News in 2020
This document describes notable changes on Sider in the year 2020.
Update environments and tools on December 15, 2020
We have updated the following environments and tools. Please read each tool's documentation for details.
Environment:
- Debian - buster-20201012 → buster-20201209
- Go - 1.15.3 → 1.15.6
- Gradle - 6.7 → 6.7.1
- Java - 14.0.2 → 15.0.1
- Node.js - 12.19.0 → 12.20.0
- npm - 6.14.8 → 6.14.9
- Pipenv - 2020.8.13 → 2020.11.15
- Python - 3.9.0 → 3.9.1
Tool:
- C/C++
- Cppcheck - 2.2 → 2.3 (release note)
- CSS
- Dockerfile
- hadolint - 1.18.2 → 1.19.0 (release note)
- Go
- GolangCI-Lint - 1.32.1 → 1.33.0 (release note)
- Java
- Checkstyle - 8.36.2 → 8.38 (release note)
- PMD - 6.29.0 → 6.30.0 (release note)
- JavaScript
- CoffeeLint - 1.16.0 → 4.1.2 (release note)
- ESLint - 7.12.1 → 7.15.0 (release note)
- Ruby
- Swift
- SwiftLint - 0.40.3 → 0.41.0 (release note)
- Others
- Goodcheck - 2.5.2 → 2.7.0 (changelog)
- PMD CPD - 6.29.0 → 6.30.0 (release note)
Analyzing branches
We're so happy to announce a new feature: analyzing branches. 🙌
Now you can analyze any branches even if there are not related to any pull request.
For example, this feature should be useful in the following cases, compared to the existing pull request analysis:
- when you want to know how many current issues on the main branch of your repository (especially, bugs or vulnerabilities)
- when you want to find issues of a new security rule that you added recently
- when you want to fix issues that you have temporarily closed in a pull request
- and so on...
Let's check out the document and try it!
Python 2 EOL and environments/tools update
In this release, we finally have dropped Python 2 support as announced earlier. If you have not migrated yet, please update your sider.yml
. (see also Flake8)
Also, we now have enabled our recommended ruleset for cpplint as announced earlier.
And, this release includes the update of the following environments and tools. Please check out each document for details.
Other highlight:
- HAML-Lint supports a new option:
parallel
Environment:
- Debian - buster-20200908 → buster-20201012
- Go - 1.15.2 → 1.15.3
- Gradle - 6.6 → 6.7
- Node.js - 12.18.3 → 12.19.0
- PHP - 7.4.10 → 7.4.12
- Python - 2.7.16 → dropped
- Python - 3.8.5 → 3.9.0
- Ruby - 2.7.1 → 2.7.2
- Swift - 5.2.5 → 5.3
Tool:
- CSS
- C#
- FxCop - 3.3.0 → 3.3.1 (release note)
- Dockerfile
- hadolint - 1.18.0 → 1.18.2 (release note)
- Go
- GolangCI-Lint - 1.31.0 → 1.32.1 (release note)
- Java
- Checkstyle - 8.36.1 → 8.36.2 (release note)
- JavaSee - 0.1.3 → 0.2.0 (release note)
- PMD - 6.27.0 → 6.29.0 (release note)
- JavaScript
- ESLint - 7.9.0 → 7.12.1 (release note)
- Kotlin
- detekt - 1.13.1 → 1.14.2 (release note)
- Markdown
- remark-lint - 8.0.1 → 9.0.0 (release note)
- PHP
- PHP_CodeSniffer - 3.5.6 → 3.5.8 (release note)
- PHPMD - 2.9.0 → 2.9.1 (changes)
- Python
- Flake8 - 3.8.3 → 3.8.4 (release note)
- Ruby
- Swift
- SwiftLint - 0.40.2 → 0.40.3 (release note)
- Others
- LanguageTool - 5.0 → 5.1 (changelog)
- PMD CPD - 6.27.0 → 6.29.0 (release note)
Recommended ruleset for cpplint
We will release our recommended ruleset for cpplint in mid October 2020. Prior to the release, the warning message will be shown if the cpplint configuration file CPPLINT.cfg
doesn't exist in your repository.
See our cpplint document.
Update environments and tools on September 24, 2020
We have updated the following environments and tools. Please read each tool's documentation for details.
Highlight:
- The environment variable
EXTRA_CERTIFICATE
is newly supported. When this variable is specified, the runner imports the certificate on the system. This feature allows you to connect GitHub Enterprise Server running with a self-signed certificate. - The
parallel
option of Cppcheck is newly supported. This option allows you to run multiple jobs in parallel by using the-j
option of thecppcheck
command. - The
path
option of SwiftLint is enhanced to support a special format"@path/to/file"
(prefixed with@
). You can create a file which contains a list of file names to be analyzed and pass it to the analyzer with this option.
Environment:
- Debian - buster-20200803 → buster-20200908
- Go - 1.15.0 → 1.15.2
- Haskell - 8.10.1 → 8.10.2
- PHP - 7.4.9 → 7.4.10
Tool:
- CSS
- Go
- GolangCI-Lint - 1.30.0 → 1.31.0 (release note)
- Java
- Checkstyle - 8.35 → 8.36.1 (release note)
- PMD - 6.26.0 → 6.27.0 (release note)
- JavaScript
- ESLint - 7.7.0 → 7.9.0 (release note)
- Kotlin
- detekt - 1.11.2 → 1.13.1 (release note)
- ktlint - 0.37.2 → 0.39.0 (changes)
- PHP
- Python
- Ruby
- Swift
- SwiftLint - 0.40.0 → 0.40.2 (release note)
- Others
- Goodcheck - 2.5.1 → 2.5.2 (changelog)
- PMD CPD - 6.26.0 → 6.27.0 (release note)
Update environments and tools on August 21, 2020
We have updated the following environments and tools. Please check each tool's document for details.
Environment:
- Debian - buster-20200720 → buster-20200803
- Go - 1.14.6 → 1.15.0
- PHP - 7.4.8 → 7.4.9
- Python - 3.8.2 → 3.8.5
- Swift - 5.2.4 → 5.2.5
- Gradle - 6.5.1 → 6.6
- npm - 6.14.7 → 6.14.8
Tool:
- C/C++
- C#
- FxCop - 3.0.0 → 3.3.0 (release note)
- Go
- GolangCI-Lint - 1.29.0 → 1.30.0 (release note)
- JavaScript
- ESLint - 7.6.0 → 7.7.0 (release note)
- JSHint - 2.11.2 → 2.12.0 (changelog)
- Kotlin
- detekt - 1.10.0 → 1.11.2 (release note)
- PHP
- PHP_CodeSniffer - 3.5.5 → 3.5.6 (release note)
- Ruby
- Swift
- SwiftLint - 0.39.2 → 0.40.0 (release note)
Support third-party dependencies with JVM tools
We have just supported third-party dependencies for JVM tools in this release!
This feature allows you to load third-party rules or plugins via sider.yml
. For example:
linter:
checkstyle:
jvm_deps:
# [group, name, version] from Maven repositories
- [com.github.sevntu-checkstyle, sevntu-checks, 1.37.1]
See the linter.<analyzer_id>.jvm_deps
for more details.
Also, with this release, the cli
, maven
, and gradle
under linter.ktlint
has been removed.
See the ktlint for details.
In addition, this release includes the following updates:
Environment:
- Node.js - 12.18.2 → 12.18.3
- Git - 2.27.0 → 2.28.0
Tool:
- JavaScript
- TypeScript
- TSLint - 6.1.2 → 6.1.3 (changelog)
- TyScan - 0.3.1 → 0.3.2 (release note)
Update languages and tools on July 28, 2020
We have updated the following languages and tools. Please check each tool's document for details.
Environment:
- Debian - buster-20200607 → buster-20200720
- Go - 1.14.4 → 1.14.6
- Java - 14.0.1 → 14.0.2
- npm - 6.14.6 → 6.14.7
- PHP - 7.4.7 → 7.4.8
Tool:
- C/C++
- Go
- GolangCI-Lint - 1.28.3 → 1.29.0 (release note)
- Java
- Checkstyle - 8.34 → 8.35 (release note)
- PMD - 6.25.0 → 6.26.0 (release note)
- JavaScript
- Markdown
- remark-lint - 8.0.0 → 8.0.1 (release note)
- Ruby
- Others
- PMD CPD - 6.25.0 → 6.26.0 (release note)
Clang-Tidy support and more
We are happy to announce that Clang-Tidy is newly supported! 🎉
Clang-Tidy is a part of the Clang toolchain, and it can detect style violations, common bugs, etc. in C/C++ code.
In addition, this release includes the following updates:
Environment:
- Node.js - 12.18.0 → 12.18.2
- Git - 2.20.1 → 2.27.0
Tool:
- C/C++
- Go
- GolangCI-Lint - 1.27.0 → 1.28.3 (release note)
- Java
- Checkstyle - 8.33 → 8.34 (release note)
- PMD - 6.24.0 → 6.25.0 (release note)
- JavaScript
- Kotlin
- detekt - 1.9.1 → 1.10.0 (release note)
- Ruby
- Others
- LanguageTool - 4.9.1 → 5.0 (changelog)
- PMD CPD - 6.24.0 → 6.25.0 (release note)
Also, some tool options in sider.yml
have been added, changed, and deprecated since this release.
Please see each tool's documentation for details.
Update Rails Best Practices
We have updated Rails Best Practices to the latest version! 🚀
The version change is from 1.19.4 to 1.20.0. Here is the changelog.
Update languages and tools on June 18, 2020
We have updated the following languages and tools. Please each tool's document for details.
Highlight:
- Now the latest version of Brakeman is available! 🎉
- The
bug-hunting
option of Cppcheck is newly supported. - Analysis of multiple languages in PMD CPD is newly supported.
Language:
- Go - 1.14.3 → 1.14.4
- Node.js - 12.16.3 → 12.18.0
- PHP - 7.4.6 → 7.4.7
- Swift - 5.2.3 → 5.2.4
Tool:
- C/C++
- Cppcheck - 2.0 → 2.1 (release note)
- cpplint - 1.4.5 → 1.5.1 (changelog)
- CSS
- Dockerfile
- hadolint - 1.17.6 → 1.18.0 (release note)
- Java
- Checkstyle - 8.32 → 8.33 (release note)
- PMD - 6.23.0 → 6.24.0 (release note)
- JavaScript
- Kotlin
- Python
- Flake8 - 3.8.1 → 3.8.3 (release note)
- Pylint - 2.5.2 → 2.5.3 (changelog)
- Ruby
- Others
- PMD CPD - 6.23.0 → 6.24.0 (release note)
New PMD CPD support
We are happy to announce that PMD CPD is newly supported! (yet beta) 🎉
This tool is a "Copy/Paste Detector" to find duplicate code in multiple languages like Java, Ruby, Python, and so on. It is disabled by default, so please enable it in your repository settings if you want to use it.
New Pylint support
We are happy to announce that Pylint is newly supported! (yet beta) 🎉
This tool can detect programming errors, help to enforce a coding standard, look for code smells, and offer simple refactoring suggestions in Python files, so it will surely help your code-review. It is disabled by default, so if you want to use, then please enable it in your repository settings.
addon
option for Cppcheck
Support We have newly supported the addon
option for Cppcheck.
The option can provide the additional predefined rules.
Also, Cppcheck has been updated from 1.90 to 2.0. See the changes for details.
Update languages and tools on May 20, 2020
Language:
- Go - 1.14.2 → 1.14.3
- PHP - 7.4.5 → 7.4.6
Tool:
- CSS
- Go
- GolangCI-Lint - 1.26.0 → 1.27.0 (release note)
- JavaScript
- Kotlin
- detekt - 1.8.0 → 1.9.1 (release note)
- Ruby
- Python
- Flake8 - 3.7.9 → 3.8.1 (release note)
If you have any questions or feedback, feel free to ask us via chat.
sider.yml
when a repository is added
Create We have just released a new feature to automatically creates sider.yml
via a pull request! 🎉
When you try adding your repository newly, you can see the following new checkbox:
When you check it and click the "Start..." button, the following pull request is created into the added repository:
You can enjoy the new feature if you accept new GitHub permission¹ that is requested.
If you have any questions or feedback, feel free to ask us via chat.
¹ If you do not want to use the feature, please ignore the permission request.
New LanguageTool support and more
We are happy to announce that LanguageTool is newly supported! 🎉
This tool is for natural languages like English or French, and it can detect typos or grammar mistakes and so on. We recommend using it for documents like Markdown. Try it!
FxCop improvements
Since this release, FxCop has provided a static code analysis without a build, which makes it easier to analyze your C# code. Try it!
Recommended migration to GolangCI-Lint
As announced earlier, Golint, Govet, and Go Meta Linter will be stopped at the end of this month. Most repositories using the 3 tools above can easily migrate to GolangCI-Lint now. We strongly recommend the migration as soon as possible.
Languages and tools update on May 14, 2020
Also, this release updates the following languages and tools.
Language:
- Go - 1.14.1 → 1.14.2
- Java - 12.0.2 → 14.0.1
- Node.js - 12.16.1 → 12.16.3
- PHP - 7.4.4 → 7.4.5
- Python - 3.7.4 → 3.8.2
- Ruby - 2.6.6 → 2.7.1
- Swift - 5.1.5 → 5.2.3
Tool:
- C#
- FxCop - 2.9.8 → 3.0.0 (release note)
- CSS
- Dockerfile
- hadolint - 1.17.5 → 1.17.6 (release note)
- Go
- GolangCI-Lint - 1.24.0 → 1.26.0 (release note: 1.25.0, 1.26.0)
- Java
- Checkstyle - 8.30 → 8.32 (release note)
- PMD - 6.21.0 → 6.23.0 (release note: 6.22.0, 6.23.0)
- Kotlin
- detekt - 1.7.0 → 1.8.0 (release note)
- Markdown
- remark-lint - 7.0.1 → 8.0.0 (release note)
- PHP
- PHP_CodeSniffer - 3.5.4 → 3.5.5 (release note)
- Ruby
- Shell script
- ShellCheck - 0.7.0 → 0.7.1 (release note)
- Swift
- SwiftLint - 0.39.1 → 0.39.2 (release note)
- TypeScript
- Others
If you have any questions or feedback, feel free to ask us via chat.
New remark-lint support and more
We are happy to announce that remark-lint is newly supported! 🎉
This tool can detect possible mistakes in Markdown files, so it will surely help your code-review. It is disabled by default, so if you want to use, then please enable it in your repository settings.
New Reek options
In this release, we have added the target
and config
options for Reek.
Languages and tools update on March 25, 2020
Also, the following languages and tools have been updated:
Language:
- Go - 1.14.0 → 1.14.1
- PHP - 7.4.3 → 7.4.4
- Swift - 5.1.4 → 5.1.5
Tool:
- C/C++
- Dockerfile
- Go
- GolangCI-Lint - 1.23.6 → 1.24.0 (changes)
- Kotlin
If you have any questions or feedback, please contact us via chat.
Newly support for GolangCI-Lint, detekt, and FxCop
We are happy to announce the big news! The following tools are newly supported (yet beta): 🎉
- GolangCI-Lint (for Go)
- detekt (for Kotlin)
- FxCop (for C#)
The tools above are disabled by default. If you want to try, please enable them on your repository settings.
Deprecated Go tools
This newly GolangCI-Lint support makes the following other Go tools deprecated:
- go vet (included in GolangCI-Lint)
- Golint (included in GolangCI-Lint)
- Go Meta Linter (the successor is GolangCI-Lint)
The deadline is scheduled for April 30, 2020. Please consider the migration as soon as possible.
Deprecated TSLint
The TSLint team has marked TSLint deprecated on the version 6.0.0 and decided to stop the activity on Dec 2020 (see the discussion for details).
So, we also have marked our TSLint support deprecated. We will continue to support it for a while, but we strongly recommend the migration to TypeScript ESLint.
sider.yml
More strict This release has made it more strict the schema checking of sider.yml
.
For example:
# Before; it is ignored and an analysis passes. 🙆
rubocop:
# some options...
# After; it is forbidden and an analysis fails! 🙅
linter:
rubocop:
# some options...
If you notice an error due to your invalid sider.yml
, please confirm the error message and fix it.
We could help you via our chat support if you would be hard to fix.
Languages and tools update on March 2020
We have updated the following languages and tools as usual.
Language:
- Node.js - 12.14.1 → 12.16.1
- Go - 1.13.7 → 1.14.0
- PHP - 7.4.2 → 7.4.3
Tool:
- Ruby
- Java
- Checkstyle - 8.29 → 8.30 (changes)
- PHP
- CSS
- Swift
- Others
Update the default version of RuboCop to 0.80.0
Yesterday, RuboCop 0.80.0 has been released! This release includes some breaking changes, so today we have updated our default version of RuboCop.
This does not affect repositories that use their own version of RuboCop defined in Gemfile.lock
or sider.yml
.
See also our RuboCop document.
Update languages and tools on Feb 13, 2020
We have updated the following languages and tools.
Language:
- Node.js - 12.14.0 → 12.14.1
- Go - 1.13.5 → 1.13.7
- PHP - 7.4.1 → 7.4.2
- Swift - 5.1.3 → 5.1.4
Tool:
- Ruby
- RuboCop
- Support plugins maintained by rubocop-hq by default (sider/runners#682)
- Drop the 0.60.0 and older versions of RuboCop (sider/runners#131)
- Reek - 5.5.0 → 5.6.0 (changes)
- HAML-Lint - 0.34.0 → 0.34.2 (changes)
- RuboCop
- Swift
- Java
- Checkstyle - 8.28 → 8.29 (changes)
- PMD - 6.20.0 → 6.21.0 (changes)
- TypeScript
- TSLint - 5.20.1 → 6.0.0
- JavaScript
- JSHint - 2.10.3 → 2.11.0 (changes)
- ESLint
- Drop the 4.19.1 and older versions of ESLint (sider/runners#715)
- CSS
Beta support for Dockerfile
Sider has started to support Dockerfile with hadolint. If you are interested in the tool, please enable it in your repository settings.
Update languages and tools on Jan 8, 2020
We have updated the following languages and tools.
Language:
- Java - 12.0.1 → 12.0.2
- Swift - 5.1.2 → 5.1.3
- PHP - 7.4.0 → 7.4.1
- Node.js - 12.13.1 → 12.14.0
Tool:
- C/C++
- Java
- Checkstyle - 8.27 → 8.28 (changes)
- Kotlin
- JavaScript
- CSS
- PHP
- PHPMD - 2.7.0 → 2.8.1
- PHP_CodeSniffer - 3.5.2 → 3.5.3 (changes)
- Ruby