Spotbugs: End of Support for Scala
Context
Since the migration of Spotbugs-based analyzer rules to Semgrep-based analyzer is complete for Scala (released in v4.2.0
), we monitor Semgrep-based analyzer's efficacy of the scan in comparison with Spotbugs-based analyzer. We accomplish it by running Semgrep-based analyzer alongside Spotbugs-based analyzer for Scala files. However, due to its nature of breaking change, Spotbugs-based analyzer's end of support for Scala will be done in %17.0 from the stable SAST CI template whereas in %16.1 from the latest SAST CI template. Customers who would want to run only Semgrep-based analyzer for Scala files can disable the Spotbugs-based analyzer(spotbugs-sast
) via SAST_EXCLUDED_ANALYZERS
CI variable in the stable SAST CI template.
This issue intends to track Spotbugs-based analyzer's End Of Support for Scala with the following checklist
Target | Milestone | Status |
---|---|---|
SAST CI template - Latest | %16.1 | %17.1 (MR) |
SAST CI template - Stable | %17.0 | %17.1 (MR) |