Auto-detection of SVN during analysis will happen if there is a `.svn` folder somewhere in the parent hierarchy of the project root. Otherwise you can force the provider using `-Dsonar.scm.provider=svn` on the analysis command line.
+### Authentication
+In order to get blame information on your code you will need to supply authentication data to the scanner. You can do it by passing following parameters to it when starting an analysis:
+
+| Parameter Name | Description |
+| --------------------- | ---------------------------------- |
+| `sonar.svn.username` | Username to be used for SVN server or SVN+SSH authentication |
+| `sonar.svn.password.secured` | Password to be used for SVN server or SVN+SSH authentication |
+| `sonar.svn.privateKeyPath` | Path to private key file. Can be used instead of password for SVN+SSH authentication |
+| `sonar.svn.passphrase.secured` | Optional passphrase of your private key file |
+
### Known issues
If you get errors like:
```
[[info]]
-| Values of the properties suffixed with `.secured` are not available to non-authorized users (anonymous and users without project or global administration rights). `.secured` is needed for passwords, for instance.
+| Values of the properties suffixed with `.secured` are not available to be read by any users. `.secured` is needed for passwords, for instance.
The annotation [`@org.sonar.api.Property`](http://javadocs.sonarsource.org/latest/apidocs/index.html?org/sonar/api/Property.html) can also be used on an extension to declare a property, but org.sonar.api.config.PropertyDefinition is preferred.
```
* **Administer System**: All administration functions for the instance: global configuration.
* **Administer Quality Profiles**: Any action on Quality Profiles.
* **Administer Quality Gates**: Any action on quality gates
-* **Execute Analysis**: Access to all settings required to perform analysis and the ability to push analysis results to the SonarQube server. This includes private project settings and secured settings like passwords.
+* **Execute Analysis**: Access to all settings required to perform analysis and the ability to push analysis results to the SonarQube server. This includes private project settings but excludes secured settings like passwords.
* **Create Projects**: Initialize the structure of a new project before its first analysis. This permission is also required when doing the very first analysis of a project that has not already been created via the GUI. * **
* **Create Applications**: Create a new Application. * **
* **Create Portfolios**: Create a new Portfolio. * **
* **Administer Security Hotspots**: Change the status of a Security Hotspot.
* **Administer**: Access project settings and perform administration tasks (users also need "Browse" permission).
By default, a user with this **Administer** permission can manage both configuration and permissions for the current project. To only allow project administrators to update the project configuration, go to **[Administration > Configuration > General Settings > Security](/#sonarqube-admin#/admin/settings?category=security)** and disable the **Enable permission management for project administrators** property.
-* **Execute Analysis**: Access to all settings required to perform analysis and the ability to push analysis results to the SonarQube server. This includes private project settings and secured settings like passwords
+* **Execute Analysis**: Access to all settings required to perform analysis and the ability to push analysis results to the SonarQube server. This includes private project settings but excludes secured settings like passwords.
Private projects have two additional permissions:
* **Browse**: Access a project; browse its measures, issues, and Security Hotspots; perform some issue edits (confirm/resolve/reopen, assignment, comment); comment on or change the user assigned to a Security Hotspot.
---
## Release 9.1 Upgrade Notes
-**Custom measures feature has been dropped**
+**Secured settings no longer available in web services and on the scanner side**
+This change especially affects the analysis of SVN projects but also, possibly, the use of some 3rd-party plugins. Secured settings required to perform the analysis now need to be passed to the scanner as parameters. ([MMF-2407](https://jira.sonarsource.com/browse/MMF-2407)).
+
+**Custom measures feature has been dropped**
The custom measures feature, which was previously deprecated, has been removed. ([SONAR-10762](https://jira.sonarsource.com/browse/SONAR-10762)).
-**Deprecated WebAPI endpoints and parameters removal**
+**Deprecated WebAPI endpoints and parameters removed**
The WebAPI endpoints and parameters deprecated during the 7.X release cycle have been removed. For a complete list of removed endpoints and parameters see [SONAR-15313](https://jira.sonarsource.com/browse/SONAR-15313).
## Release 9.0 Upgrade Notes
projects / sonarqube.git / commitdiff