Skip to end of metadata
Go to start of metadata

Table of Contents

Large Instance Warning

By default, a SonarQube instance is able to handle about 50 million issues if you are running SonarQube on a machine having at least 4 cores.

Migration notes

Scanners don't access the database

This is the biggest change of this new version: scanners (e.g. Sonar Runner) no longer access the database, they only use web services to communicate with the server. In practice, this means that the JDBC connection properties can now be removed from analysis CI jobs:

  • sonar.jdbc.url
  • sonar.jdbc.username
  • sonar.jdbc.password

This increases security (those properties need to be set only in the SonarQube server configuration file), performance (you no longer have several DB queries running simultaneously from multiple remote jobs) and ease of installation (no need to set those properties everywhere, no need to configure firewalls, ...).

Incompatible plugins must be removed

Because of the big architecture change of this new version (see previous point), some plugins are not compatible with SonarQube 5.2. Publicly-available plugins that are not compatible have been marked as such in the Update Center, but in-house plugins should be checked. Typically, plugins that do the following will need to be removed from your installation:

  • Aggregation of raw metrics into higher metrics (implemented with a Decorator class)
  • Computation of measures that require access to the history of the project
  • Code that tries to access the database for whatever reason

If you developed in-house plugins, you should check this before starting a migration to 5.2.

Further, select SonarSource plugins are not compatible with 5.2:

  • Report
  • Developer Cockpit

These plugins will return to compatibility with 5.3.

Change of JDBC connection URL when using Microsoft SQL server

SonarQube is now shipped with the official Microsoft JDBC driver instead of the jTDS driver, which is no longer supported. As a side effect, the JDBC connection URL must be updated in your server's conf/ file. For more details, see the "Microsoft SQL Server" section of Installing the Server.

Multi-version migrations can no longer skip over LTS versions

It is possible to upgrade from version 1.x directly to, say 4.2, skipping over several LTS versions and getting all their updates in one operation. Starting from SonarQube 5.2, the migration scripts only contain changes since the most recent LTS prior to that version. This means that if you want to upgrade from SonarQube 4.2  to 5.2 for instance, you must first to upgrade to SonarQube 4.5.x LTS and then upgrade to 5.2. Learn more on the "Upgrading" page.

Clean up of the SQALE model 

If you're not using the SQALE plugin, all rules will automatically revert to their initial SQALE model definitions after the migration. This could impact the technical debt of your projects once a new analysis has been run.

For more details, see  SONAR-6547 - Getting issue details... STATUS


  • Cross-project duplication is not available in 5.2, but it will be back in 5.3. See  SONAR-6323 - Getting issue details... STATUS
  • If you're using Microsoft SQL server:
    • 'Windows Authentication Mode' is now supported. See the "Microsoft SQL Server" section of Installing the Server.
    • Microsoft SQL server 2014 is now officially supported.
    • Using Microsoft SQL Azure for the storage is supported too.
  • All design-related services are dropped. See the related JIRA ticket to know more about this:  SONAR-6553 - Getting issue details... STATUS
  • sonar.(include|exclude)Plugins has been removed. See  SONAR-6517 - Getting issue details... STATUS
  • The "incremental" analysis mode has been dropped, see  SONAR-6761 - Getting issue details... STATUS
  • Many deprecated APIs have been removed, see  SONAR-123 - Getting issue details... STATUS  and  SONAR-6746 - Getting issue details... STATUS
  • Gravitars are now on by default, but can be disabled if connection to this remote site is undesirable or disallowed.
  • Sonar runner versions older than 2.3 are no longer supported.
  • The sonar.qualitygate analysis property is no longer supported; quality gates must be configured at the server.
  • Technical Debt Ratio is now computed using the "Lines of Code" metric only. As a consequence, if "Complexity" was configured as the "size metric", this will impact new analyses. See SONAR-6859 - Getting issue details... STATUS .
  • The sonar.preventAutoProjectCreation property has been removed, and replaced by the use of the "provisioning" permission, see  SONAR-6861 - Getting issue details... STATUS .
  • No labels