Composite Test Coverage Metric
If you’ve been tracking code coverage primarily through Line Coverage and Branch Coverage metrics, the all-new Composite Coverage metric provides a higher-order way of measuring how effective your test suite is. This metric is aggregated over line and condition or branch coverage metrics and is calculated as such:
We use branch coverage to calculate the metric if condition coverage is unavailable. If only line coverage is available, then line coverage would be identical to composite coverage. As with all other metrics, you can add a threshold. To view this for a repository, you can go to Metrics → Composite Coverage in the repository view. Please note that code coverage should be tracked on DeepSource for this metric to be visible.
You can now share reports externally using a public link and share them with people within or outside your team who might not have access to your DeepSource account but will find value in these reports. You can create these reports at the repository or team levels for all or selected repositories. You can also choose to password-protect a public report.
To create these reports at both repository or team-level view, you can go to the Reports tab → Public Reports → Create a report or click on the share button in any report in the reports tab.
New in Analyzers
- PHP: We have fixed a false negative for PHP-A1002. The Analyzer can now detect checks where unsanitized external data is incorporated into an SQL query and used (passed to a vulnerable function or returned) without any escaping.
New in Enterprise Server
- Breaking change: To help you optimize resource utilization within the Kubernetes cluster, we’ve added a new kube-janitor service to clean up old jobs in the atlas-jobs namespace. Since there would already be many analysis jobs piled up in the cluster, cleaning them up is essential before upgrading. Read more about upgrading in the docs.
- Jira Integration: You can now create new issues on Jira Cloud directly from DeepSource. Read more about it in the docs.
- Slack Integration: You can now connect your Slack workspace with DeepSource and receive updates on important events directly on the channel. Read more about it in the docs.
- Bugfix: Some users running older versions of PostgreSQL reported that some database migrations were failing. We have resolved this now by adding backward compatibility for those versions.
Fixes and Improvements
- API: The Repository object now includes the deepsource.toml config file as a JSON object. Read more about it in the docs.
- To make the response for reporting artifacts for test coverage more verbose, we now display the repository name and commit SHA in the CLI.
- Some analysis runs were not being correctly linked to the respective pull-request object in the Repository → History page. This has now been fixed.
- The history page now shows the correct open pull-request count.
- The aggregate value for coverage reports was not shown correctly for some users. This has been fixed.