0.27.0

0.27.0 (February 23, 2018)

Bug fixes / Improvements

  • [2b1145e961] - Docs: Update contributor documentation (see also: #827).

New features

  • [1bd7cbadb5] - New: Make sonarwhal install missing packages (see also: #834).

0.26.0 (February 20, 2018)

Breaking Changes

  • [f4536396d3] - Breaking: Replace worksWithLocalFiles with scope (see also: #816).
  • [03b798b241] - Breaking: Change how --new-rule works and drop --remove-rule (see also: #806).

Bug fixes / Improvements

New features

  • [69becf000a] - New: Search on npm on resource-loader.ts.
  • [1f4b818016] - New: Switch to using a monorepo architecture (see also: #748).

0.25.0 (February 6, 2018)

Bug fixes / Improvements

  • [dac0adbc05] - Docs: Update image links in markdown files.
  • [09aad7c9bc] - Docs: Add SVG version of the architecture image (see also: #792).
  • [1da22fb556] - Docs: Fix typo in http-compression.md.
  • [129ec11cb9] - Docs: Reorganize contributor guide (see also: #781).
  • [e67e615fc3] - Docs: Fix link in meta-viewport.md.
  • [f3a3e811c2] - Fix: parse::javascript emit timing (see also: #780).

New features

0.24.0 (January 25, 2018)

Breaking Changes

  • [6a2f29b6ec] - Breaking: Limit X-Content-Type-Options usage to scripts and stylesheets (see also: #767).

Bug fixes / Improvements

  • [53a5b57220] - Fix: Make http-cache rule ignore Data URIs (see also: #778).
  • [7349b9728f] - Docs: Fix typo in options.ts (see also: #776).
  • [b67ef431da] - Docs: Add examples of IIS server configurations (see also: #774).
  • [cbcd924fe0] - Fix: Make summary the default formatter (see also: #722).

New features

0.23.1 (January 18, 2018)

Bug fixes / Improvements

  • [afc468d754] - Docs: Add examples on how to configure Apache in order to pass the rules (see also: #751).

0.23.0 (January 17, 2018)

Breaking Changes

  • [2e75ac5242] - Breaking: Use text/xml as the media type for XML.

Bug fixes / Improvements

  • [87d2af7be5] - Fix: Add new patterns for filename based revving to the http-cache rule (see also: #741).
  • [29064a3e9b] - Docs: Fix typo in image-optimization-cloudinary.

New features

  • [188d270f03] - New: Make no-disallowed-headers allow by default the Server HTTP header (see also: #747).

0.22.1 (January 12, 2018)

Bug fixes / Improvements

  • [0bb6f817ec] - Fix: Headers not being set correctly in Requester (see also: #749).

0.22.0 (January 9, 2018)

Bug fixes / Improvements

  • [ec729e1545] - Fix: Issues in requester and http-compression (see also: #731).
  • [6e1a12ef42] - Fix: Pass parsers to tests (see also: #740).

New features

  • [d10583922e] - Update: snyk-snapshot.json.
  • [e44e7cc98f] - New: Add rule to check if resources are served compressed (see also: #12 and #1).
  • [b66af0c045] - New: Make test server allow alternative responses.
  • [fdeadb9669] - New: Add element info to traverse events.
  • [a03316adc1] - New: Add local connector (see also: #737).
  • [a041abcff5] - New: Upgrade axe-core to v2.6 (see also: #736).

0.21.0 (January 4, 2018)

Bug fixes / Improvements

  • [c482c99844] - Fix: Sync connector certificate config with requester.
  • [f082067fe8] - Fix: Downgrade HTTP/2 headers in rawResponse.
  • [e3e1ca02d5] - Fix: Improve error message for unhandled promises.
  • [80c15103a1] - Docs: Fix typos in strict-transport-security.md (see also: #729).
  • [bd335c2c32] - Docs: Add information on creating external rule (see also: #724).
  • [10d1881a69] - Fix: Support external rules outside @sonarwhal (see also: #713).
  • [742c9af408] - Docs: Fix link in rules/http-cache.md (see also: #723).
  • [035fd4c9e5] - Docs: Add missing link in connectors.md.

New features

  • [db6337b220] - Update: snyk-snapshot.json.
  • [511bba9c01] - New: Add type Parser and JavaScript parser (see also: #720).

0.20.1 (Decembe 12, 2017)

Bug fixes / Improvements

  • [559380f65e] - Fix: Issue where tests of external rules couldn’t be run.

0.20.0 (Decembe 12, 2017)

Bug fixes / Improvements

New features

0.19.0 (Decembe 11, 2017)

New features

  • [d99100df54] - New: Add better support for creating and running external rules (see also: #696).

0.18.0 (Decembe 11, 2017)

Breaking Changes

  • [ff472cc53d] - Breaking: Fix parsing of file extensions (see also: #698).

Bug fixes / Improvements

New features

0.17.0 (November 29, 2017)

Bug fixes / Improvements

  • [2a1623cbf0] - Docs: Add edge connector related information (see also: #671).
  • [61874f64d0] - Docs: Mention performance aspects in meta-viewport.md.
  • [eec1298cd7] - Docs: Fix typo in apple-touch-icons.md.
  • [58e650d4c4] - Docs: Make minor improvements in meta-viewport.md.
  • [6ed5fb5a45] - Docs: Rephrase Public-Key-Pins related information.
  • [b333372fc3] - Docs: Fix rule name in user-guide/rules/index.md.
  • [c382d8771a] - Fix: Add missing Category import in the rule template.
  • [5d7203e5b0] - Docs: Fix typo in docs/user-guide/index.md.

New features

  • [6f28a78aa2] - Update: snyk-snapshot.json.
  • [6892a5ea7a] - New: Add connector-edge as an optionalDependency (see also: #671).
  • [f1ead8cddd] - New: Add defaultProfile to Chrome launcher (see also: #628).
  • [4a35e62834] - New: Make connectors provide the charset and media type the response (see also: #676).

0.16.0 (November 14, 2017)

Breaking Changes

  • [015d53e4b0] - Breaking: Rename sonar to sonarwhal everywhere (see also: #655).

Bug fixes / Improvements

  • [84b8eb3135] - Docs: Update repository references.

0.15.0 (November 14, 2017)

Breaking Changes

  • [b71b6f472a] - Breaking: Rename project from sonar to sonarwhal.

Bug fixes / Improvements

  • [dd0a96ec98] - Docs: Fix rule name in image-optimization-cloudinary.md (see also: #646).

New features

  • [d6a1af9aa0] - New: Add HPKP headers in no-disallowed-headers (see also: #631).
  • [b6626897f8] - New: Add no-http-redirects rule (see also: #641).

0.14.2 (November 10, 2017)

Bug fixes / Improvements

  • [9736b13290] - Fix: Improve third party service integration.
  • [e587e734b2] - Fix: Use rulesTimeout in evaluate (see also: #630).
  • [7ad1c39e89] - Fix: Reduce timeout for requests (see also: #585).
  • [ca02a33311] - Fix: Handle timeout in no-vulnerable-libraries rule (see also: #627).
  • [a8242fb7c3] - Docs: Fix typos.

0.14.1 (November 2, 2017)

Bug fixes / Improvements

  • [4d13905075] - Fix: Make Debugging Protocol Connector related improvements (see also: #621).
  • [f5650fba6f] - Fix: Force exit when exitCode is received (see also: #622).
  • [8de8005af3] - Fix: Make manifest-app-name rule not fail for invalid content (see also: #610).
  • [0c17774475] - Docs: Update Permission issue section from User Guide.

0.14.0 (October 31, 2017)

Bug fixes / Improvements

  • [f6136dc82e] - Fix: Make jsdom not hang for invalid certificate (see also: #612, and #615).
  • [c62ec505c5] - Docs: Make minor fixes in examples.
  • [85a432e9ff] - Docs: Fix broken links.
  • [400f5b5592] - Docs: Rename Developer Guide to Contributor Guide (see also: #609).
  • [924c0e7cef] - Docs: Fix link in no-protocol-relative-urls.md.

New features

0.13.0 (October 27, 2017)

Breaking Changes

  • [255bb7bc0c] - Breaking: Change definition of ignoredUrls.

0.12.3 (October 23, 2017)

Bug fixes / Improvements

  • [3f03824695] - Fix: Issue with Cloudinary and error handling.
  • [1e131ddb28] - Docs: Fix link in docs/about/FAQ.md (see also: #592).

0.12.2 (October 20, 2017)

Bug fixes / Improvements

  • [4ed7cf2aa9] - Fix: Issue in Cloudinary with invalid images.

0.12.1 (October 20, 2017)

Bug fixes / Improvements

  • [0e141f33ce] - Fix: Cloudinary authentication issue.

0.12.0 (October 19, 2017)

Bug fixes / Improvements

  • [92c815ca57] - Fix: Improve test-server and debugging-protocol requests logic (see also: #582).

New features

  • [8a7e1ea5f7] - New: Add image optimization rule using Cloudinary’s service (see also: #575).

0.11.0 (October 19, 2017)

Breaking Changes

  • [f794bc8f36] - Breaking: Require text/javascript as the media type for JavaScript files (see also: #568).

Bug fixes / Improvements

  • [55b2190c35] - Docs: Update FAQ with information about the online scanner and the project history (see also: #580).

0.10.2 (October 5, 2017)

Bug fixes / Improvements

  • [8da2e2da12] - Fix: Redo last release in order to fix the node\r related issue (see also: #564).

0.10.1 (October 4, 2017)

Bug fixes / Improvements

  • [2918e04ce7] - Fix: Generate correctly the .sonarrc file if not found (see also: #562).

0.10.0 (October 3, 2017)

Bug fixes / Improvements

  • [f5c0218bdf] - Fix: Update new-core-rule templates (see also: #551).
  • [f2e500d16b] - Fix: New version notifications handling (see also: #507).
  • [bb17fbbc2b] - Fix: Don’t show help after analyzing site (see also: #553).
  • [f6dae7cfe2] - Fix: Property name for new tab url.
  • [718f7198ac] - Fix: Make tests more reliable and faster (see also: #502).

New features

  • [62a52a66a4] - New: Make viewport rule work with viewport-fit (see also: #557).
  • [01fbe5ee9c] - New: Add amp-validator rule (see also: #545).
  • [67553dce6c] - New: Add option to create external rule (see also: #528).

0.9.0 (September 27, 2017)

Breaking Changes

  • [e585daa5d5] - Breaking: Make rawResponse a Promise<Buffer> (see also: #164).

Bug fixes / Improvements

  • [0cfb1bb49c] - Fix: Create new rule only in sonar‘s root folder (see also: #527).

New features

  • [67553dce6c] - New: Add option to create external rule (see also: #528).

0.8.1 (September 22, 2017)

Bug fixes / Improvements

  • [41a56bef2f] - Fix: Add tests/helpers to npm package (see also: #532).
  • [8207e0fb3b] - Docs: Add connector support information (see also: #523).

0.8.0 (September 20, 2017)

Bug fixes / Improvements

  • [ff45cb6497] - Fix: Improve documentation for connectors (see also: #500).

New features

0.7.0 (September 15, 2017)

Breaking Changes

  • [75b936b710] - Breaking: Add support for multiple formatters (see also: #322).

Bug fixes / Improvements

  • [f3074a3cbb] - Fix: Make apple-touch-icons rule not break for invalid or corrupt images (see also: #515).
  • [b2e30d6d1f] - Docs: Add --engine-strict to install instructions (see also: #511).

0.6.3 (September 11, 2017)

Bug fixes / Improvements

  • [fcafcc9add] - Fix: Make npm package not include devDependencies.

0.6.2 (September 8, 2017)

Bug fixes / Improvements

  • [bedc9644dc] - Fix: Make npm package actually include npm-shrinkwrap.json file (see also: #481).

0.6.1 (September 8, 2017)

Bug fixes / Improvements

  • [0d7b4038bf] - Fix: Add npm-shrinkwrap.json to the npm package (see also: #481).
  • [3300798874] - Fix: SemVer related issue with no-vulnerable-javascript-libraries rule (see also: #504).

0.6.0 (September 8, 2017)

Bug fixes / Improvements

  • [32dcb344bd] - Fix: Make improvements to chrome connector (see also: #387, and #471).
  • [97bc6ea26b] - Fix: Make fetchContent return raw data in chrome (see also: #495).
  • [a5b9951d2d] - Fix: Spinner getting stuck issue (see also: #485).
  • [481961c571] - Docs: Make rule code examples more consistent.
  • [e2af8a87cf] - Fix: Infinite hop calculation when there’s a cycle (see also: #486).

New features

  • [ab11a172a3] - Update: snyk-snapshot.json.
  • [78b6cb1bb1] - New: Add rule to check manifest’s name and short_name members (see also: #136).
  • [7c4947eac1] - New: Add rule to check apple-touch-icons usage (see also: #33).
  • [d13e26be35] - New: Add summary fomatter (see also: #487).

0.5.2 (September 2, 2017)

Bug fixes / Improvements

  • [861931f83d] - Fix: Make html-checker rule not break if no HTML is passed.
  • [d3899126b8] - Fix: Error in onLoadingFailed (see also: #469).
  • [4eeeda950f] - Fix: Improve error messages for highest-available-document-mode rule (see also: #483 and #477).
  • [19f95d12be] - Fix: Error with jsdom and attribute names containing . (see also: #482).
  • [b125186fb7] - Fix: Remove null locations from error messages (see also: #478).

0.5.1 (September 1, 2017)

Bug fixes / Improvements

  • [f45b745479] - Fix: Lock jsdom to v11.1.0 in package.json.

0.5.0 (August 31, 2017)

Breaking Changes

  • [c2d0282591] - Breaking: Rename cdp connector to chrome (see also: #361).

Bug fixes / Improvements

  • [0cc1f05e51] - Docs: Tweak no-vulnerable-javascript-libraries rule related documentation (see also: #470).
  • [984aabcf7c] - Fix: Filter out duplicate fetch requests (see also: #460).
  • [df53c0ef36] - Fix: Update CLI templates (see also: #461).
  • [bbf1e6eaa4] - Fix: Make content-type correctly detect the charset.

New features

  • [60c6c725d1] - Update: snyk-snapshot.json.
  • [633f6d3a53] - New: Ask about browserslist when generating the configs (see also: #446).
  • [0852ab95b2] - New: Add rule to check for vulnerable libraries (see also: #125).

0.4.0 (August 25, 2017)

Breaking Changes

  • [e35b778004] - Breaking: Make content-type rule use proper fonts types (see also: #425).
  • [941d439aff] - Breaking: Upgrade file-type to v6.1.0 (see also: #428).
  • [c03079912b] - Breaking: Use browserslist defaults (see also: #452 and #453).

Bug fixes / Improvements

  • [0507ff7279] - Docs: Fix link to no-disallowed-headers (see also: #403).
  • [56fc97aa3c] - Fix: Make rule-generator not encode quotes (see also: #392).
  • [49833d62ca] - Fix: SyntaxError when using jsdom (see also: #404).
  • [45955ebc5c] - Docs: Fix link in strict-transport-security.md (see also: #417).
  • [dd161ed3d0] - Docs: Make minor improvements (see also: #437).
  • [5cc4484a83] - Docs: Update Code of Conduct links.
  • [aa14e6cb57] - Fix: Avoid analyzing /favicon.ico multiple times (see also: #427).
  • [9755cadf04] - Fix: Error when scanning non-existent URL (see also: #389).

New features

  • [2be5a4ba20] - New: Add rule to check the usage of the Strict-Transport-Security header (see also: #23).
  • [e9e4a95fd7] - New: Notify users when a new version of sonar is available (see also: #419).
  • [d515c5aa8b] - New: Create a new config file if one doesn’t exist (see also: #354).
  • [12a415f40d] - New: Add rule to check the usage of the Set-Cookie header (see also: #24).
  • [f70a4d37e8] - New: Add rule to check the usage of the viewport meta tag (see also: #82).

0.3.0 (July 1, 2017)

Breaking Changes

  • [acfd196ed7] - Breaking: Rename disallowed-headers rule.

Bug fixes / Improvements

  • [d55171d36e] - Docs: Add missing ) in x-content-type-options.md.
  • [28c782db16] - Fix: Make disown-opener ignore certain protocols.

0.2.0 (July 2, 2017)

Breaking Changes

  • [8b202fb8d9] - Breaking: Disable ssllabs rule by default (see also: #355).
  • [6fcb46ae17] - Breaking: Use connector instead of collector (see also: #286, and #358).

Bug fixes / Improvements

  • [b9d278e7a1] - Docs: Move CODE_OF_CONDUCT.md in the root (see also: #353).
  • [7b904d6b4f] - Docs: Fix broken links (see also: #363).
  • [ae149ba609] - Docs: Add pull request related guidelines (see also: #373).
  • [d52247d3e1] - Docs: Add note about handling permission issues (see also: #308, and #364).
  • [9cd8d7fdc9] - Docs: Fix broken links in pull-requests.md.
  • [fd6c083f84] - Docs: Make minor improvements (see also: #367).

New features

  • [08f36db2b4] - New: Add rule to check markup validity (see also: #28).
  • [2893a0a7c1] - New: Make connectors download manifest & favicon (see also: #71).

0.1.0 (June 30, 2017)

Breaking changes

Bug fixes / Improvements

New features

  • [3e2863b3963] Add support for rule shorthands, and ability to specify rules as an array (see also: #283).
  • [b54dd55b48a] Add rule generator (see also: #238).
  • [70018b6b33b] Make disown-opener rule use targetedBrowsers.