Skip to content

1.19.0.5623
Compare
Choose a tag to compare
@jonas-wielage-sonarsource jonas-wielage-sonarsource released this 11 Aug 11:38
· 738 commits to master since this release
1.19.0.5623
b894f37
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Release notes - SonarIac - 1.19

Bug

SONARIAC-917 Whitespace line is counted as code when prefixed with code

SONARIAC-1057 Fix `YamlMetricsVisitor` to accurately differentiate between regular comments and `NOSONAR` comments

SONARIAC-1061 The location of resource type is misaligned in bicep files

New Feature

SONARIAC-857 ARM Bicep support: create targetScope

SONARIAC-858 ARM Bicep support: create importDecl

SONARIAC-859 ARM Bicep support: create metadataDecl

SONARIAC-860 ARM Bicep support: create typeDecl

SONARIAC-861 ARM Bicep support: create moduleDecl

SONARIAC-862 ARM Bicep support: create functionDecl

SONARIAC-863 ARM Bicep support: create Decorator

SONARIAC-864 ARM Bicep support: create SyntaxToken

SONARIAC-865 ARM Bicep support: create parameterDecl

SONARIAC-866 ARM Bicep support: add 'existing' boolean in resources

SONARIAC-867 ARM Bicep support: add support for forExpression

SONARIAC-869 ARM Bicep support: extends Expression implementation to reflect Bicep grammar

SONARIAC-871 ARM Bicep support: create typeExpression grammar element

SONARIAC-885 Rule S6379: ARM Enabling Azure resource-specific admin accounts is security-sensitive

SONARIAC-889 Rule S6378: Disabling Managed Identities for Azure resources is security-sensitive

SONARIAC-896 Rule S6648 for ARM: Secure strings and objects should not have default values

SONARIAC-899 Rule S6380: Authorizing anonymous access to Azure resources is security-sensitive

SONARIAC-907 ARM Bicep S6364 ARM Defining a short backup retention duration is security-sensitive

SONARIAC-918 ARM Bicep S6387 Azure role assignments that grant access to all resources of a subscription are security-sensitive

SONARIAC-925 ARM Bicep S4423 ARM Weak SSL/TLS protocols should not be used

SONARIAC-926 ARM Bicep S6385 Azure custom roles should not grant subscription Owner capabilities

SONARIAC-930 Rule S6656: ARM Template evaluation should not expose secure values

SONARIAC-931 ARM Bicep support: Create basic File Statement and Expression

SONARIAC-933 ARM Resource names are case-insensitive

SONARIAC-935 ARM Bicep support: create simplified resourceDecl

SONARIAC-936 ARM Bicep support: handle variableDecl

SONARIAC-939 ARM Bicep support: create outputDecl

SONARIAC-940 ARM Bicep support: create interpString

SONARIAC-941 ARM Bicep support: add support for ifCondition

SONARIAC-942 ARM Bicep support: object - add support for interpString

SONARIAC-943 ARM Bicep support: add support for typedLambdaExpression

SONARIAC-944 ARM Bicep support: create IDENTIFIER(name)

SONARIAC-946 ARM Bicep setup Ruling tests

SONARIAC-947 ARM Bicep support: add support for functionCall

SONARIAC-955 Arm Sensor should analyze bicep files

SONARIAC-995 Update values of Bicep keywords

SONARIAC-1012 Parsing error when arrayItem contains underscore in name

SONARIAC-1024 ARM Bicep replace with PRIMARY_TYPE_EXPRESSION in expected places

SONARIAC-1025 ARM Bicep parsing error for param

SONARIAC-1027 ARM Bicep ResourceDeclaration properties should return empty list for ternary expression

SONARIAC-1054 Add highlighting for Bicep syntax

SONARIAC-1055 Add metrics for Bicep files

SONARIAC-1063 Rule S1135: Track uses of "TODO" tags

Improvement

SONARIAC-959 ARM Json : Change copyInput in OutputDeclaration from StringLiteral to Expression

SONARIAC-972 ARM Bicep: add decorator to resourceDecl

SONARIAC-973 ARM Bicep add ifCondition to resourceDecl

SONARIAC-981 ARM Bicep add forCondition to resourceDecl

SONARIAC-997 ARM Bicep extend parameterDecl to accept param as keyword

SONARIAC-1000 ARM Bicep primaryExpression should accept string complete instead of alpha numeral string

SONARIAC-1001 ARM Bicep parse error for resource

SONARIAC-1002 ARM Bicep param parse error when array of objects

SONARIAC-1045 ARM Bicep S6382 Disabling certificate-based authentication is security-sensitive

SONARIAC-1046 ARM Bicep S5332 Using clear-text protocols is security-sensitive

SONARIAC-1047 ARM Bicep S6381 Assigning high privileges Azure Resource Manager built-in roles is security-sensitive

SONARIAC-1048 ARM Bicep S6321 Administration services access should be restricted to specific IP addresses

SONARIAC-1049 ARM Bicep S6413 Defining a short log retention duration is security-sensitive

SONARIAC-1050 ARM Bicep S6329 Allowing public network access to cloud resources is security-sensitive

SONARIAC-1051 ARM Bicep S6383 Disabling Role-Based Access Control on Azure resources is security-sensitive

SONARIAC-1052 ARM Bicep S6388 Using unencrypted cloud storages is security-sensitive

Assets 2
Loading