PL/SQL Cop for SonarQube v6.7.0.1

• Released on 2018-09-04
• Fixed
  • Crash of background analysis task when analysing empty directories or directories without relevant source files
  • Null pointer exception when analyzing directories without relevant source files (warning, without impact)

PL/SQL Cop for SonarQube v6.7.0.0

• Released on 2018-03-11
• New:
  • Runs in SonarQube 6.7 – 7.0
• Changed
  • Custom dashboards and dashboard widgets are discontinued by SonarQube, hence the following PL/SQL Cop widgets are not available anymore:
    • Project Summary
    • Parameters
  • The following metrics are discontinued by SonarQube and not available anymore:
    • Complexity / Function
    • Complexity / File

PL/SQL Cop for SonarQube v5.6.0.2

• Released on 2019-09-30
• Fixed:
  • Crash when starting SonarQube server with a plsqlcop-model.xml in the genmodel folder of PL/SQL Cop.

PL/SQL Cop for SonarQube v5.6.0.1

• Released on 2019-09-29
• Changes based on Link to Trivadis PL/SQL & SQL Guidelines v3.6.
  • Renamed G-3130 from “Try to use ANSI-join syntax” to “Try to use ANSI SQL-92 join syntax”.
  • Renamed G-3160 from “Avoid virtual columns to be visible” to “Avoid visible virtual columns”.
  • Renamed G-8410 from “Always use application locks to ensure a program unit only running once at a given time” to “Always use application locks to ensure a program unit is only running once at a given time”.

PL/SQL Cop for SonarQube v5.6.0.0

• Released on 2018-03-11
• New:
  • Runs in SonarQube 5.6 – 6.6
    • Plugin interfaces do not allow JDBC connections to the SonarQube database anymore
    • SonarQube server is handling all database operations
  • New metric “Max. cyclomatic complexity”
  • New average complexity metrics
    • Complexity / Function
    • Complexity / File
  • New metric “Rating Max. Cyclomatic Complexity”
    • A: <11
    • B: 11 .. 30
    • C: 31 .. 40
    • D: 41 .. 50
    • E: > 50
  • New metric “Rating Max. Halstead Volume”
    • A: < 1001
    • B: 1001 .. 2000
    • C: 2001 .. 2500
    • D: 2501 .. 3000
    • E: > 3000
  • New metric “Rating Min. maintainability index (MI)”
    • A: > 84
    • B: 75 .. 84
    • C: 70 .. < 75
    • D: 64 .. < 70
    • E: < 64
  • The widget “Project Summary” shows the following additional metrics
    • Number of files
    • Number of lines
    • Number of net lines
    • Complexity
  • The widget “Parameters” shows now all PL/SQL Cop command line parameter values
• Changed:
  • New formula for metric “Complexity”
    • Sum of the cyclomatic complexities of all units (procedures, functions, methods) in a file
    • This makes the complexity independent of the number of files used to store units
    • If units in a file are not “connected”, then the calculated complexity is expected to be “too high”
    • In previous versions the “Max. cyclomatic complexity” has been used for complexity, which was “too low” in some cases
  • SQALE characteristics are discontinued by SonarQube and replaced by rule types
  • SQALE characteristic “security” is mapped to rule type “Vulnerability”, issues of type error are mapped to rule type “Bug”, all other issues are mapped to rule type “Code Smell”
  • SQALE characteristics “changeability”, “efficiency”, “maintainability”, “portability”, “reliability”, “reusability” and “testability” are stored as tags. The SQALE characteristic “security” is not stored as a tag since this would be redundant to the rule type “Vulnerability”.
• Fixed:
  • Metric links in widget “Project Summary” now open the correct detail pages

PL/SQL Cop for SonarQube v4.5.0.1

• Released on 2019-09-29
• Changes based on Link to Trivadis PL/SQL & SQL Guidelines v3.6.
  • Renamed G-3130 from “Try to use ANSI-join syntax” to “Try to use ANSI SQL-92 join syntax”.
  • Renamed G-3160 from “Avoid virtual columns to be visible” to “Avoid visible virtual columns”.
  • Renamed G-8410 from “Always use application locks to ensure a program unit only running once at a given time” to “Always use application locks to ensure a program unit is only running once at a given time”.

PL/SQL Cop for SonarQube v4.5.0.0

• Released on 2018-03-11
• New:
  • Runs in SonarQube 4.5.0 – 5.1.2 (previously version 4.5.7 was required)
  • New version numbering system, indicating the required, minimal SonarQube LTS version

PL/SQL Cop for SonarQube v2.1.2

• Released on 2017-10-13
• Fixed:
• Non-default activation severities are not considered when creating issues

PL/SQL Cop for SonarQube v2.1.1

• Released on 2017-05-14
• New:
  • Guidelines (rules) updated to include a reason
• Fixed:
  • Various formatting issues

PL/SQL Cop for SonarQube v2.0.0

• Released on 2017-02-03

• New:

  • Supporting Trivadis PL/SQL & SQL Coding Guidelines Version 3.2
    • New rule numbering scheme
    • 13 new rules
      • G-5010: Try to use a error/logging framework for your application.
      • G-8410: Always use application locks to ensure a program unit only running once at a given time.
      • G-8420: Always use dbms_application_info to track program process transiently
      • G-3160: Avoid virtual columns to be visible.
      • G–3170: Always use DEFAULT ON NULL declarations to assign default values to table columns if you refuse to store NULL values.
      • G–2230: Try to use SIMPLE_INTEGER datatype when appropriate.
      • G-3150: Try to use identity columns for surrogate keys.
      • G-3180: Always specify column names instead of positional references in ORDER BY clauses.
      • G-3190: Avoid using NATURAL JOIN.
      • G-7460: Try to define your packaged/standalone function to be deterministic if appropriate.
      • G-7810: Do not use SQL inside PL/SQL to read sequence numbers (or SYSDATE)
      • G-8120: Never check existence of a row to decide whether to create it or not.
      • G-8310: Always validate input parameter size by assigning the parameter to a size limited variable in the declaration section of program unit.
    • PL/SQL Cop errors included as rules
      • E-0001: Timeout occurred (after n seconds) during load/parse/validation of resource.
      • E-0002: Syntax error. Please contact the author if the code compiles successfully in your environment.
      • E-0003: License limit reached.
    • Rules and quality profiles for non-default validators are loaded from PL/SQL Cop genmodel directory when starting SonarQube
    • Severity and SQALE characteristics are included in HTML and Excel outputs, issues are ordered by severity (Blocker, Critical, Major, Minor, Info)
  • New Preferences
    • Generate SonarQube model – Generate SonarQube XML model files for non-default validator
    • Validator class – Decendent of PLSQLJavaValidator, default is com.trivadis.tvdcc.validators.TrivadisGuidelines3

• Fixed:

  • Analysis stops when PL/SQL Cop throws an error or when reported rule is unknown

• Prerequisites:

  • PL/SQL Cop 2.0
  • SonarQube version 4.5.7 up to 5.1.2