Skip to content

Update Sonar dependencies#5600

Open
renovate[bot] wants to merge 1 commit intomasterfrom
renovate/sonar-dependencies
Open

Update Sonar dependencies#5600
renovate[bot] wants to merge 1 commit intomasterfrom
renovate/sonar-dependencies

Conversation

@renovate
Copy link
Copy Markdown
Contributor

@renovate renovate Bot commented May 6, 2026

This PR contains the following updates:

Package Change Age Confidence
org.sonarsource.sonarlint.core:sonarlint-core (source) 10.13.0.7999610.47.0.84936 age confidence
org.sonarsource.sonarlint.core:sonarlint-plugin-api (source) 10.13.0.7999610.47.0.84936 age confidence
org.sonarsource.sonarqube:sonar-testing-harness (source) 25.1.0.10212225.12.0.117093 age confidence
org.sonarsource.sonarqube:sonar-plugin-api-impl (source) 25.1.0.10212225.12.0.117093 age confidence
org.sonarsource.sonarqube:sonar-ws (source) 25.1.0.10212225.12.0.117093 age confidence

Release Notes

SonarSource/sonarqube (org.sonarsource.sonarqube:sonar-testing-harness)

v25.12.0.117093

See details in the community announcement, and more in the release notes.

v25.11.0.114957

Compare Source

See details in the community announcement, and more in the release notes.

v25.10.0.114319

Compare Source

See details in the community announcement, and more in the release notes.

v25.9.0.112764

Compare Source

See details in the community announcement, and more in the release notes.

v25.8.0.112029

Compare Source

See details in the community announcement, and more in the release notes.

v25.7.0.110598

Compare Source

See details in the community announcement, and more in the release notes.

v25.6.0.109173

Compare Source

See details in the community announcement, and more in the release notes.

v25.5.0.107428

Compare Source

See details in the community announcement, and more in the release notes.

v25.4.0.105899

Compare Source

See details in the community announcement, and more in the release notes.

v25.3.0.104237

Compare Source

See details in the community announcement, and more in the release notes.

v25.2.0.102705

Compare Source

See details in the community announcement, and more in the release notes.

Configuration

📅 Schedule: (in timezone Europe/Berlin)

  • Branch creation
    • "before 6am on Monday"
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Never, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate Bot added the dependencies Pull requests that update a dependency file label May 6, 2026
@renovate renovate Bot requested a review from a team May 6, 2026 08:54
@hashicorp-vault-sonar-prod
Copy link
Copy Markdown
Contributor

hashicorp-vault-sonar-prod Bot commented May 6, 2026
edited by atlassian Bot
Loading

Renovate Jira issue ID: SONARJAVA-6351

@sonar-review-alpha
Copy link
Copy Markdown
Contributor

sonar-review-alpha Bot commented May 6, 2026
edited
Loading

Summary

⚠️ The PR description exceeded the analysis limit and was truncated. The review may not reflect all context.

This is a routine Renovate bot PR that updates two dependency version properties in pom.xml:

  • SonarQube (sonar.version): 25.1.0.102122 → 25.12.0.117093 — a significant minor version jump covering 11 releases
  • SonarLint plugin API (sonarlint.plugin.api.version): 10.13.0.79996 → 10.47.0.84936 — a major jump spanning 34 minor versions

These properties drive the versions of multiple transitive dependencies (sonarlint-core, sonar-testing-harness, sonar-plugin-api-impl, sonar-ws). No code changes are included; all updates are configuration-only.

What reviewers should know

Where to focus:

  • The author's description includes comprehensive release notes and confidence badges from Renovate — review those for any breaking changes or deprecations that might affect this codebase
  • Watch the CI build closely; if these dependency versions introduce incompatibilities, they'll typically surface in compilation or test execution
  • Pay special attention to API surface changes in SonarLint and SonarQube, especially around the plugin API which this project likely depends on heavily

What to expect:

  • This is a Renovate automated PR with high confidence ratings across the updates, suggesting the versions are stable and well-tested
  • No manual code changes needed — the version bumps are verified purely through build and test execution
  • Generate Walkthrough
  • Generate Diagram

🗣️ Give feedback

sonar-review-alpha[bot]
sonar-review-alpha Bot reviewed May 6, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@sonar-review-alpha sonar-review-alpha Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! ✅

Clean, minimal dependency update. The two changed properties (sonar.version, sonarlint.plugin.api.version) are referenced consistently across all submodule and IT pom files via property substitution — no hardcoded versions were missed. The sonar.plugin.api.version (13.0.0.3026) is intentionally kept on a separate cadence, as the comment above it documents, so leaving it unchanged here is correct.

🗣️ Give feedback

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sonar-review-alpha sonar-review-alpha[bot] sonar-review-alpha[bot] left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants