Improved role-based access sync from GitHub

Managing repository permissions and access settings for users on your GitHub and DeepSource organizations separately can be tedious as your team grows. We've made several improvements to how we sync permissions from GitHub to simplify this and eliminate manual effort.

• Repository-level permissions: Repository permissions to users inherited from a team on GitHub are now correctly synced on DeepSource. Previously, only direct repository collaborator roles were synced, leading to an inconsistency in the repositories that a user could see on GitHub and DeepSource. Read more in our docs.
• Base permissions: To help you bring parity with base permissions on GitHub, we've added a new No Permission option to Member Base Permissions in your team's access control settings. Selecting this will allow members read-only access to public repositories by default. They will not have any permissions on private repositories unless some level of permission is inherited from a GitHub team or through being added as a direct repository collaborator. Read more in our docs.
• Default Base Permission: When you connect a new GitHub organization, we will automatically sync the organization's base permission from GitHub to DeepSource. Previously, this setting defaulted to "Maintain" on DeepSource.

Please note that automatic sync of access on repositories can affect your occupied seat count on DeepSource. For instance, if a user has a Contributor role on DeepSource but a Member or Admin role on GitHub, their role will be upgraded, and they'll now occupy a paid seat on DeepSource. To help you keep track of this, the source of a member's addition to the organization or a repository is now shown in the list of members in Organization → Settings → My team and Repository → Settings → Repository members.

New in Analyzers

• We've added 41 new checks across our Analyzers:
• Java: JAVA-E1085, JAVA-E1083, JAVA-E1084
• JavaScript: JS-A1000, JS-A1001, JS-A1004, JS-A1002, JS-A1003
• Go: GO-E1008, GO-E1009, GO-W1030, GO-W1028, GO-W1031, GO-W1032
• Terraform: TF-S1031, TF-S1032, TF-S1033, TF-S1034, TF-S1035, TF-S1036, TF-S1037, TF-S1038, TF-S1039, TF-S1040, TF-S2027, TF-S2028, TF-S2029, TF-S2030
• C and C++: CXX-P2000, CXX-P2001, CXX-P2003
• Rust: RS-E1022, RS-E1023, RS-W1078, RS-S1009, RS-S1014, RS-S1015
• Scala: SC-D1000, SC-W1077, SC-W1078, SC-W1079
• We've added Autofix™️ support for four checks:
• Go: GO-W1031, GO-W1032, GO-R1004
• Rust: RS-E1012

New in Enterprise Server

• RabbitMQ High Availability: As a first step towards ensuring high availability of DeepSource Enterprise Server, DeepSource now runs RabbitMQ in HA on standalone installations.
• Export logs to SIEM tools: You can now export your DeepSource Enterprise Server logs to the SIEM tool of your choice. Read more in our docs.

Fixes and Improvements

• We've fixed an issue where the test coverage Analyzer was timing out due to a parsing issue in some test coverage report formats.
• Added the ability to regenerate the DSN for a repository from the dashboard and the API. In light of the recent CircleCI breach, we strongly recommend that all users using CircleCI for their repositories rotate their DSNs on DeepSource. You can read more about it here.
• Setting the enabled attribute as true is now optional in the .deepsource.toml configuration file and will be true by default. If you want to disable an Analyzer, you can comment out that Analyzer entry, or add enabled = false manually in your deepsource.toml file.
• The Scala Analyzer now automatically detects the correct Scala version even if the version meta field in the .deepsource.toml is not specified. If you've already set this field value, we recommend you remove it and let the Analyzer handle it appropriately.
• Our reports now include legends in the charts to help you quickly understand the data.
• On the run history page, the checkbox to Autofix™️ was behaving incorrectly. This has been fixed.
• We've fixed an issue where the Python Analyzer was not raising flake8-compatible issues for some Python 2.7 repositories.
• We've disabled obsolete issues in the JavaScript Analyzer that enforced coding styles: JS-0229, JS-0083, JS-0113.
• We've updated the issue description for JS-0002 with instructions to prevent code that runs in the NodeJS environment from being flagged.
• We now automatically exclude auto-generated and designer files from the C# Analyzer analysis. Ideally, directories such as bin and obj should be excluded when the code is committed. However, if they were added in the commits, we were incorrectly running an analysis on them.
• The maximum JSX nesting depth for JS-0415 has been increased from 2 to 3, as 2 was a bit too restrictive.
• We've improved JS-D008, an issue that flags incorrect use of Array.prototype methods. We now cover more methods and have an improved issue description to explain possible fixes.
• The Python Analyzer was raising both FLK-E501 (Line too long) and FLK-W505 (Doc line too long) on long extraneously long docstrings. Since this was noisy, we now raise FLK-W505 only in those instances.