Edit

News in 2020

This document describes notable changes on Sider in the year 2020.

---

Analyzing branches

November 30, 2020

We're so happy to announce a new feature: analyzing branches. 🙌

Now you can analyze any branches even if there are not related to any pull request.

For example, this feature should be useful in the following cases, compared to the existing pull request analysis:

• when you want to know how many current issues on the main branch of your repository (especially, bugs or vulnerabilities)
• when you want to find issues of a new security rule that you added recently
• when you want to fix issues that you have temporarily closed in a pull request
• and so on...

Let's check out the document and try it!

Python 2 EOL and environments/tools update

November 4, 2020

In this release, we finally have dropped Python 2 support as announced earlier. If you have not migrated yet, please update your sider.yml. (see also Flake8)

Also, we now have enabled our recommended ruleset for cpplint as announced earlier.

And, this release includes the update of the following environments and tools. Please check out each document for details.

Other highlight:

• HAML-Lint supports a new option: parallel

Environment:

• Debian - buster-20200908 → buster-20201012
• Go - 1.15.2 → 1.15.3
• Gradle - 6.6 → 6.7
• Node.js - 12.18.3 → 12.19.0
• PHP - 7.4.10 → 7.4.12
• Python - 2.7.16 → dropped
• Python - 3.8.5 → 3.9.0
• Ruby - 2.7.1 → 2.7.2
• Swift - 5.2.5 → 5.3

Tool:

• CSS
  • stylelint - 13.7.1 → 13.7.2 (changelog)
• C#
  • FxCop - 3.3.0 → 3.3.1 (release note)
• Dockerfile
  • hadolint - 1.18.0 → 1.18.2 (release note)
• Go
  • GolangCI-Lint - 1.31.0 → 1.32.1 (release note)
• Java
  • Checkstyle - 8.36.1 → 8.36.2 (release note)
  • JavaSee - 0.1.3 → 0.2.0 (release note)
  • PMD - 6.27.0 → 6.29.0 (release note)
• JavaScript
  • ESLint - 7.9.0 → 7.12.1 (release note)
• Kotlin
  • detekt - 1.13.1 → 1.14.2 (release note)
• Markdown
  • remark-lint - 8.0.1 → 9.0.0 (release note)
• PHP
  • PHP_CodeSniffer - 3.5.6 → 3.5.8 (release note)
  • PHPMD - 2.9.0 → 2.9.1 (changes)
• Python
  • Flake8 - 3.8.3 → 3.8.4 (release note)
• Ruby
  • Brakeman - 4.9.1 → 4.10.0 (changelog)
  • HAML-Lint - 0.35.0 → 0.36.0 (changes)
  • Reek - 6.0.1 → 6.0.2 (changelog)
  • RuboCop - 0.89.1 → 1.0.0 (changelog)
• Swift
  • SwiftLint - 0.40.2 → 0.40.3 (release note)
• Others
  • LanguageTool - 5.0 → 5.1 (changelog)
  • PMD CPD - 6.27.0 → 6.29.0 (release note)

---

Recommended ruleset for cpplint

October 7, 2020

We will release our recommended ruleset for cpplint in mid October 2020. Prior to the release, the warning message will be shown if the cpplint configuration file CPPLINT.cfg doesn't exist in your repository.

See our cpplint document.

---

Update environments and tools on September 24, 2020

September 24, 2020

We have updated the following environments and tools. Please read each tool's documentation for details.

Highlight:

• The environment variable EXTRA_CERTIFICATE is newly supported. When this variable is specified, the runner imports the certificate on the system. This feature allows you to connect GitHub Enterprise Server running with a self-signed certificate.
• The parallel option of Cppcheck is newly supported. This option allows you to run multiple jobs in parallel by using the -j option of the cppcheck command.
• The path option of SwiftLint is enhanced to support a special format "@path/to/file" (prefixed with @). You can create a file which contains a list of file names to be analyzed and pass it to the analyzer with this option.

Environment:

• Debian - buster-20200803 → buster-20200908
• Go - 1.15.0 → 1.15.2
• Haskell - 8.10.1 → 8.10.2
• PHP - 7.4.9 → 7.4.10

Tool:

• CSS
  • stylelint - 13.6.1 → 13.7.1 (changelog)
• Go
  • GolangCI-Lint - 1.30.0 → 1.31.0 (release note)
• Java
  • Checkstyle - 8.35 → 8.36.1 (release note)
  • PMD - 6.26.0 → 6.27.0 (release note)
• JavaScript
  • ESLint - 7.7.0 → 7.9.0 (release note)
• Kotlin
  • detekt - 1.11.2 → 1.13.1 (release note)
  • ktlint - 0.37.2 → 0.39.0 (changes)
• PHP
  • PHPMD - 2.8.2 → 2.9.0 (changes)
• Python
  • Pylint - 2.5.3 → 2.6.0 (changelog)
• Ruby
  • Brakeman - 4.9.0 → 4.9.1 (changelog)
• Swift
  • SwiftLint - 0.40.0 → 0.40.2 (release note)
• Others
  • Goodcheck - 2.5.1 → 2.5.2 (changelog)
  • PMD CPD - 6.26.0 → 6.27.0 (release note)

---

Update environments and tools on August 21, 2020

August 21, 2020

We have updated the following environments and tools. Please check each tool's document for details.

Environment:

• Debian - buster-20200720 → buster-20200803
• Go - 1.14.6 → 1.15.0
• PHP - 7.4.8 → 7.4.9
• Python - 3.8.2 → 3.8.5
• Swift - 5.2.4 → 5.2.5
• Gradle - 6.5.1 → 6.6
• npm - 6.14.7 → 6.14.8

Tool:

• C/C++
  • cpplint - 1.5.3 → 1.5.4 (changelog)
• C#
  • FxCop - 3.0.0 → 3.3.0 (release note)
• Go
  • GolangCI-Lint - 1.29.0 → 1.30.0 (release note)
• JavaScript
  • ESLint - 7.6.0 → 7.7.0 (release note)
  • JSHint - 2.11.2 → 2.12.0 (changelog)
• Kotlin
  • detekt - 1.10.0 → 1.11.2 (release note)
• PHP
  • PHP_CodeSniffer - 3.5.5 → 3.5.6 (release note)
• Ruby
  • Brakeman - 4.8.2 → 4.9.0 (changelog)
  • RuboCop - 0.88.0 → 0.89.1 (changelog)
• Swift
  • SwiftLint - 0.39.2 → 0.40.0 (release note)

---

Support third-party dependencies with JVM tools

August 4, 2020

We have just supported third-party dependencies for JVM tools in this release! This feature allows you to load third-party rules or plugins via sider.yml. For example:

linter:
  checkstyle:
    jvm_deps:
      # [group, name, version] from Maven repositories
      - [com.github.sevntu-checkstyle, sevntu-checks, 1.37.1]

See the linter.<analyzer_id>.jvm_deps for more details.

Also, with this release, the cli, maven, and gradle under linter.ktlint has been removed. See the ktlint for details.

In addition, this release includes the following updates:

Environment:

• Node.js - 12.18.2 → 12.18.3
• Git - 2.27.0 → 2.28.0

Tool:

• JavaScript
  • ESLint - 7.5.0 → 7.6.0 (changelog)
  • JSHint - 2.11.1 → 2.11.2 (changelog)
• TypeScript
  • TSLint - 6.1.2 → 6.1.3 (changelog)
  • TyScan - 0.3.1 → 0.3.2 (release note)

---

Update languages and tools on July 28, 2020

July 28, 2020

We have updated the following languages and tools. Please check each tool's document for details.

Environment:

• Debian - buster-20200607 → buster-20200720
• Go - 1.14.4 → 1.14.6
• Java - 14.0.1 → 14.0.2
• npm - 6.14.6 → 6.14.7
• PHP - 7.4.7 → 7.4.8

Tool:

• C/C++
  • cpplint - 1.5.2 → 1.5.3 (changelog)
• Go
  • GolangCI-Lint - 1.28.3 → 1.29.0 (release note)
• Java
  • Checkstyle - 8.34 → 8.35 (release note)
  • PMD - 6.25.0 → 6.26.0 (release note)
• JavaScript
  • ESLint - 7.4.0 → 7.5.0 (changelog)
• Markdown
  • remark-lint - 8.0.0 → 8.0.1 (release note)
• Ruby
  • RuboCop - 0.87.1 → 0.88.0 (changelog)
• Others
  • PMD CPD - 6.25.0 → 6.26.0 (release note)

---

Clang-Tidy support and more

July 16, 2020

We are happy to announce that Clang-Tidy is newly supported! 🎉

Clang-Tidy is a part of the Clang toolchain, and it can detect style violations, common bugs, etc. in C/C++ code.

In addition, this release includes the following updates:

Environment:

• Node.js - 12.18.0 → 12.18.2
• Git - 2.20.1 → 2.27.0

Tool:

• C/C++
  • cpplint - 1.5.1 → 1.5.2 (changelog)
• Go
  • GolangCI-Lint - 1.27.0 → 1.28.3 (release note)
• Java
  • Checkstyle - 8.33 → 8.34 (release note)
  • PMD - 6.24.0 → 6.25.0 (release note)
• JavaScript
  • ESLint - 7.2.0 → 7.4.0 (changelog)
• Kotlin
  • detekt - 1.9.1 → 1.10.0 (release note)
• Ruby
  • RuboCop - 0.85.1 → 0.87.1 (changelog)
• Others
  • LanguageTool - 4.9.1 → 5.0 (changelog)
  • PMD CPD - 6.24.0 → 6.25.0 (release note)

Also, some tool options in sider.yml have been added, changed, and deprecated since this release. Please see each tool's documentation for details.

---

Update Rails Best Practices

June 25, 2020

We have updated Rails Best Practices to the latest version! 🚀

The version change is from 1.19.4 to 1.20.0. Here is the changelog.

---

Update languages and tools on June 18, 2020

June 18, 2020

We have updated the following languages and tools. Please each tool's document for details.

Highlight:

• Now the latest version of Brakeman is available! 🎉
• The bug-hunting option of Cppcheck is newly supported.
• Analysis of multiple languages in PMD CPD is newly supported.

Language:

• Go - 1.14.3 → 1.14.4
• Node.js - 12.16.3 → 12.18.0
• PHP - 7.4.6 → 7.4.7
• Swift - 5.2.3 → 5.2.4

Tool:

• C/C++
  • Cppcheck - 2.0 → 2.1 (release note)
  • cpplint - 1.4.5 → 1.5.1 (changelog)
• CSS
  • stylelint - 13.4.1 → 13.6.1 (changelog)
• Dockerfile
  • hadolint - 1.17.6 → 1.18.0 (release note)
• Java
  • Checkstyle - 8.32 → 8.33 (release note)
  • PMD - 6.23.0 → 6.24.0 (release note)
• JavaScript
  • ESLint - 6.8.0 → 7.2.0 (changelog)
• Kotlin
  • ktlint - 0.36.0 → 0.37.2 (changes)
• Python
  • Flake8 - 3.8.1 → 3.8.3 (release note)
  • Pylint - 2.5.2 → 2.5.3 (changelog)
• Ruby
  • Brakeman - 4.3.1 → 4.8.2 (changelog)
  • Reek - 6.0.0 → 6.0.1 (changelog)
  • RuboCop - 0.83.0 → 0.85.1 (changelog)
• Others
  • PMD CPD - 6.23.0 → 6.24.0 (release note)

---

New PMD CPD support

June 8, 2020

We are happy to announce that PMD CPD is newly supported! (yet beta) 🎉

This tool is a "Copy/Paste Detector" to find duplicate code in multiple languages like Java, Ruby, Python, and so on. It is disabled by default, so please enable it in your repository settings if you want to use it.

---

New Pylint support

May 29, 2020

We are happy to announce that Pylint is newly supported! (yet beta) 🎉

This tool can detect programming errors, help to enforce a coding standard, look for code smells, and offer simple refactoring suggestions in Python files, so it will surely help your code-review. It is disabled by default, so if you want to use, then please enable it in your repository settings.

---

Support addon option for Cppcheck

May 25, 2020

We have newly supported the addon option for Cppcheck. The option can provide the additional predefined rules.

Also, Cppcheck has been updated from 1.90 to 2.0. See the changes for details.

---

Update languages and tools on May 20, 2020

May 20, 2020

Language:

• Go - 1.14.2 → 1.14.3
• PHP - 7.4.5 → 7.4.6

Tool:

• CSS
  • stylelint - 13.3.3 → 13.4.1 (changelog)
• Go
  • GolangCI-Lint - 1.26.0 → 1.27.0 (release note)
• JavaScript
  • JSHint - 2.11.0 → 2.11.1 (changes)
• Kotlin
  • detekt - 1.8.0 → 1.9.1 (release note)
• Ruby
  • Querly - 1.0.0 → 1.1.0 (changes)
  • RuboCop - 0.82.0 → 0.83.0 (changelog)
• Python
  • Flake8 - 3.7.9 → 3.8.1 (release note)

If you have any questions or feedback, feel free to ask us via chat.

---

Create sider.yml when a repository is added

May 14, 2020

We have just released a new feature to automatically creates sider.yml via a pull request! 🎉

1. When you try adding your repository newly, you can see the following new checkbox:

   

2. When you check it and click the "Start..." button, the following pull request is created into the added repository:

   

You can enjoy the new feature if you accept new GitHub permission¹ that is requested.

If you have any questions or feedback, feel free to ask us via chat.

¹ If you do not want to use the feature, please ignore the permission request.

---

New LanguageTool support and more

May 14, 2020

We are happy to announce that LanguageTool is newly supported! 🎉

This tool is for natural languages like English or French, and it can detect typos or grammar mistakes and so on. We recommend using it for documents like Markdown. Try it!

FxCop improvements

Since this release, FxCop has provided a static code analysis without a build, which makes it easier to analyze your C# code. Try it!

Recommended migration to GolangCI-Lint

As announced earlier, Golint, Govet, and Go Meta Linter will be stopped at the end of this month. Most repositories using the 3 tools above can easily migrate to GolangCI-Lint now. We strongly recommend the migration as soon as possible.

Languages and tools update on May 14, 2020

Also, this release updates the following languages and tools.

Language:

• Go - 1.14.1 → 1.14.2
• Java - 12.0.2 → 14.0.1
• Node.js - 12.16.1 → 12.16.3
• PHP - 7.4.4 → 7.4.5
• Python - 3.7.4 → 3.8.2
• Ruby - 2.6.6 → 2.7.1
• Swift - 5.1.5 → 5.2.3

Tool:

• C#
  • FxCop - 2.9.8 → 3.0.0 (release note)
• CSS
  • stylelint - 13.2.0 → 13.3.3 (changelog)
• Dockerfile
  • hadolint - 1.17.5 → 1.17.6 (release note)
• Go
  • GolangCI-Lint - 1.24.0 → 1.26.0 (release note: 1.25.0, 1.26.0)
• Java
  • Checkstyle - 8.30 → 8.32 (release note)
  • PMD - 6.21.0 → 6.23.0 (release note: 6.22.0, 6.23.0)
• Kotlin
  • detekt - 1.7.0 → 1.8.0 (release note)
• Markdown
  • remark-lint - 7.0.1 → 8.0.0 (release note)
• PHP
  • PHP_CodeSniffer - 3.5.4 → 3.5.5 (release note)
• Ruby
  • Reek - 5.6.0 → 6.0.0 (changelog)
  • RuboCop - 0.80.1 → 0.82.0 (changelog)
• Shell script
  • ShellCheck - 0.7.0 → 0.7.1 (release note)
• Swift
  • SwiftLint - 0.39.1 → 0.39.2 (release note)
• TypeScript
  • TSLint - 6.0.0 → 6.1.2 (changelog)
• Others
  • Goodcheck - 2.5.0 → 2.5.1 (changelog)

If you have any questions or feedback, feel free to ask us via chat.

---

New remark-lint support and more

March 25, 2020

We are happy to announce that remark-lint is newly supported! 🎉

This tool can detect possible mistakes in Markdown files, so it will surely help your code-review. It is disabled by default, so if you want to use, then please enable it in your repository settings.

New Reek options

In this release, we have added the target and config options for Reek.

Languages and tools update on March 25, 2020

Also, the following languages and tools have been updated:

Language:

• Go - 1.14.0 → 1.14.1
• PHP - 7.4.3 → 7.4.4
• Swift - 5.1.4 → 5.1.5

Tool:

• C/C++
  • cpplint - 1.4.4 → 1.4.5 (changes)
• Dockerfile
  • hadolint - 1.17.4 → 1.17.5 (changes)
• Go
  • GolangCI-Lint - 1.23.6 → 1.24.0 (changes)
• Kotlin
  • detekt - 1.6.0 → 1.7.0 (changes)

If you have any questions or feedback, please contact us via chat.

---

Newly support for GolangCI-Lint, detekt, and FxCop

March 5, 2020

We are happy to announce the big news! The following tools are newly supported (yet beta): 🎉

• GolangCI-Lint (for Go)
• detekt (for Kotlin)
• FxCop (for C#)

The tools above are disabled by default. If you want to try, please enable them on your repository settings.

Deprecated Go tools

This newly GolangCI-Lint support makes the following other Go tools deprecated:

• go vet (included in GolangCI-Lint)
• Golint (included in GolangCI-Lint)
• Go Meta Linter (the successor is GolangCI-Lint)

The deadline is scheduled for April 30, 2020. Please consider the migration as soon as possible.

Deprecated TSLint

The TSLint team has marked TSLint deprecated on the version 6.0.0 and decided to stop the activity on Dec 2020 (see the discussion for details).

So, we also have marked our TSLint support deprecated. We will continue to support it for a while, but we strongly recommend the migration to TypeScript ESLint.

More strict sider.yml

This release has made it more strict the schema checking of sider.yml. For example:

# Before; it is ignored and an analysis passes. 🙆
rubocop:
  # some options...

# After; it is forbidden and an analysis fails! 🙅
linter:
  rubocop:
    # some options...

If you notice an error due to your invalid sider.yml, please confirm the error message and fix it. We could help you via our chat support if you would be hard to fix.

Languages and tools update on March 2020

We have updated the following languages and tools as usual.

Language:

• Node.js - 12.14.1 → 12.16.1
• Go - 1.13.7 → 1.14.0
• PHP - 7.4.2 → 7.4.3

Tool:

• Ruby
  • RuboCop - 0.80.0 → 0.80.1 (changes)
  • HAML-Lint - 0.34.2 → 0.35.0 (changes)
• Java
  • Checkstyle - 8.29 → 8.30 (changes)
• PHP
  • PHPMD - 2.8.1 → 2.8.2 (changes)
• CSS
  • stylelint - 13.0.0 → 13.2.0 (changes)
• Swift
  • SwiftLint - 0.38.2 → 0.39.1 (changes)
• Others
  • Goodcheck - 2.4.5 → 2.5.0 (changes)
    • The feature to disable with inline comments is supported! See the document for details.

---

Update the default version of RuboCop to 0.80.0

February 19, 2020

Yesterday, RuboCop 0.80.0 has been released! This release includes some breaking changes, so today we have updated our default version of RuboCop.

This does not affect repositories that use their own version of RuboCop defined in Gemfile.lock or sider.yml.

See also our RuboCop document.

---

Update languages and tools on Feb 13, 2020

February 13, 2020

We have updated the following languages and tools.

Language:

• Node.js - 12.14.0 → 12.14.1
• Go - 1.13.5 → 1.13.7
• PHP - 7.4.1 → 7.4.2
• Swift - 5.1.3 → 5.1.4

Tool:

• Ruby
  • RuboCop
    • Support plugins maintained by rubocop-hq by default (sider/runners#682)
    • Drop the 0.60.0 and older versions of RuboCop (sider/runners#131)
  • Reek - 5.5.0 → 5.6.0 (changes)
  • HAML-Lint - 0.34.0 → 0.34.2 (changes)
• Swift
  • SwiftLint - 0.38.0 → 0.38.2 (changes)
• Java
  • Checkstyle - 8.28 → 8.29 (changes)
  • PMD - 6.20.0 → 6.21.0 (changes)
• TypeScript
  • TSLint - 5.20.1 → 6.0.0
• JavaScript
  • JSHint - 2.10.3 → 2.11.0 (changes)
  • ESLint
    • Drop the 4.19.1 and older versions of ESLint (sider/runners#715)
• CSS
  • stylelint - 12.0.1 → 13.0.0 (changes)

---

Beta support for Dockerfile

January 23, 2020

Sider has started to support Dockerfile with hadolint. If you are interested in the tool, please enable it in your repository settings.

---

Update languages and tools on Jan 8, 2020

January 8, 2020

We have updated the following languages and tools.

Language:

• Java - 12.0.1 → 12.0.2
• Swift - 5.1.2 → 5.1.3
• PHP - 7.4.0 → 7.4.1
• Node.js - 12.13.1 → 12.14.0

Tool:

• C/C++
  • Cppcheck - 1.89 → 1.90 (changes)
• Java
  • Checkstyle - 8.27 → 8.28 (changes)
• Kotlin
  • ktlint - 0.35.0 → 0.36.0 (changes)
• JavaScript
  • ESLint - 6.7.2 → 6.8.0 (changes)
• CSS
  • stylelint - 12.0.0 → 12.0.1 (changes)
• PHP
  • PHPMD - 2.7.0 → 2.8.1
    • 2.8.1
    • 2.8.0
  • PHP_CodeSniffer - 3.5.2 → 3.5.3 (changes)
• Ruby
  • RuboCop - 0.78.0 → 0.79.0 (changes)