Skip to content

chore(deps): bump SonarAnalyzer.CSharp from 10.7.0.110445 to 10.9.0.115408 #250

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
May 1, 2025
Merged

chore(deps): bump SonarAnalyzer.CSharp from 10.7.0.110445 to 10.9.0.115408 #250

merged 1 commit into from
May 1, 2025

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github May 1, 2025

Bumps SonarAnalyzer.CSharp from 10.7.0.110445 to 10.9.0.115408.

Release notes

Sourced from SonarAnalyzer.CSharp's releases.

10.9

Hello everyone!  This is a mega-hardening release! Enjoy 😄

False Positive

  • NET-1309 - Fix S2583 FP: Support overrides in IsImplementingInterfaceMember
  • NET-1308 - Fix S2583 FP: Add support for AdressOf operator
  • NET-1302 - Fix S4158 FP: Don't raise on GetEnumerator() calls
  • NET-1295 - Fix S3236 FP: Exclude Debug.Assert
  • NET-1290 - Fix S4158 FP: Support RouteValueDictionary in AspNetCore
  • NET-1289 - Fix S4158 FP: Adding methods with well defined sematics
  • NET-1288 - Fix S4158 FP: Recognize Add methods with bool return type
  • NET-1287 - Fix S4158 FP: Don't raise on SetValue
  • NET-1280 - Fix S2342 FP: Flaky reports
  • NET-1278 - Fix S3440 FP: Variable assignment and switch expression
  • NET-1246 - Fix S1481 FP: Don't report on discard like looking variables
  • NET-1242 - Fix S2583/S4158 FP: Support for collections that are initialized with object
  • NET-1241 - Fix S2589 FP: Don't track concurrent collections
  • NET-1230 - Fix S4158 FP: Immutable collections
  • NET-1223 - Fix S3267 FP: ref struct types cannot leave the stack
  • NET-1214 - Fix S2259 FP: Foreach loop over empty collection
  • NET-1212 - Fix S2259 FP: Learn bool from NotNull constraint and Null value
  • NET-1208 - Fix S2589 FP: Rule ignores case guards
  • NET-1207 - Fix S3966 FP: disposing element of indexable after declaration pattern
  • NET-1203 - Fix S3966 FP: Enumerating a collection of tuples
  • NET-1202 - Fix S2259 FP: Foreach nested in try, nested in loop
  • NET-1188 - Improve S4158 - Empty Collections should not be Enumerated
  • NET-1088 - Fix S3240 FP: Ignore when a conditional block contains a ternary
  • NET-800 - Fix S2259 FP: FlowCaptures in loops and try-regions

False Negative

  • NET-1299 - Fix S2053 FN: Support Copy methods
  • NET-1257 - Fix S4790 FN: New HashData overloads not recognized
  • NET-1194 - Fix S4158 FN: Collection Expressions (C# 12)
  • NET-357 - Fix S2068 FN: does not consider launchSettings.json files
  • NET-210 - Fix S4158 FN: AddRange with empty collection

Bug

  • NET-1267 - Fix S2068 bug: Issue location is out of range in web.config for elements or attributes with an xml namespace
  • NET-1184 - Roslyn rule import should map the issue severity to the Software Quality impact in SonarQube Server

Improvement

  • NET-1217 - Improve S3996: Set location to the property instead of record

... (truncated)

Commits
  • 9500888 NET-1361 Fix S3444 AD0001: Secondary location in a bigger file
  • abce8b8 NET-1244 Write UTs for uncovered extension methods in IOperationExtension
  • ea56edc Revert "NET-1254 Fix S3878 FN: When params are passed as array through an att...
  • a759f41 NET-1323 Fix S3267 AD0001: Support empty return and lambdas
  • 99a7f78 NET-1245 Update RSPEC before 10.9 release
  • 54ea029 NET-1257 Fix S4790 FN: New HashData overloads not recognized
  • f47c985 NET-1320 S1699: Do not raise on constructor initializers
  • 59bc156 NET-1222 Fix S3267 FP: Conversions to nullable value type is not expressible ...
  • ed1d110 NET-1253 Fix S1699 FN: Adds support for complex inheritance
  • 6101985 NET-1254 Fix S3878 FN: When params are passed as array throught an attribute
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore(deps): bump SonarAnalyzer.CSharp
48bec1a 
Bumps [SonarAnalyzer.CSharp](https://git.1-hub.cnSonarSource/sonar-dotnet) from 10.7.0.110445 to 10.9.0.115408.
- [Release notes](https://git.1-hub.cnSonarSource/sonar-dotnet/releases)
- [Commits](SonarSource/sonar-dotnet@10.7.0.110445...10.9.0.115408)

---
updated-dependencies:
- dependency-name: SonarAnalyzer.CSharp
  dependency-version: 10.9.0.115408
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added .NET Pull requests that update .net code dependencies Pull requests that update a dependency file labels May 1, 2025
@sonarqubecloud SonarQubeCloud
Copy link

sonarqubecloud bot commented May 1, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@linkdotnet linkdotnet merged commit fb5c69c into main May 1, 2025
3 checks passed
@linkdotnet linkdotnet deleted the dependabot/nuget/SonarAnalyzer.CSharp-10.9.0.115408 branch May 1, 2025 16:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file .NET Pull requests that update .net code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@linkdotnet