- Add Jenkins CI environment detection (#2613)
- Use mypy JSON output for more consistent parsing (#2609)
- Update Ripgrep parser to use plugin name for custom plugin support (#2585)
- Add support for Jacoco reports with group elements for multi-module projects (#2572)
- Add xccov-json coverage format parser for Apple's xccov JSON format (#2568)
- Add
--guess-java-src-dirsflag tocoverage publishfor automatic Java/Kotlin source directory discovery (#2552)
- Handle JaCoCo reports with no packages (#2554)
- Add file path context to coverage parsing errors (#2553)
- Use cached GitHub API responses to reduce rate limit usage (#2522)
- Add Bitrise CI environment detection (#2519)
- Add attestations for installer scripts (#2514)
- Use HTTPS for URLs in code (#2513)
- Improve add-prefix path handling in coverage transformer (#2501)
- Support passing through env vars for NullTool (#2471)
- Move to new Ruby mechanism (#2507)
- Allow lockfile issues for Brakeman (#2500)
- Add warnings on unexpected config attributes (#2464)
- Fix broken URLs in error messages (#2472)
- Fix plugins enable behaviour interaction with suggested directive (#2465)
No changes. (Release was triggered by internal improvements.)
- Revert behavior introduced in 0.582.0 which inadvertently caused our TOML parsing to become more strict in certain cases (#2452)
- Add automatic path fixing for CI/CD environments when publishing coverage (#2338)
- Unify plugins enable and qlty init behaviour for package_file and filters (#2334)
- Warn on excluding config_file (#2446)
- Add install only flag to check command (#2426)
- Add support for engines in config migrate (#2439)
- Fix prettier success_codes configuration (#2428)
- Fix plugin configs not to include affects cache (#2427)
NB: There was no release version: 0.580.0
- Ensure 'false' is not interpreted as a pull request number from BuildKite's environment (#2423)
- Ensure read important env vars for BuildKite for coverage publishing (#2415)
- Reduce snippet size limits for storage and performance optimization (#2409)
- Fix interaction of exported_config_paths and copy_configs_into_tool_install directives (#2402)
NB: There was no release versions: 0.575.0, 0.576.0
- Improve coverage publish output (#2378)
- Adjust plugin suggestions to prioritize commonly used tools (#2373)
- Remove
./from beginning of--add-prefixin coverage command (#2376)
- Improve error handling when retrieving commit metadata (#2371)
- Add
skip_errored_pluginsoption to install command (#2366)
- Escape special characters in file paths for glob matching (#2337)
- Add ktlint plugin (#2352)
- Add debug statements to jacoco parser (#2339)
- Support JACOCO_SOURCE_PATH environment variable for coverage resolution (#2332)
- Never check rustc version to avoid unneeded breakages (#2317)
- Ensure ZDOTDIR environment variable is properly set (#2315)
Thank you @mgnisia for your contribution!
- Support merge group detection on any CI provider listening to GitHub push events (#2320)
- Print formatter name when formatting (#2313)
- Prioritize explicitly stated version during merge (#2312)
- Merge enabled plugins by name and prefix (#2310)
- Initial support for GitHub Merge Queues
- Updates for Rust 1.89
- Implement GitHub SHA resolution for pull requests in coverage publish instead of relying on the sha being supplied via --override-commit-sha (#2293)
- Do not require a reference (branch, tag or pr) or commit time for the
coverage completesubcommand (#2291)
- Fix installation of libssl on Linux when installing Ruby (#2288)
This release contains a breaking change for the coverage publish command.
Now the --validate flag will be enabled by default. This means the Qlty CLI will automatically validate your coverage reports before attempting to upload them. This allows you to identify and fix issues path matching issues much earlier in your dev process.
What This Means for You:
- Potential CI Build Failures: Once this change is implemented, if your current CI/CD pipeline uploads a report with mismatched paths, your builds will begin to fail when executing qlty coverage publish. To avoid disruption, you can begin validating your reports now (by using --validate ) to address any issues before this change takes effect.
- Quick Fix for Build Failures: If your builds start failing on Monday and you need to get them passing immediately, you can temporarily add the new --no-validate flag to your qlty coverage publish command. This will disable validation and allow your CI build to pass (though your coverage data will remain broken until you've uploaded a valid report).
We believe this change will significantly improve the accuracy and usability of your coverage data within Qlty. If you have any questions or require assistance, please don't hesitate to contact our support team.
See our path fixing docs for more information.
- Add no-op option '--no-validate' to support GitHub Action
- Add zizmor plugin (#2265)
- Remove branch requirement for coverage: instead, require branch, tag OR pull request (#2273)
- Filter broken pipe errors from Sentry reporting (#2255)
- Fix fmt prompt path targeting (#2230)
- Add installation error to stderr during tool installation error (#2231)
- Add output after installing githooks (#2217)
- Incorrect parameter counting for Kotlin functions with annotations (#2160)
- Honor ZDOTDIR environment variable in install.sh (#2240)
Thank you @voltechs for your contribution!
- Respect Git
insteadOfwhen fetching sources (#2235)
- Bubble installation log into build logs on error (#2215)
- Point to debug logs when lint errors occur (#2222)
- Add Coverprofile parser (#2225)
No changes. (Release was triggered by CI workflow upgrades.)
- Batch file_coverages data in JSONL files (#2182)
- Treat exceeding 50,000 total issues as a fatal error (#2178)
- Lower issue JSONL file batch size (#2179)
- Show issues for plugins with no end lines in diff mode (#2176)
- Truncate issue snippets for maintainability issues (#2180)
- Add timestamps to coverage output (#2170)
- Make strip prefix coverage transformer optional (#2172)
- Support
coverage completecommand without Git (#2168) - Allow
coverage publishto run without Git when using--override-commit-time(#2167)
- Batch build messages and stats into smaller files (#2165)
- Batch build issues records into multiple JSONL files (#2157)
- Add
--override-commit-timeflag tocoverage publishcommand (#2155)
- Batch build invocation records into multiple JSONL files (#2149)
- Add dotCover format support for coverage reports (#2143)
- Add eslint.config.ts as a known ESLint config file (#2137)
Thank you @kolarski for your contribution!
- Truncate issue snippets to prevent large Issue records (#2135)
- Add support for
--sarifflag toqlty smellscommand (#2037)
Thank you @ujlbu4 for your contribution!
- Reject coverage reports when branch name is missing (#2119)
- Handle terraform parser to handle missing location (#2129)
- Update shellcheck and tab column width (#2127)
- Only print identical warnings once (#2125)
- Pass proxy env variables to installations and invocations (#2126)
- Add ca-certificates to Docker image (#2124)
- Support head diff mode for
qlty smells(#2039)
Thank you @relu and @ujlbu4 for your contributions!
- Add haml-lint plugin (#2112)
- Add ruff auto-formatting support (#2080)
- Reject invalid configuration combinations in qlty.toml (#2077)
- Support Git fetches through HTTPS proxies (#2081)
- Include AWS response body in coverage upload error messages (#2085)
- Warn instead of error in
config migrateif we can't find a plugin for a fetch item (#2096) - Use system TLS certificate roots for downloads (#2075)
- Improve accuracy of field counting for Java (#2082)
- Add support for auto-detection of coverage variables for Travis CI users (#2108)
- Add more support for SimpleCov coverage formats (#2111)
- Fix shellcheck tab column handling in location ranges (#2099)
- Filter plugins in
qlty config migratebased on .codeclimate.yml (#2094) - Improve warning messages for deprecated configuration syntax (#2101)
- Report the number of files excluded for code coverage up to Qlty Cloud (#2098)
- Add support for
[[triage]]blocks (replaces[[override]]) (#2005) - Add support for
[[exclude]]blocks (replaces[[ignore]]) (#1954) - Support linux/arm64 platform in Docker image (#1990)
Thank you @ujlbu4 for your contribution of linux/arm64 Docker support!
- Update many linter versions (#2029)
- Add output to indicate the number of excluded code coverage paths (#2078)
- Ignore note issues in Git pre-push hook (#2079)
- Eliminate panic from telemetry when network is disabled (#2086)
- Add terraform plugin with support for formatting and validation (#2067)
- Fix formatter invocation directory when runs from target_directory (#2066)
- Improve Git authentication to support credential configuration from gitconfig (#2068)
- Improve behavior of
qlty installto better align withqlty check(#2064)
- Add extra trigger options:
agent,ide(#2063)
- Detect
biome.jsoncas a config file for Biome plugin (#2059) - Tighten tool install retry policy (#2060)
- Better error messages for errored downloads (#2055)
- Support HTTP proxies from env vars for tool downloads (#2056)
- Fix loading deep config files into staging (#2058)
Thank you @raybrownco for your contribution!
This release failed and this version does not exist.
- Fixed providing runtime env vars to tool execution (#2051)
- Add new
exported_config_pathsdirective to allow sources to provide linter configs (#2044)
- Only enable radarlint-ruby when a RadarLint config is present (#2047)
- Fix
suggested_modeconfiguration for RadarLint (#2047)
- Add Ruby preflight dependency checks to Ruby binary install (#2028)
- Treat hitting maximum total issues of 50k as a fatal error (#2027)
- Skip version check for Rust when using a named channel (#2046)
- Print coverage report URL at the end of
coverage complete(#2036) - Display version command on failure for user debuggability (#2031)
- Increase maximum total issues count from 10k to 50k (#2024)
- Add
--validateoption forqlty coverage publish(#1915)
- Increase maximum issues per file limit from 100 to 500 (#2023)
- Automatically install sandboxes libyaml when installing Ruby on Linux (#2009)
- Disable binary installs of Ruby on Linux Musl platforms in favor of compilation (#2010)
- Allow coverage publish
--dry-runto work without token (#2017)
- Add a
qlty coverage completesub-command (#2011) - Add a new
--incompleteargument toqlty coverage publish(#2006) - Add optional
--nameargument toqlty coverage publish(#2015)
- Auto-detect
.rubcoop-*.ymlfiles as RuboCop config files (#2016) - Print coverage upload ID in
qlty coverage publishoutput (#2014)
- Fix coverage format specification for absolute paths on Windows (#2013)
- Fix bubbling of stderr to tool install log files (#2008)
- Increase detail in error messages from
qlty coverage publish(#2004)
- Add stringlint linter (https://github.com/dral3x/StringsLint) for Swift (#1987)
- Add SwiftFormat auto-formatter (https://github.com/swiftlang/swift-format) (#1986)
- Add support for a
source.tomlfile in custom sources (#2000)
- Improve subcommand descriptions in
--helpoutput (#1992) qlty plugins enablewill now install linter configs likeqlty init(#1997)
- Prevent installing linter configurations during init if another config is present (#1998)
- Fix TOML generated by
qlty init --source=...(#1996) - Fix TOML merging of arrays of tables when applying cascading configuration (#1995)
- Prevent
.qlty/.gitignorefrom ignoring itself (#1988) - Specify
suppported_platforms = ["macos"]for SwiftLint (#1985)
- Print installation errors to CLI output (#1556)
- Fix golanglint-ci incorrectly downloading 32-bit binaries on Windows (#1989)
- Provide a default
.yamllint.yamlwhen initializing yamllint (#1973)
- Fix a bug where yamllint would report errors on a hadolint config file (#1973)
- Add ast-grep plugin (#1972)
- Add Swift support for maintainability (complexity, duplication, smells, metrics) (#1971)
- Add
**/templates/**to default exclude patterns (#1967) - Include Invocation ID in diagnostic messages for improved debugging (#1968)
- Simplify a few arguments for
qlty coverage publish(#1965) - Provide a default
.shellcheckrcwhen initializing shellcheck (#1973)
- Fix parsing of Clover coverage data with repeated, non-adjacent XML elements (#1964)
- Fix compilation bug preventing default plugin configs from being installed during
qlty init(#1983) - Update hadolint to version 2.12.1-beta to fix on MacOS (#1981)
- Significantly improve output from
qlty coverage publishto help setup and debugging (#1960) - Print warnings when files in a coverage report are missing from disk (#1957)
- Fix Ruby download URLs to no longer depend on EOL Ubuntu 20.04 packages (#1966)
- Enhance CI with Buildkite Variable Support (#1933)
- Capture metadata about coverage uploader tools into coverage metadata (#1947)
- Auto-detect
*.lcovfiles as LCOV format (#1948) - Automatically migrate Code Climate exclude_patterns (#1936)
- Adjust auto-generated fmt issues to
commentmode (#1945)
- Fix missing code smells when ignore rules are used in qlty.toml (#1938)
- Exit early with good errors when there is a fatal error with coverage upload (#1950)
- Improve Clover XML parsing compatibility (#1944)
- Fix detection of GitHub releases with
application/x-msdownloadMIME type on Windows (#1935)
- Add support for
--total-parts-counttoqlty coverage publish(#1913)
- Add support for installing using package lockfiles (#1658)
- Add dockerfmt plugin (#1865)
- Suggest known good versions of plugins (#1684)
- Update SARIF parser to support missing
uriinoriginalUriBaseIds(#1884)
- Fix bug where some plugins were inaccurately auto-initialized (#1881)
- Compile binaries for Linux Arm64 with Musl (#1626)
- Add SARIF output format for
qlty check(#1595)
qlty initwill now suggest issue modes (#1628)
- Fix panic crashes in certain edge case conditions and improve error messages (#1587)
- Improve plugin suggestions during
qlty init(#1654)
- Fix running
qlty check PATHin a subdirectory (#1594)
- Update supported RadarLint version (#1579)
- Add php-cs-fixer plugin (#1580)
- Fix load path initialization bug affecting Ruby on Windows (#1585)
- Fix loading of RUBYLIB in a Gem-compatible way (#1583)
- Support
tool:ruleKeymatching in[[override]]blocks (#1564) - Improve error handling for reading extra package data (#1566)
- Improve error handling when stylelint does not generate output (#1562)
- Output installation debug files in additional cases (#1554)
- Improve reliability of Composer package installs (#1555)
- Fix handling of
[[ignore]]blocks withrules = ["tool:rule"](#1563)
- Add checkstyle plugin (#1551)
- Add tool install debug files (#1543)
- Add stylelint 16 support (#1553)
- Fix Git diff calculation in certain sub-path cases (#1550)
- Improve path resolution in auto-fixer (#1549)
- Fix y/n prompting bugs with lower/upper case combinations (#1548)
- Skip install errors when
--skip-errored-pluginsis enabled (#1534)
- Use Composer to install PHP plugins (#1517)
- Fix fmt path issues with prefixes (#1533)
- Fix plugin prefixes during
qlty init(#1531)
- Change warning about deprecated sources to an error (#1515)
- Add
--skip-missing-filesoption tocoverage publish(#1491)
- Add phpcs.xml as a known config file for PHPCS (#1503)
- Reduce noisy logging into CLI log from dependencies (#1508)
- Log details when a fatal, unexpected error occurs while running a linter (#1513)
- Use Git metadata to improve issue cache accuracy (#1518)
- Treat missing phpstan output as an error (#1504)
- Fix bug in cache key calculation creating inaccurate results in some cases (#1509)
- Prompt users with Code Climate configs to run "config migrate" during init (#1409)
- Auto-enable PHPStan only when a PHPStan config is found (#1512)
- Fix coverage parser when files have no hits (#1516)
- Only prompt the user to auto-format in correct mode (#1510)
- Fix format loop when run with
--fix(#1514) - Retain settings during find-and-fix loops (#1511)
- Add support for negated exclusion patterns (#1472)
- Support SimpleCov "merged" coverage format (#1493)
- Update ruby-build definitions (#1502)
- Fix Ruby downloads on Linux arm64 (#1505)
- Fix Ruby installs in edge cases where version paths on disk do not match version string (#1497)
- Fix panic in package.json handling (#1492)
- Fix Ruby install for MacOS identification of arch with non-standard version numbering (#1500)
- Allow customizing plugin behavior when they do not generate any output (#1466)
- Detect SemaphoreCI environment variables for code coverage metadata (#1479)
- Add support for simplecov-json gem format (#1475)
- Skip formatters when sampling issues during init (#1474)
- Always log stdout and stderr from prepare_script commands (#1480)
- Fix bug where
[[ignore]]withoutfile_patternswould ignore everything (#1483) - Fix applying formatting fixes from subdirectories (#1476)
- Copy phpstan config files into sandbox (#1482)
- Fix Jacoco parser to not throw error when there are no lines for a source file (#1473)
- Improve error messaging when coverage upload token is invalid (#1462)
- Truncate very large strings when generating invocation data (#1464)
- Fix panic when processing empty LCOV files with no coverage data (#1458)
- Fix panics editing code when a byte offset is not on a UTF-8 character boundry (#1460)
- Add support for Workspace-level code coverage upload tokens (#1445)
- Add CLI version to code coverage upload metadata (#1451)
- Upgrade Ruby runtime to v3.3.7 (#1449)
- Experimental: Add support for generating qlty.toml validation schema using Taplo (#1454)
- Throw an error if a prepare_script fails (#1448)
- Fix support for qlty-ignore directive on source files of unknown file types (#1447)
- Render column headers in verbose text output (#1437)
- Adjust kube-linter plugin to lint entire directory at once (#1438)
- Improve auto-generated .gitignore rules in .qlty/ folder (#1423)
- Support
%SRCROOT%as a root path in SARIF parser (#1435)
- Default code coverage prefix stripping to workspace root (#1428)
- Fix "Duplicate filename" bug when multiple coverage files had the same name (#1424)
- Fix panic when path for
qlty check <path>is outside qlty directory (#1426) - Fix off-by-1 offset in ripgrep plugin column info (#1427)
- Add
cache prunesubcommand to prune cached results, logs, and debug files (#1408)
- Add support for C# maintainability analysis (smells and metrics) (#1388)
- Upload raw coverage data with processed data to improve debugging experience (#1415)
- Add
**/fixtures/**to default exclusion patterns (#1384)
- Auto-initialize a new project when running "qlty plugins enable" (#1401)
qlty installnow installs all enabled plugins (#1397)- Fix a concurrency deadlock during filesystem walking (#1412)
- Ignore Java
importstatements and C#usingdirectives when calculating duplication (#1413) - Improve error message when a plugin version is missing (#1394)
- Fix bug with code coverage paths processing (#1411)
- Add browser-based flow to authenticate the CLI as a Qlty Cloud user
- Prompt to format unformatted files when running
qlty check - Re-run analysis when fixes are applied to ensure fresh results
- Add a warning when a deprecated repository-based default source is detected
- Fix cognitive complexity calculation for Ruby conditionals
- Don't print paths to non-existent install logs in error output
- When running as a Git pre-push hook, fallback to comparing against upstream if the remote head is not present locally
- Fix built-in duplication AST filters
- Interactively prompt to apply fixes by default (override with
--fixor--no-fixarguments) - Print fix suggestions diffs
- Print list of any unformatted files before issues
- Add ability to skip Git hooks executon by pressing enter key
- Add new
notelevel for issues and use it with ripgrep - Add
--summaryargument toqlty checkto limit output to only counts
- Add
--no-fixargument toqlty checkto skip applying fixes - Add plugin platform targetting via a new
supported_platformskey
- Print a count of securty issues at the end of the output
- Experimental: Publish Docker images to GitHub Container Registry
- In newly-generated
qlty.tomlfiles fromqlty init, emit smell issues incommentmode instead ofblock - Stop running plugins when we exceed the total maximum issue limit of 10k
- Disable plugins by adding
mode = "disabled"instead of removing them fromqlty.toml - Reduce output when running without
--verbose - Moved invocation files to be stored in
out/ - Automatically enable rustfmt if a rustfmt config file is found
- Minor improvements and cleanups to command output
- Shorted formatting of thread IDs printed to log files
- Improve data qualty of output Markdownlint issues
- Emit Hadolint style issues at
lowlevel (notfmt, which is reserved) - Fix panic when running
qlty fmtwith a non-existent path argument
- Removed support for configuring sources as a hash in
qlty.tomlin favor of array notation
- Major change: Compile official plugin definitions into CLI binaries
- Add kube-linter plugin
- Automtically run
qlty fmtifqlty check --fixapplies autofixes
- Detect and use Biome version from
package.jsonif present - Target more file types for Biome. Thank you @lamualfa for this contribution!
- Add operating system, CPU architecture, and build date to
qlty versionoutput - Limit amount of results data processed to 100 MB
- Limit the maximum number of issues per file to 100
- Improve documentation for writing a new plugin
- Add targetting for
\*.mts,\*.cts,\*.mtsx, and\*.ctsxextensions - Prevent stack overflow panics when analyzing deeply nested ASTs
- Add
qlty githooks installcommand to install Git pre-commit and pre-push hooks (alpha) - Add
qlty githooks uninstallcommand to remove Git hooks - Add Reek plugin. Thank you @noahd1 for this contribution!
- Support initializing running StandardRB run via Rubocop
- Don't apply unsafe fixes when running
qlty check --fixunless--unsafeis specified - When ESLint <= v5 crashes, avoid throwing errors about non-existant tempfiles
- Avoid panic when attempting to install shell completions for unknown shell
- Fix analysis of Go binary expressions and paramaters counts
- Fixed a bug with
qlty initset up for ESLint - Fixed a bug parsing Ruff output when it finds syntax errors
- Add
qlty plugins upgrade NAMEsubcommand which upgrades to the highest, known good version of the plugin - Add
qlty plugins disable NAMEsubcommand
- Add new Dependency Alert and Secret issue categories
- Don't modify
qlty.tomlwhen runningqlty plugins enablewith a plugin that is already enabled - Do not automatically enable Hadolint because the latest release crashed on MacOS v15 Sequoia
- Publish the Qlty CLI as a public repository on GitHub (Fair Source License)
- Start of CHANGELOG