Release notes

This page groups the release notes for SonarQube, with a focus on new features and enhancements. Links to the full release notes for each version are available below.

To check for breaking changes before an upgrade, refer to the release upgrade notes.

SonarQube 10.7 release notes

AI features

AI-generated fix suggestions 

Available in Early Access in Enterprise Edition and above.

When investigating an issue, you can ask for an AI-generated fix suggestion and open it directly in your IDE (VS Code, IntelliJ, and Eclipse).

AI code assurance 

Available starting in Developer Edition.

You can now flag projects as containing AI-generated code. The flagged projects will use the Sonar way quality gate to ensure the ai-generated code is clean. 

IDE 

Advanced bug detection 

Available starting in Developer Edition.

To help you detect issues earlier in the development cycle, Java and Python dataflow bug detection (DBD) issues are now reported to IntelliJ and Eclipse when working in connected mode. 

Setup and Authentication 

Modern Authentication for SMTP server

SonarQube can now use modern authentication, required to integrate with email SMTP servers.

Installation on OpenShift supported 

Available starting in Developer Edition.

SonarQube now better supports deploying its helm chart on OpenShift. 

Automatic synchronization of project permissions and roles with GitLab

Available starting in Developer Edition.

When integrating with GitLab, project permissions and custom roles are now automatically synchronized.

Password policy rules

Administrators can define a password policy for local accounts.

Security reports

Based on the results of your analysis, Cloud Application Security Assessment (CASA) and Security Technical Implementation Guides (STIGs) security reports are available for your projects.

New rules for Javascript and Typescript 

We've added 10 new rules that find structure problems in JavaScript and TypeScript code.

Support for Dart

Available starting in Developer Edition.

Analysis of Dart is now supported. It includes support for loading coverage data provided by LCOV and more than 70 rules, including cognitive complexity. 

Secrets Detection includes more patterns and cloud services 

Available starting in Developer Edition.

With added support for more than 30 new patterns, SonarQube now covers 146 secrets patterns and can detect secrets/tokens generated by 81 cloud services.

Additional support for PyTorch Library and Jupyter Notebooks for machine learning practitioners

We’ve increased support for machine learning with 7 new rules for the PyTorch library. Analysis of Jupyter Notebooks, previously added in VS Code, is now available.

Kubernetes / Helm Improvements

Eight new maintainability rules are available. Analysis of issues across multiple files is now supported. 

Support added for C23

Analysis of C23, the latest major revision of C, is now supported. 

MISRA C++2023 Improvements

7 new preprocessor and code presentation rules inspired by MISRA C++2023 are now available.

Improved analysis time on Mac Apple Silicon for C/C++/Objective-C Projects

The analysis performance of the analysis when using Apple silicon processors has been improved by 30%.

Additional support for Spring framework in Java

To improve security coverage, we’ve added advanced security rules for the Spring Framework to reach a coverage of 92% for security-sensitive Spring features.