Skip to content

Update Sonar dependencies (major)#5604

Open
renovate[bot] wants to merge 1 commit intomasterfrom
renovate/major-sonar-dependencies
Open

Update Sonar dependencies (major)#5604
renovate[bot] wants to merge 1 commit intomasterfrom
renovate/major-sonar-dependencies

Conversation

@renovate
Copy link
Copy Markdown
Contributor

@renovate renovate Bot commented May 6, 2026

This PR contains the following updates:

Package Change Age Confidence
org.sonarsource.sonarlint.core:sonarlint-core (source) 10.13.0.7999611.2.2.85453 age confidence
org.sonarsource.sonarlint.core:sonarlint-plugin-api (source) 10.13.0.7999611.2.2.85453 age confidence
org.sonarsource.sonarqube:sonar-testing-harness (source) 25.1.0.10212226.4.0.121862 age confidence
org.sonarsource.sonarqube:sonar-plugin-api-impl (source) 25.1.0.10212226.4.0.121862 age confidence
org.sonarsource.sonarqube:sonar-ws (source) 25.1.0.10212226.4.0.121862 age confidence

Release Notes

SonarSource/sonarqube (org.sonarsource.sonarqube:sonar-testing-harness)

v26.4.0.121862

Compare Source

To be filled out later

v26.3.0.120487

Compare Source

v26.2.0.119303

See details in the community announcement, and more in the release notes.

v26.1.0.118079

Compare Source

See details in the community announcement, and more in the release notes.

v25.12.0.117093

See details in the community announcement, and more in the release notes.

v25.11.0.114957

Compare Source

See details in the community announcement, and more in the release notes.

v25.10.0.114319

Compare Source

See details in the community announcement, and more in the release notes.

v25.9.0.112764

Compare Source

See details in the community announcement, and more in the release notes.

v25.8.0.112029

Compare Source

See details in the community announcement, and more in the release notes.

v25.7.0.110598

Compare Source

See details in the community announcement, and more in the release notes.

v25.6.0.109173

Compare Source

See details in the community announcement, and more in the release notes.

v25.5.0.107428

Compare Source

See details in the community announcement, and more in the release notes.

v25.4.0.105899

Compare Source

See details in the community announcement, and more in the release notes.

v25.3.0.104237

Compare Source

See details in the community announcement, and more in the release notes.

v25.2.0.102705

Compare Source

See details in the community announcement, and more in the release notes.

Configuration

📅 Schedule: (in timezone Europe/Berlin)

  • Branch creation
    • "before 6am on Monday"
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Never, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate Bot added the dependencies Pull requests that update a dependency file label May 6, 2026
@renovate renovate Bot requested a review from a team May 6, 2026 08:55
@hashicorp-vault-sonar-prod
Copy link
Copy Markdown
Contributor

hashicorp-vault-sonar-prod Bot commented May 6, 2026
edited by atlassian Bot
Loading

Renovate Jira issue ID: SONARJAVA-6354

@sonar-review-alpha
Copy link
Copy Markdown
Contributor

sonar-review-alpha Bot commented May 6, 2026
edited
Loading

Summary

⚠️ The PR description exceeded the analysis limit and was truncated. The review may not reflect all context.

This PR bumps two major dependency versions in pom.xml:

  • SonarQube (sonar.version): 25.1.0.102122 → 26.4.0.121862 (major version 25→26)
  • SonarLint (sonarlint.plugin.api.version): 10.13.0.79996 → 11.2.2.85453 (major version 10→11)

These are parent/plugin API dependencies that cascade to update 5 transitive dependencies (sonarlint-core, sonarlint-plugin-api, sonar-testing-harness, sonar-plugin-api-impl, sonar-ws). The code change is minimal—only two version properties in pom.xml—but the impact is significant due to major version jumps that likely include breaking changes.

What reviewers should know

Before approving, reviewers should:

  1. Check for breaking changes — Both are major version upgrades. Scan the SonarQube 26.x and SonarLint 11.x release notes (linked in the PR description) for API changes or deprecations that could affect this plugin.

  2. Verify test results — This repo likely has CI checks running tests against the new versions. Ensure all tests pass, particularly integration tests and plugin compatibility checks.

  3. Plugin API compatibility — Note that sonar.plugin.api.version remains at 13.0.0.3026 (unchanged). Confirm this is compatible with SonarQube 26.4.0 by checking the SonarQube compatibility matrix or release notes.

  4. Minimal code footprint — The actual code changes are limited to version properties, so incompatibilities will surface through build/test failures rather than subtle bugs. If CI passes, the update is likely safe.

  • Generate Walkthrough
  • Generate Diagram

🗣️ Give feedback

sonar-review-alpha[bot]
sonar-review-alpha Bot reviewed May 6, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@sonar-review-alpha sonar-review-alpha Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! ✅

Clean, minimal bump. The two changed version properties cascade correctly to all five dependent artifacts referenced in dependencyManagement, and no module overrides the versions locally. All IT submodules consume the versions via property references, so nothing was left behind at the old values.

🗣️ Give feedback

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sonar-review-alpha sonar-review-alpha[bot] sonar-review-alpha[bot] left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants