Latest | Server upgrade and maintenance | Release and deprecation notes | Release notes

Release notes

SonarQube Server 10.8 release notes

Full release notes

SonarQube Server 10.8 full release notes

AI features

AI Code Assurance custom quality standards

The Sonar way for AI Code quality gate is available to support recommended standards for AI Code Assurance. It’s possible to modify this quality gate or customize any quality gate with higher standards to mark your project as qualified for AI code.

The use of the Sonar way quality gate is no longer enforced. Projects applying the Sonar way quality gate will lose AI Code Assurance however, it’s easy to apply the correct quality gate to regain AI Code Assurance. See Applying a qualified quality gate for complete details.

The Standards for AI-generated code page has all the information you need to learn about AI Code Assurance.

Enable AI CodeFix at the project level

Instance Admins can now enable or disable AI CodeFix for all projects or on selected projects. It is also possible to completely hide the feature from the SonarQube UI at the SonarQube installation level.

Open AI CodeFix suggestion in Visual Studio

SonarQube Server 10.7 introduced the ability to open AI CodeFix suggestions in SonarQube for IntelliJ, VS Code, and Eclipse. SonarQube Server 10.8 extends it to all the IDEs with the final addition of SonarQube for Visual Studio. And, if you are running SonarQube for Visual Studio, selecting Open in IDE will directly paste the fix suggestion into your IDE.

DevOps integration

Automatic provisioning: added visibility on group membership

When using GitHub or GitLab automatic provisioning features, admins can now see which users are assigned to each group in the SonarQube Server UI for both GitHub and GitLab projects. This makes it easier to identify any issues between SonarQube Server and GitHub or GitLab.

Server administration

Introducing Multi-Quality Rule Mode

You can now toggle your SonarQube Server instance between the Standard Experience and Multi-Quality Rule Mode (MQR).

See Choosing a mode for your instance for more information. In both modes, it's possible to customize the severity of issues and rules.

New SonarQube Server instances use MQR Mode by default. Upon upgrading, existing SonarQube Server 10.1 and earlier are configured with the Standard Experience by default.

Analyzers, scanners, languages

New Architecture category

Architecture issues in code can now be detected. Analysis can detect class cycles for Java within a single package and across multiple packages.

Analysis of Ansible is available

SonarQube Server can now detect issues in Ansible playbooks, an Infrastructure as Code (IaC) platform for automating application provisioning, configuration, updating, and deployment. We provide 17 rules, detecting over 10 security misconfigurations, and support Kubernetes rules in embedded Kubernetes configuration, as well as importing the output of ansible-lint.

See the Ansible page for more information.

Dart/Flutter moves from Early Access to Supported

Dart/Flutter analysis is now supported, it is no longer an Early Access feature. We've added rules to now reach 115 rules.

Additional language updates

Python

Python 3.13 is now supported.

Java

Analysis of Java 22 Projects is now supported.

JSpecify annotations are now supported with one new rule.

24 main code rules enabled for test code.

C-Family

Analysis is supported on code featuring C++20 modules.

Added 7 rules for long-lived and legacy C++ projects.

Runtime issue detection now supports

manually null-terminated strings
wchar_t strings
win32 file open/close API

.NET / C#

Analysis of C#13 is now supported, and the rules have been updated to support .NET 9. We also added 3 new advanced rules around locking and misuse Linq queries on collections known to not be empty.

Kotlin

Analysis of Kotlin 2.0 is now supported.

Was this page helpful?