community Plugin version 2.2.0.
See lists below for features added and bugs fixed in this release.

The main purpose of this beta version is to be able to use the cxx plugin with SonarQube 10.x.

SonarQube compability

• tested and released for SonarQube 10.7 with Java 17 (other versions are not tested)
  • see also SonarQube compatibility matrix
• tested and released for SonarQube 9.9 LTS with Java 17 (other versions are not supported)
  • see also SonarQube compatibility matrix

• The plugin requires Java 17 on server and scanner side: install a Java version (e.g http://jdk.java.net/archive/) and update JAVA_HOME to point to the installation directory.

• make sure to read the Upgrade Instructions before you get started
• Installation Instructions
• Upgrade Instructions

Functionality

• #2616 provides SonarQube 10 compatibility
• #2633 update cxx plugin version number to 2.2.0
• merge branch SQ-10 into master #2754
• tested with SonarQube 10.7 #2773
• tested with SonarQube 9.9 LTS #2773
• tested with latest SonarScanner 6.x #2718 #2773
• aligned with v2.1.3 #2751
  • features same as V2.1.3 + Enhancements

Enhancements

• C++23 support #2536
• LLVM 19.1.0 support #2782
• Clang-Tidy: handle clang warnings in the report file (-W) #2803
• New feature to report unknown rules / warnings (Wiki: CXX Unknown Rule) #2806

Known Issues

• SonarQube 10.x is significantly slower than SonarQube 9.9 LTS (Slow analysis after SonarQube upgrade)

Thanks ....

Thanks to @cmorve-te @opajonk @agebert @smileQiny @Patschkowski @Nekto89 @kragens @baemhai for their input and support.

V2.1.3

We are pleased to announce the SonarQube C++ Community Plugin version 2.1.3.
This is only a small enhancement and bugfix release, see previous V2.1.x for complete release notes.

SonarQube compability

• tested and released for SonarQube 9.9 LTS with Java 17 (other versions are not supported)
  • see also SonarQube compatibility matrix
• tested and released for SonarQube 8.9 LTS with Java 11 (other versions are not supported)
  • see also SonarQube compatibility matrix
• If you're running SonarQube 9.9 with Java 11 as scanner runtime environment, the latest compatible SonarScanner version is 4.8.x. Later SonarScanner versions require Java 17 as runtime environment.
• The plugin requires Java 11 or Java 17 on scanner side: install a Java version (e.g http://jdk.java.net/archive/) and update JAVA_HOME to point to the installation directory.
• Installation Instructions
• Upgrade Instructions

Enhancements

• Cppcheck 2.15.0 support #2745
• C++23 support #2536
  • C++23: attributte assume #2732
  • C++23: deducing this #2729
  • C++23: extend init-statement to allow alias-declaration #2734
  • C++23: if consteval #2728
  • C++23: lambda changes #2736
  • C++23: multidimensional subscript operator #2733
  • C++23: preprocessor extensions #2727
  • C++23: Trimming whitespaces before line splicing #2749
  • C++23: escape sequences #2744
  • C++23: floating point suffixes #2743
  • C++23: labels at the end of compound statements #2737
  • C++23: literal suffix for (signed) size_t #2742
  • C++23: meaningful exports #2738
  • C++23: some more grammar changes #2740

Bugfixes

• JSON Compilation Database: support case sensitive filesystems #2725
• preprocessor: handle directory names not as filenames #2726
• improve handling of relative file paths in report files #2747

Thanks to @Nekto89 @kragens @baemhai @cmorve-te for their input and support.

V2.1.2

We are pleased to announce the SonarQube C++ Community Plugin version 2.1.2.
This is only a small enhancement and bugfix release, see previous V2.1.x for complete release notes.

SonarQube compability

• tested and released for SonarQube 9.9 LTS with Java 17 (other versions are not supported)
  • see also SonarQube compatibility matrix
• tested and released for SonarQube 8.9 LTS with Java 11 (other versions are not supported)
  • see also SonarQube compatibility matrix
• If you're running SonarQube 9.9 with Java 11 as scanner runtime environment, the latest compatible SonarScanner version is 4.8.x. Later SonarScanner versions require Java 17 as runtime environment.
• The plugin requires Java 11 or Java 17 on scanner side: install a Java version (e.g http://jdk.java.net/archive/) and update JAVA_HOME to point to the installation directory.
• Installation Instructions
• Upgrade Instructions

Enhancements

• Cppcheck 2.14.0 support #2677 #2668 #2591
• LLVM 19 support #2640 #2705
• Visual Studio 2022 v17.9 warnings support #2707
• use SQ 9.9.6.92038 and SonarScanner 4.8.0.2856 for testing #2710 #2635
• Bump sonar.version from 9.9.0.65466 to 9.9.4.87374 #2631
• SonarCloud: Java 11 is no longer supported as scanner runtime environment #2617
• The property 'sonar.login' is deprecated #2657 #2656 #2642

Bugfixes

• fix cognitive complexity problem with r-value references #2675 #2649 #2672
• Support correct repository (description) for CustomCxxRulesDefinition #2644
• fix CustomCxxRulesDefinition, remove language #2647

Thanks to @smileQiny @opajonk @Patschkowski @Nekto89 for their input and support.

V2.1.1

We are pleased to announce the SonarQube C++ Community Plugin version 2.1.1.
This is only a small enhancement and bugfix release, see V2.1.0 for complete release notes.

Hint: The update mainly fixes performance problems that occur when switching to SonarQube 9.9 LTS with projects with many files. To fix the problems you should install the latest version of SonarQube 9.9 LTS (>=9.9.1) and cxx plugin (>=2.2.1).

Enhancements

• MSBuild .LOG support of Visual Studio 2022: Platform toolset v143 #2523 #2491

Bugfixes

• cxx plugin 2.1 slow with SonarQube 9.9.0 LTS #2518
• squid: save metrics slow #2520 #2502
• correct handling of # in preprocessor #2528 #2505

Thanks to @Nekto89, @AndreyAlifanov and @fayaz988 for their input and support.

V2.1.0

We are pleased to announce the SonarQube C++ Community Plugin version 2.1.0.
See lists below for features added and bugs fixed in this release.

The version 2.1 of the cxx plugin is a minor update. Essentially, adjustments to the new SonarQube 9.9 LTS version and updates of the sensors to the latest rules of the corresponding tools took place.

---

Make sure to read the Upgrade Instructions before you get started.

---

SonarQube compability

• tested and released for SonarQube 9.9 LTS with Java 17 (other versions are not supported)
  • see also SonarQube compatibility matrix
• tested and released for SonarQube 8.9 LTS with Java 11 (other versions are not supported)
  • see also SonarQube compatibility matrix

• The plugin requires Java 11 or Java 17 on scanner side: install a Java version (e.g http://jdk.java.net/archive/) and update JAVA_HOME to point to the installation directory.

• Installation Instructions
• Upgrade Instructions

Enhancements

with effect on configuration:

• Analyse only files that are contained in the 'JSON Compilation Database' (sonar.cxx.jsonCompilationDatabase.analyzeOnlyContainedFiles=True/False) #2430 #2449

other:

• support Feature Checking Macros __has_builtin __has_feature __has_extension __has_cpp_attribute __has_c_attribute __has_attribute __has_declspec_attribute __is_identifier __has_warning #2406
• improved performance: search in configuration XML tree with XPath was very slow #2383 #2410
  • especially 'JSON Compilation Database' usage should be much faster
• Cppcheck 2.9 support #2455
• Clang-Tidy V16 support #2456
• Clang Static Analyzer V16 support #2470
• Visual Studio 2022 warnings support #2460
• use remediation function CONSTANT_ISSUE for rules like the other plugins #2462
  • old: remediationFunction=LINEAR; remediationFunctionGapMultiplier=5min
  • new: remediationFunction=CONSTANT_ISSUE; remediationFunctionBaseEffort=5min
• C++23: support #elifdef and #elifndef #2411
• use local solution for deprecated org.sonar.api.server.rule.RulesDefinitionXmlLoader #2461
• Adding new shell script generate_clangtidy_resources.sh by @aallrd in #2375 #2382
• preprocessor refactoring #2380 #2381 #2386 #2388 #2389 #2390 #2391 #2392 #2393 #2394 #2397 #2400 #2426 #2362
• use GitHub Actions for integration tests #2304 #2438
• use Python 3.7 for integration tests #2332

no more supported:

• removed SQ 7.9 LTS support / integration tests #2329

Bugfixes

• fix preprocessor: nested #ifdef ... #else #2373
• fix "Unable to lex string source code" error with __has_include #2369 #2371

Known Issues

For an up to date list of known issues see the issue tracker.

• only tested with Java 11 and Java 17
  • Message "The plugin [cxx] does not support Java 1.8.0, UnsupportedClassVersionError". To solve this download OpenJDK 11 or 17 and unzip it (http://jdk.java.net/archive/). Point with the JAVA_HOME environment variable to the Java 11 or 17 location.
  • SonarQube nohup.log file item: Error: LinkageError occurred while loading main class org.sonar.application.App java.lang.UnsupportedClassVersionError: org/sonar/application/App has been compiled by a more recent version of the Java Runtime (class file version 61.0), this version of the Java Runtime only recognizes class file versions up to 55.0. To solve this download OpenJDK 17 and unzip it (http://jdk.java.net/archive/). Point with the JAVA_HOME environment variable to the Java 17 location.
• In SonarQube, each file extension must be uniquely assigned to one programming language. When operating several C/C++ plugins in parallel, this must be taken into account during configuration. To avoid problems on a server with multiple C++ plugins, the CXX programming language sensor is disabled by default.
• Ensure that a rule is enabled if you get no results. In new SQ versions the default profile is read-only. The cxx plugin does not enable rules for external tools per default.
• Message: "C++ cannot be analyzed with current SonarQube edition. Please consider upgrading...". SonarQube issues this message when an input file with the file extension .c, .cc, .cpp, .cxx or .c++ is read in the Community Edition. Select "Dismiss permanently" to continue without the message.
• cxx-sslr-toolkit-x.y.z.jar is not a plugin. Do not copy it to the plugins folder. If the JAR file does not contain a SonarQube plugin, the following error message appears in the LOG file when the server is started: ERROR Web server startup failed java.lang.NullPointerException: Plugin key is missing from manifest.

Thanks ....

go to all contributors and all people which were active on the issue tracker!

V2.0.7

We are pleased to announce the SonarQube C++ Community Plugin version 2.0.7.
This is only a small enhancement and bugfix release, see V2.0.0 for complete release notes.

Enhancements

• Cppcheck 2.70 support #2307
• Clang-Tidy v15 support #2324

Bugfixes

• uppercase file paths in Xunit reports are changed to lowercase on case sensitive operating systems #2303 #2302
• fix placement new issue #2315 #2314
• fix parsing error when using template type parameter with assignment #2321 #2317
• fix parsing error with right angle bracket detection #2319 #2318 #2291 #2286
• improve type traits support #2316
  • template parameter std::enable_if_t not parsed #2305
  • C++14: add type traits helper support #2306

Thanks to @slnj, @jnicol31 and @amai2012 for their input and support.

V2.0.6

We are pleased to announce the SonarQube C++ Community Plugin version 2.0.6.
This is only a small enhancement and bugfix release, see V2.0.0 for complete release notes.

• introduce a configuration parameter to disable the Squid sensor: sonar.cxx.squid.disabled #2080 #2262 #1682 #2228
  • Disable parsing of source code, syntax highlighting and metric generation. The source files are still indexed, reports can be read and their results displayed. Turning off will speed up reading of source files.
• update rules from LLVM tools to version 13 #2270
  • Clang-Tidy and Clang Static Analyzer tool
• Cppcheck 2.60 support #2265
• support Cobertura coverage reports with 'drive letter only' in source tag #2268
• UndocumentedApi check: support enumerations without name #2277
  • did give a wrong error message so far

thanks to @andreydanin

V2.0.5

We are pleased to announce the SonarQube C++ Community Plugin version 2.0.5.
This is only a small bugfix, see V2.0.0 for complete release notes.

• Clang-Tidy: Issues with Windows paths with forward slashes are supported now #2245 #2246
• PC-lint Plus 1.3.5 warnings support #2221 #2085
• Cppcheck 2.5 warnings support #2220 #2214
• Visual Studio 2019 version 16.11 warnings support #2247 #2248

thanks to @Vishal-Gaikwad and @chswap

V2.0.4

We are pleased to announce the SonarQube C++ Community Plugin version 2.0.4.
This is only a small bugfix, see V2.0.0 for complete release notes.

• set predefined macro value of __cplusplus to 201402L (C++14) #2203
• regular expressions of sensors optimized #2188
• whitespace channel optimized #2200
• fix highlighting error for identifiers with special meaning: module, import #2202 #2197 #2192
• make ‚save measures’ for InputFiles more robust #2194
• C++ Parser can't read code. Declaration is skipped #2198
  • Add last known token with position. Problem is most likely before/after this token