9.9.1

SonarQube 9.9.1 Community Edition
sonar-zap-plugin 2.3.0

What's Changed

• Upgrade SonarQube to 9.9.1 by @bashbang in #35

New Contributors

• @bashbang made their first contribution in #35

Full Changelog: 8.2.2...9.9.1

8.2.2

SonarQube 8.2 Community Edition
sonar-zap-plugin 1.2.0

• Applied mitigation for CVE-2021-45046
  • 763bdcd
• bcgovimages/sonarqube tagged 8.2, 8.2.1, and 8.2.2 have been updated to remove JndiLookup.class from the classpath (removed from all instances of log4j-core*.jar) as documented here; https://logging.apache.org/log4j/2.x/security.html

8.2.1

SonarQube 8.2 Community Edition
sonar-zap-plugin 1.2.0

• Applied mitigation for CVE-2021-44228
  • 6b4565d
• bcgovimages/sonarqube tagged 8.2 and 8.2.1 have been updated to include the LOG4J_FORMAT_MSG_NO_LOOKUPS=true mitigation from here; https://logging.apache.org/log4j/2.x/security.html

8.2

SonarQube 8.2 Community Edition
sonar-zap-plugin 1.2.0

• Upgrade and switch to the official SonarQube Community Edition image.

7.9.1

SonarQube 7.9.1
sonar-zap-plugin 1.2.0