From 16c420b44b65ebe70a2e7acddaa42233fb34ce10 Mon Sep 17 00:00:00 2001 From: DMarinhoCodacy Date: Mon, 6 Jul 2026 17:27:09 +0100 Subject: [PATCH 1/5] Release Notes June 2026 --- docs/release-notes/cloud/cloud-2026-06.md | 98 +++++++++++++++++++++++ docs/release-notes/index.md | 1 + mkdocs.yml | 1 + 3 files changed, 100 insertions(+) create mode 100644 docs/release-notes/cloud/cloud-2026-06.md diff --git a/docs/release-notes/cloud/cloud-2026-06.md b/docs/release-notes/cloud/cloud-2026-06.md new file mode 100644 index 0000000000..e1a76ceaaa --- /dev/null +++ b/docs/release-notes/cloud/cloud-2026-06.md @@ -0,0 +1,98 @@ +--- +rss_title: Codacy release notes RSS feed +rss_href: /feed_rss_created.xml +description: Release notes for Codacy Cloud June 2026. +included_jira_versions: ['2026.5'] +codacy_tools_version_old: https://github.com/codacy/codacy-tools/releases/tag/9.2.13 +codacy_tools_version_new: https://github.com/codacy/codacy-tools/releases/tag/9.3.9 +--- + +# Cloud June 2026 + +These release notes are for the Codacy Cloud updates during June 2026. + +📢 [Visit the Codacy roadmap](https://roadmap.codacy.com) and let us know your feedback on both new and planned product updates! + +## Features + +- **Dependency import chain visibility:** Vulnerable dependency findings now show the full import chain, making it easier to understand how a vulnerable package enters a project and where to act. + +- **Clearer CI/CD setup guidance for container scanning:** We improved the visibility of the CI/CD setup option in container scanning so teams can more easily find and complete the setup flow. + +- **Better SRM timeout messaging:** Timeout messages in SRM are now clearer and more actionable, helping users understand what happened and what to do next. + +- **Proxy support in Guardrails:** Guardrails now supports proxy configurations across VS Code, MCP, and CLI v2 environments. + +## Improvements + +- **Org dashboard settings fix:** Fixed an issue where some account settings on the organizations dashboard would not open on the first attempt. + +- **Coverage report stability fix:** Fixed a bug that could cause the coverage organization report to show a blank page when filtering by file coverage metrics. + +- **False positive reduction for dependency syntax:** Fixed incorrect handling of `^` dependency syntax so it is no longer treated as a false positive in vulnerable dependency analysis. + +- **Findings page timeout fix:** Fixed timeouts affecting the findings page for large accounts, improving reliability for affected users. + +- **Jira ticket creation fix:** Fixed an issue where creating Jira tickets could fail when the summary field was too large. + +- **Container scanning ignore flow fix:** Fixed an internal server error that could occur when ignoring a container scanning security issue. + +## Tool versions + +- **Markdownlint** has a new version: **0.40.0** ( updated from 0.33.0 ) +- **Agentlinter**: **0.3.3** +- **Aligncheck**: **1.0.0** +- **Ameba**: **1.6.4** +- **Bandit**: **1.8.3** +- **Biomejs**: **2.4.10** +- **Brakeman**: **4.3.1** +- **Bundler-audit**: **0.9.1** +- **Checkov**: **3.2.508** +- **Checkstyle**: **10.26.1** +- **Clang-tidy**: **10.0.1** +- **Codenarc**: **3.6.0** +- **Codesniffer**: **3.10.1** +- **Coffeelint**: **5.2.11** +- **Cppcheck**: **2.18.0** +- **Credo**: **1.7.12** +- **Csslint**: **1.0.5** +- **Dartanalyzer**: **3.9.3** +- **Deadcode**: **1.0.0** +- **Detekt**: **1.23.8** +- **ESLint**: **9.39.4** +- **Faux-pas**: **1.7.2** +- **Flawfinder**: **2.0.19** +- **Golangci-lint**: **2.7.2** +- **Gorevive**: **1.12.0** +- **Gosec**: **2.22.7** +- **Hadolint**: **2.12.0** +- **Jackson-linter**: **2.19.2** +- **Jshint**: **2.13.6** +- **Lizard**: **1.22.2** +- **Opengrep**: **1.21.0** +- **Phpmd**: **2.14.1** +- **PMD**: **7.16.0** +- **Prospector**: **1.18.0** +- **Psscriptanalyzer**: **1.24.0** +- **Pylint**: **4.0.5** +- **Reek**: **6.5.0** +- **Remark-lint**: **10.0.1** +- **Roslyn**: **1.23.0** +- **Rubocop**: **1.80.2** +- **Ruff**: **0.12.7** +- **Scalameta-pro**: **1.4.4** +- **Scalastyle**: **1.5.1** +- **Shellcheck**: **0.10.0** +- **Sonar-csharp**: **9.32** +- **Sonar-visual-basic**: **8.13** +- **Spectral**: **1.22.0** +- **Spotbugs**: **4.8.4** +- **Sqlfluff**: **4.1.0** +- **Sqlint**: **0.2.1** +- **Staticcheck**: **2025.1.1** +- **Stylelint**: **16.23.0** +- **Swiftlint**: **0.63.2** +- **Tailor**: **0.12.0** +- **Trivy**: **0.70.0** +- **Tslint**: **6.1.3** +- **Tsqllint**: **1.16.0** \ No newline at end of file diff --git a/docs/release-notes/index.md b/docs/release-notes/index.md index 7c80df4dd2..ac0eaacd6c 100644 --- a/docs/release-notes/index.md +++ b/docs/release-notes/index.md @@ -18,6 +18,7 @@ For product updates that are in progress or planned [visit the Codacy public roa 2026 +- [Cloud June 2026](cloud/cloud-2026-06.md) - [Cloud May 2026](cloud/cloud-2026-05.md) - [Cloud April 2026](cloud/cloud-2026-04.md) - [Cloud March 2026](cloud/cloud-2026-03.md) diff --git a/mkdocs.yml b/mkdocs.yml index 736489c3b7..6748177295 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -692,6 +692,7 @@ nav: - release-notes/index.md - Cloud: - 2026: + - release-notes/cloud/cloud-2026-06.md - release-notes/cloud/cloud-2026-05.md - release-notes/cloud/cloud-2026-04.md - release-notes/cloud/cloud-2026-03.md From 6b5a13a719ab99f322965f1f9df4a1a41e6d7177 Mon Sep 17 00:00:00 2001 From: DMarinhoCodacy Date: Mon, 6 Jul 2026 17:32:24 +0100 Subject: [PATCH 2/5] fix small issues --- docs/release-notes/cloud/cloud-2026-06.md | 4 ++-- mkdocs.yml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/release-notes/cloud/cloud-2026-06.md b/docs/release-notes/cloud/cloud-2026-06.md index e1a76ceaaa..8d31fc592f 100644 --- a/docs/release-notes/cloud/cloud-2026-06.md +++ b/docs/release-notes/cloud/cloud-2026-06.md @@ -2,7 +2,7 @@ rss_title: Codacy release notes RSS feed rss_href: /feed_rss_created.xml description: Release notes for Codacy Cloud June 2026. -included_jira_versions: ['2026.5'] +included_jira_versions: ['2026.6'] codacy_tools_version_old: https://github.com/codacy/codacy-tools/releases/tag/9.2.13 codacy_tools_version_new: https://github.com/codacy/codacy-tools/releases/tag/9.3.9 --- @@ -39,7 +39,7 @@ These release notes are for the Codacy Cloud updates during June 2026. ## Tool versions -- **Markdownlint** has a new version: **0.40.0** ( updated from 0.33.0 ) +- **Markdownlint** has a new version: **0.40.0** (updated from 0.33.0) - **Agentlinter**: **0.3.3** - **Aligncheck**: **1.0.0** - **Ameba**: **1.6.4** diff --git a/mkdocs.yml b/mkdocs.yml index 6748177295..90be45210f 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -692,7 +692,7 @@ nav: - release-notes/index.md - Cloud: - 2026: - - release-notes/cloud/cloud-2026-06.md + - release-notes/cloud/cloud-2026-06.md - release-notes/cloud/cloud-2026-05.md - release-notes/cloud/cloud-2026-04.md - release-notes/cloud/cloud-2026-03.md From 00502eb4c8bef9a03ad0265a8f37086af05b6862 Mon Sep 17 00:00:00 2001 From: DMarinhoCodacy Date: Mon, 6 Jul 2026 17:36:38 +0100 Subject: [PATCH 3/5] fix small issues --- mkdocs.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mkdocs.yml b/mkdocs.yml index 90be45210f..9ef300a7e9 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -692,7 +692,7 @@ nav: - release-notes/index.md - Cloud: - 2026: - - release-notes/cloud/cloud-2026-06.md + - release-notes/cloud/cloud-2026-06.md - release-notes/cloud/cloud-2026-05.md - release-notes/cloud/cloud-2026-04.md - release-notes/cloud/cloud-2026-03.md From e337bb88dac6237c4f854a49fc947e40e88c602c Mon Sep 17 00:00:00 2001 From: DMarinhoCodacy Date: Tue, 7 Jul 2026 10:08:38 +0100 Subject: [PATCH 4/5] add ticket ids to rn --- docs/release-notes/cloud/cloud-2026-06.md | 39 ++++++++++------------- 1 file changed, 16 insertions(+), 23 deletions(-) diff --git a/docs/release-notes/cloud/cloud-2026-06.md b/docs/release-notes/cloud/cloud-2026-06.md index 8d31fc592f..c09364f2b3 100644 --- a/docs/release-notes/cloud/cloud-2026-06.md +++ b/docs/release-notes/cloud/cloud-2026-06.md @@ -13,29 +13,22 @@ These release notes are for the Codacy Cloud updates during June 2026. 📢 [Visit the Codacy roadmap](https://roadmap.codacy.com) and let us know your feedback on both new and planned product updates! -## Features - -- **Dependency import chain visibility:** Vulnerable dependency findings now show the full import chain, making it easier to understand how a vulnerable package enters a project and where to act. - -- **Clearer CI/CD setup guidance for container scanning:** We improved the visibility of the CI/CD setup option in container scanning so teams can more easily find and complete the setup flow. - -- **Better SRM timeout messaging:** Timeout messages in SRM are now clearer and more actionable, helping users understand what happened and what to do next. - -- **Proxy support in Guardrails:** Guardrails now supports proxy configurations across VS Code, MCP, and CLI v2 environments. - -## Improvements - -- **Org dashboard settings fix:** Fixed an issue where some account settings on the organizations dashboard would not open on the first attempt. - -- **Coverage report stability fix:** Fixed a bug that could cause the coverage organization report to show a blank page when filtering by file coverage metrics. - -- **False positive reduction for dependency syntax:** Fixed incorrect handling of `^` dependency syntax so it is no longer treated as a false positive in vulnerable dependency analysis. - -- **Findings page timeout fix:** Fixed timeouts affecting the findings page for large accounts, improving reliability for affected users. - -- **Jira ticket creation fix:** Fixed an issue where creating Jira tickets could fail when the summary field was too large. - -- **Container scanning ignore flow fix:** Fixed an internal server error that could occur when ignoring a container scanning security issue. +### Features +- **Improved SRM timeout messages (OD-136):** We improved the timeout messages shown in SRM so it’s clearer when scans take too long and what users should expect next. +- **Better visibility for CI/CD setup in container scanning (OD-124):** We made the CI/CD setup option more prominent in container scanning so teams can find and enable it more easily. +- **Import chain visibility for vulnerable dependencies (OD-105):** We added clearer dependency chain visibility so users can better understand how vulnerable dependencies are introduced into their projects. +- **Proxy support for Guardrails (OD-87):** Guardrails now supports proxy configurations, making it easier to use in restricted network environments. + +### Improvements +- **Account settings now open reliably from the organizations dashboard (OD-125):** Fixed an issue where some account settings would fail to open on the first try. +- **Dependency syntax false positives reduced (OD-90):** Fixed cases where `^` dependency syntax could be incorrectly flagged as a false positive. +- **Coverage report filtering no longer breaks the page (OD-161):** Fixed a bug where filtering the coverage organization report by file coverage metrics could lead to a blank page. +- **Findings page timeout fixes for large accounts (OD-106):** Fixed timeout issues affecting findings pages for larger accounts. +- **Jira ticket creation with large summaries now works correctly (OD-59):** Fixed a bug that could prevent Jira tickets from being created when the summary was too large. +- **Organization integrations now reflect their real enabled state (OD-82):** Fixed a mismatch where integrations could appear disabled in the UI despite being enabled. +- **Dependency chain text overlap fixed (OD-105):** Fixed a UI issue where dependency chain text could overlap and become hard to read. +- **Ignoring container scanning issues no longer triggers server errors (OD-96):** Fixed an internal server error that could happen when ignoring a container scanning security issue. +- **Invite People modal layout improved (OD-33):** Fixed a layout issue by widening the Invite People modal for a better experience. ## Tool versions From c2178a23c5c47c2d5ec53ee932ca2d16b256b7e4 Mon Sep 17 00:00:00 2001 From: DMarinhoCodacy Date: Tue, 7 Jul 2026 15:42:26 +0100 Subject: [PATCH 5/5] re-order some notes --- docs/release-notes/cloud/cloud-2026-06.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/release-notes/cloud/cloud-2026-06.md b/docs/release-notes/cloud/cloud-2026-06.md index c09364f2b3..d95d9ed56c 100644 --- a/docs/release-notes/cloud/cloud-2026-06.md +++ b/docs/release-notes/cloud/cloud-2026-06.md @@ -14,12 +14,12 @@ These release notes are for the Codacy Cloud updates during June 2026. 📢 [Visit the Codacy roadmap](https://roadmap.codacy.com) and let us know your feedback on both new and planned product updates! ### Features -- **Improved SRM timeout messages (OD-136):** We improved the timeout messages shown in SRM so it’s clearer when scans take too long and what users should expect next. -- **Better visibility for CI/CD setup in container scanning (OD-124):** We made the CI/CD setup option more prominent in container scanning so teams can find and enable it more easily. - **Import chain visibility for vulnerable dependencies (OD-105):** We added clearer dependency chain visibility so users can better understand how vulnerable dependencies are introduced into their projects. +- **Better visibility for CI/CD setup in container scanning (OD-124):** We made the CI/CD setup option more prominent in container scanning so teams can find and enable it more easily. - **Proxy support for Guardrails (OD-87):** Guardrails now supports proxy configurations, making it easier to use in restricted network environments. ### Improvements +- **Improved SRM timeout messages (OD-136):** We improved the timeout messages shown in SRM so it’s clearer when scans take too long and what users should expect next. - **Account settings now open reliably from the organizations dashboard (OD-125):** Fixed an issue where some account settings would fail to open on the first try. - **Dependency syntax false positives reduced (OD-90):** Fixed cases where `^` dependency syntax could be incorrectly flagged as a false positive. - **Coverage report filtering no longer breaks the page (OD-161):** Fixed a bug where filtering the coverage organization report by file coverage metrics could lead to a blank page.