Improved User Settings
We've redesigned and improved the user settings for your DeepSource account. This will make it easier for you to configure all your account and workspace settings from your dashboard.
- Account Preferences: You can now easily add an avatar to your account, change or edit your display name, see your login connections with DeepSource, and add a new connection if required.
- Workspaces: We've added a new workspaces tab in your user settings where you can see a list of all the team and personal workspaces you are a part of. You can navigate to those workspaces from here. We've also added a search so you can filter through the list quickly.
Manually sync a single repository from GitHub
If your organization has a large number of repositories (tens of thousands), sometimes there's a delay in syncing some of them since we don't want to trip the API rate limits of the VCS. This might cause the repository you're looking for not to show up when you're trying to activate DeepSource on it.
We've added an option to sync repositories one at a time from the repository search interface when activating a new repository, so you don't have to wait for DeepSource to retry by itself.
Improved manual sync of access settings for GitHub
You can now choose whether or not you want the access settings that have been changed manually on DeepSource to be overridden when performing a manual sync. This will help remove any confusion caused by DeepSource automatically overriding these changes in the past. We also show an overview of all the changes the sync will override to help you make the decision.
New in Analyzers
- We've added five new SAST checks in the JavaScript Analyzer:
- JS-S1015: Detects insecure web preferences passed to Electron.
- JS-S1016: Detects array index that is possibly out of bounds.
- JS-A1005: Detects unsanitized inputs that are passed to templating engines.
- JS-A1006: Detects server-side errors that may be exposed to the client side.
- JS-A1007: Detects unsanitized inputs used with openExternal method of the Electron's shell module.
- We've added Autofix™️ support for the following Rust checks: RS-W1001, RS-W1046, RS-W1062, RS-W1074, RS-W1080, RS-W1095
Fixes and Improvements
- We've improved JS-D007, an issue that flags Bad usage of RegExp#exec and String#match. We will now cover calls to RegExp function with the previously supported RegEx literals.
- We've improved JS-0002, an issue that flags using console in code that runs on the browser. We will now avoid flagging console.error, console.assert, console.table, and console.warn statements since they are most likely to be used intentionally.
- We've fixed three false positives in this release:
- JS-0455: We've fixed an issue where sx was being incorrectly flagged as an unknown property in projects that used the ThemeUI library.
- JS-0105: We've fixed an issue where we were incorrectly flagging class methods that did not use this in NestJS projects to accommodate cases of dependency injection.
- JS-D007: We've fixed an issue where we incorrectly flagged regex matches even when they were being put to use. We should not recommend using Regex#test when the regex matches are used elsewhere.