Roadmap
Changelog
More webhook events, 25+ new issues, and a cyborg duck
new
New webhook events
We've added three new events that you can subscribe to when you create a new webhook:
  • team_member.added
    : Triggered when a new member is added to the team.
  • team_member.removed
    : Triggered when an existing member is removed from a team.
  • team_member.updated
    : Triggered when the role of a member is changed.
You can refer to the docs for more details on these events and see what the payload looks like.
New in Analyzers
Introducing, Duck Norris!
We've adopted Duck Norris, a cyborg duck from Quackotron, as our Mascot. He would be working on spreading the word about our mission of helping developers ship good code to the world. We also made a fun short movie about this!
Fixes and improvements
  • We have a brand new 404 page! Check it out here.
  • There's now a home button in Discover's sidebar, so you can easily go back to your DeepSource Home.
  • Fixed the broken rendering of HTML entities in the title of an issue
  • Fixed a redirect loop on GitLab authentication. Users will directly be redirected to the account selector directly after authorizing their GitLab account.
  • Standardize font sizes for cards across the dashboard. This was an eyesore, truly.
  • Disabled the Autofix button for unauthenticated users when browsing public repositories. Although the action wouldn't succeed, the button was being shown as a no-op.
  • Fixed: Users were not able to add new events after creating a webhook.
  • Removed the first and last seen times of an issue in the history page, where it didn't really make sense.
  • PHP:
    Fixed a false-positive in PHP-A1006.
  • PHP:
    Fixed wrong end line in PHP-W1074.
  • Go:
    Fixed data races to mitigate the episodic runtime panics leading to analysis timeouts.
  • Python:
    Fixed a major source of Autofix failures. Running Autofix for R1705, R1720, R1723, and R1724 should no longer have failures.
  • C#
    : CS-R1008:
    GenericExceptionHandlingCheck
    is no longer raised when an
    Exception
    is being trapped for logging purposes or when passed to
    Console.WriteLine
    .
  • C#
    : CS-P1001:
    ManualGarbageCollectCheck
    now correctly handles scenarios when
    GC
    -related methods such as
    SuppressFinalize
    are invoked inside
    Dispose
    .
  • C#:
    CS-R1029:
    TestHasNoAssertCheck
    is no longer invoked when a custom assertion is used in place of test-suite’s
    Assert
    .
  • Java:
    OWASP references in security issue descriptions are now in a uniform format.
  • Java:
    The Java analyzer will now assume a default Java version if none is provided.
  • Java:
    Multiple or nested independent Gradle and Maven projects in the same repository are now properly detected.
  • Java:
    File exclusions are now more efficiently processed.
  • Java:
    JAVA-E0110 (Equals without null check) now correctly ignores valid non-trivial
    equals
    implementations.
  • Java:
    JAVA-P1001 (inefficient replaceAll) now correctly detects certain regex signatures.
  • Java:
    JAVA-E1014 (improper getter/setter) now also accounts for final fields.
  • Java:
    JAVA-E1041 (unimplementable interface) is now smarter in detecting bad interfaces.
  • Java:
    JAVA-E0094 (Finalizer must not be invoked) will no longer be raised for overloaded methods that are not finalizers.
  • Java:
    JAVA-P0057 (URL collections are bad) will now respect spotbugs suppress annotations.
  • Java:
    JAVA-S1002 (Naive trustmanager/hostname verifier implementation) will now respect spotbugs suppress annotations.
  • JavaScript:
    Fixed a false-positive in JS-D1001.