What’s new in SonarQube?
In August we updated your SonarQube to the new major long-term support release -- SonarQube 7.9 LTS. You might have already had a chance to try it out, and perhaps have found some of the new useful features as well.
For all details on the new LTS release, please see The Definitive Guide to SonarQube 7.9 LTS at sonarqube.org.
Support for version control branches in Community Edition
Thanks to the amazingly active and resourceful community around SonarQube, users of the free open-source SonarQube Community Edition gain access to proper support for version control system branch analysis, a feature previously reserved to commercial SonarQube editions.
We have included SonarQube Community Branch Plugin in all Community Edition instances.
This community add-on implements branch analysis functionality, features and configuration parameters as specified in SonarQube Documentation. Refer to the documentation for more details on using branch analysis for your project.
In addition to vulnerabilities and code smells, SonarQube analysis now contain pointers to other potential security issues within the code. These are called Security Hotspots.
Unlike vulnerabilities, Security Hotspots are not necessarily issues which can introduce exploitable threats in the software. Instead, Security Hotspots help to highlight potential security-sensitive pieces of code which need to be manually reviewed. Upon review, you'll either find an actual issue that needs to be fixed, or that there is no threat.
Reviewing Security Hotspots helps focus the efforts of developers who are manually checking security-sensitive code. In addition to finding and fixing security issues, Security Hotspots also allows developers to learn more about security -- SonarQube explains why your code was identified as a Security Hotspot, and how it is linked to well-known attacks or weaknesses such as SQL injection or weak cryptography.
Find out more about Security Hotspots in the SonarQube Documentation at sonarqube.org.
With the latest LTS release, SonarQube can now help you spot bugs, vulnerabilities and code smells in 27 popular languages.
SonarQube 7.9 LTS adds support for six new languages:
*Apex support is available in Enterprise Edition and above.
Enhancements for supported languages
What’s new in Bitbucket?
In the new major version Bitbucket Server 6, Atlassian has updated the very foundations of Bitbucket Server so they can continue to deliver great new features and improvements over the years to come.
Your ROOT Platform will receive an update to version 6.5 during September. While the majority of changes compared to previous version 5 are still practically invisible to a regular user, there are already some new features as well.
See the Release Notes at atlassian.com to learn more about Bitbucket Server 6.5.
New built-in commit graph
Atlassian has included a new built-in commit graph feature in Bitbucket Server 6. This sought-after feature will make it easier to find commit and understand the relationships between them by visualizing the commit history in your entire repository.
Read more in the Bitbucket Server 6.1 release notes at atlassian.com
Git LFS file locking
In an update to Git Large File Storage (LFS) functionality, Atlassian has introduced support for file locking. You can now ock files to stop them from being edited while you work on them. This should help you to avoid merge conflicts when working on binary files.
See Working with Git LFS Files at atlassian.com for more details on Git LFS locking.
What’s new in Confluence?
The first beta version of the upcoming Confluence 7 being released on the 16th of August is indicative of bigger changes that are on the way for Confluence.
While working on a final production release of Confluence 7, Atlassian has provided an evolutionary lifecycle update - Confluence 6.15 - to the current mainline version 6. This update is mainly focused on improvements, enhancements and fixes under the hood.
See the Release Notes at atlassian.com to learn more about Confluence 6.15.
What's new with other Eficode ROOT tools?
- Artifactory is updated to version 6.12.0.
- Jenkins is updated to latest LTS version 2.176.3 along with a number of plugin security fixes and enhancements. Please contact your ROOT support for more detail on updates scheduled for your Jenkins deployment.
- Nexus IQ is updated to the latest stable release 71.
- Rancher receives some security related fixes: