Skip to content

Bump org.sonarsource.api.plugin:sonar-plugin-api from 13.3.0.3209 to 13.4.3.4290#32

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/maven/main/org.sonarsource.api.plugin-sonar-plugin-api-13.4.3.4290
Open

Bump org.sonarsource.api.plugin:sonar-plugin-api from 13.3.0.3209 to 13.4.3.4290#32
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/maven/main/org.sonarsource.api.plugin-sonar-plugin-api-13.4.3.4290

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 19, 2026
edited
Loading

Bumps org.sonarsource.api.plugin:sonar-plugin-api from 13.3.0.3209 to 13.4.3.4290.

Release notes

Sourced from org.sonarsource.api.plugin:sonar-plugin-api's releases.

13.4.3.4290

What's Changed

Full Changelog: SonarSource/sonar-plugin-api@13.4.2.4284...13.4.3.4290

13.4.2.4284

What's Changed

Full Changelog: SonarSource/sonar-plugin-api@13.4.1.4276...13.4.2.4284

13.4.1.4276

What's Changed

Full Changelog: SonarSource/sonar-plugin-api@13.4.0.3221...13.4.1.4276

13.4.0.3221

What's Changed

Full Changelog: SonarSource/sonar-plugin-api@13.3.0.3209...13.4.0.3221

Changelog

Sourced from org.sonarsource.api.plugin:sonar-plugin-api's changelog.

Changelog

13.4

  • Add org.sonar.api.a3s.A3SContextCollector (internal SonarSource usage)

13.3

  • Introduce support for feature availability checks:
    • Introduce org.sonar.api.batch.sensor.SensorContext.isFeatureAvailable.
  • Introduce new security standards for OWASP LLM Top 10 2025, OWASP Top 10 2025, ASVS 5, STIG ASD_V6, and MASVS 2

13.2

  • Add org.sonar.api.issue.IssueStatus.IN_SANDBOX enum value
  • Add org.sonar.api.issue.Issue.STATUS_IN_SANDBOX constant (deprecated immediately)

13.1

  • Introduce support for internal tags on issues:
    • Introduce org.sonar.api.batch.sensor.issue.Issue.internalTags()
    • Introduce org.sonar.api.batch.sensor.issue.NewIssue.addInternalTag(String tag)
    • Introduce org.sonar.api.batch.sensor.issue.NewIssue.addInternalTags(Collection<String> tags)
    • Introduce org.sonar.api.batch.sensor.issue.NewIssue.setInternalTags(@Nullable Collection<String> tags)

13.0

  • Remove deprecated complexity metrics:
    • org.sonar.api.measures.CoreMetrics.FILE_COMPLEXITY.
    • org.sonar.api.measures.CoreMetrics.COMPLEXITY_IN_CLASSES.
    • org.sonar.api.measures.CoreMetrics.CLASS_COMPLEXITY.
    • org.sonar.api.measures.CoreMetrics.COMPLEXITY_IN_FUNCTIONS.
    • org.sonar.api.measures.CoreMetrics.FUNCTION_COMPLEXITY.
    • org.sonar.api.measures.CoreMetrics.FUNCTION_COMPLEXITY_DISTRIBUTION.
    • org.sonar.api.measures.CoreMetrics.FILE_COMPLEXITY_DISTRIBUTION.

12.0

  • Introduced support for hidden file analysis:
    • Introduce org.sonar.api.batch.fs.IndexedFile.isHidden.
    • Introduce org.sonar.api.batch.sensor.SensorDescriptor.processesHiddenFiles.
  • Remove org.sonar.api.issue.DefaultTransitions.SET_AS_IN_REVIEW.
  • Remove org.sonar.api.issue.DefaultTransitions.OPEN_AS_VULNERABILITY.
  • Remove org.sonar.api.issue.Issue.STATUS_IN_REVIEW.
  • Remove org.sonar.api.issue.Issue.attribute(String key).
  • Remove org.sonar.api.issue.Issue.attributes().

11.4

  • Deprecate org.sonar.api.issue.DefaultTransitions
  • Deprecate org.sonar.api.web.UserRole
  • Remove deprecated extension points org.sonar.api.profiles.ProfileExporter and org.sonar.api.profiles.ProfileImporter.
  • Introduce new security standards for OWASP Mobile 2024

11.3

  • Introduce org.sonar.api.batch.sensor.SensorContext.addAnalysisData.

... (truncated)

Commits
  • 5ffda10 PLUGINAPI-174 Revert upgrade of logback
  • e1e9e53 NO-JIRA Prepare for the next dev iteration (13.5)
  • 6891be0 NO-JIRA Fix signing plugin config
  • 50f7aa3 NO-JIRA Update remaining branch env variable name
  • 81a842a NO-JIRA Update branch env variable name
  • 40f44d7 NO-JIRA Fix releasability check; no tickets for NO-JIRA commits
  • ee51865 Update sonarqube plugin task name
  • f2282f8 PLUGINAPI-172 Fix deprecated usage SQ issues
  • 3921562 NO-JIRA Bump logback and commons-lang3 versions (#262)
  • 13469aa NO-JIRA Bump logback and guava versions
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update java code labels Jan 19, 2026
@dependabot dependabot bot requested a review from a team as a code owner January 19, 2026 03:23
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update java code labels Jan 19, 2026
@dependabot
Bump org.sonarsource.api.plugin:sonar-plugin-api
264764a 
Bumps [org.sonarsource.api.plugin:sonar-plugin-api](https://github.com/SonarSource/sonar-plugin-api) from 13.3.0.3209 to 13.4.3.4290.
- [Release notes](https://github.com/SonarSource/sonar-plugin-api/releases)
- [Changelog](https://github.com/SonarSource/sonar-plugin-api/blob/master/CHANGELOG.md)
- [Commits](SonarSource/sonar-plugin-api@13.3.0.3209...13.4.3.4290)

---
updated-dependencies:
- dependency-name: org.sonarsource.api.plugin:sonar-plugin-api
  dependency-version: 13.4.3.4290
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/maven/main/org.sonarsource.api.plugin-sonar-plugin-api-13.4.3.4290 branch from 6d38822 to 264764a Compare February 5, 2026 11:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file java Pull requests that update java code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants