Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

build(deps): bump SonarAnalyzer.CSharp from 8.52.0.60960 to 9.25.0.90414 #205

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

build(deps): bump SonarAnalyzer.CSharp from 8.52.0.60960 to 9.25.0.90414 #205

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github May 7, 2024

Bumps SonarAnalyzer.CSharp from 8.52.0.60960 to 9.25.0.90414.

Release notes

Sourced from SonarAnalyzer.CSharp's releases.

9.25

Hello everyone,

This release comes with seven new rules for ASP.NET core alongside some improvements. Enjoy!

New Rules

  • 9096 - [C#] New Rule S6966: Awaitable method should be used
  • 9095 - [C#] New Rule S6967: ModelState.IsValid should be called in controller actions
  • 9094 - [C#] New Rule S6964: The value type properties of a model class should be nullable or marked as "Required" to avoid under-posting.
  • 9093 - [C#] New rule S6968: Actions that return a value should be annotated with ProducesResponseTypeAttribute containing the return type
  • 9092 - [C#] New rule S6965: You should use HttpAttribute in API controller actions
  • 9091 - [C#] New rule S6962: You should pool HTTP connections with HttpClientFactory
  • 9089 - [C#] New rule S6960: Controllers should not have too many responsibilities

Bug Fixes

  • 9193 - Fix AD0001: Named Attribute Arguments in S6930

False Positive

  • 9219 - [C#] Fix S1144 FP: Getters/Setters of property with attribute are being flagged

Improvements

  • 9187 - Update RSPEC before 9.25 release
  • 9186 - [C#] Rule S6961: Implement CodeFix

Rule deprecations and deletions

  • 9175 - [VB.NET] Delete S2353: Remove deprecated rule
  • 9189 - [C#] Deprecate S6803

9.24

Hey everyone, This release contains one new ASP.NET Rule (S6961) and several general improvements and fixes. Enjoy!

Improvements

  • 9090 - [C#] New rule S6961 for C#: API Controllers should derive from ControllerBase instead of Controller
  • 8696 - Fix coverage aggregation from multiple reports
  • 9048 - Create SonarAnalyzer.CSharp.Styling project
  • 7774 - [C#, VB.NET] Fix S1144: Nested type constructor accessibility is wrong in the rule message
  • 8980 - Update RSPEC before 9.24 release

Bug Fixes

  • 9113 - [C#, VB.NET] AD0001: ArgumentNullException in SymbolicExecutionRunner
  • 8977 - [C#] CfgAllPathValidator AreAllSuccessorsValid Stack Overflow on Windows and error MSB6006 in Linux Codespaces

False Positive

  • 9063 - [C#, VB.NET] Fix S2094 FP: Should not raise for messages
  • 9062 - [C#, VB.NET] Fix S2094 FP: Documentation using the DefaultDocumentation package
  • 7591 - [C#, VB.NET] Fix S2094 FP: Implicit parameterless constructor widens the scope of the base class constructor
  • 8163 - [C#, VB.NET] Fix S3878 FP: Jagged arrays

False Negative

  • 6724 - [C#, VB.NET] Fix S1144 FN: Unused private getters and private setters

... (truncated)

Commits
  • 75e3904 Update RSPEC before 9.25 release (#9246)
  • bc4c63b Fix S6966 FPs/FNs: FPs/FNs after peach validation (#9222)
  • e0dce12 New rule S6960 for C#: Controllers should not have too many responsibilities ...
  • 7e0dada Fix Razor location UTs (#9242)
  • 24ec493 Improve S6964: Include array types and nested collection types (#9239)
  • c298484 Refactor: Extract common method to check if any ancestor belongs to SyntaxKin...
  • ca0f118 Decompose SymbolHelper into dedicated extension classes (#9229)
  • c755a17 Enable razor UTs in-memory compilation (#9226)
  • 75e2d7b Repro for FN 2589: Support redundant recursive pattern null check (#9234)
  • a2cd911 Fix S1144 FP: Getters/Setters of property with attribute are being flagged (#...
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
build(deps): bump SonarAnalyzer.CSharp from 8.52.0.60960 to 9.25.0.90414
b9296a0 
Bumps [SonarAnalyzer.CSharp](https://github.com/SonarSource/sonar-dotnet) from 8.52.0.60960 to 9.25.0.90414.
- [Release notes](https://github.com/SonarSource/sonar-dotnet/releases)
- [Commits](SonarSource/sonar-dotnet@8.52.0.60960...9.25.0.90414)

---
updated-dependencies:
- dependency-name: SonarAnalyzer.CSharp
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label May 7, 2024
@dependabot dependabot bot mentioned this pull request May 7, 2024
Closed
github-actions[bot]
github-actions bot approved these changes May 7, 2024
View reviewed changes
Copy link

@github-actions github-actions bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@dependabot merge

@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github May 7, 2024

Sorry, only users with push access can use that command.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@github-actions github-actions[bot] github-actions approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
0 participants