Skip to content

Cloud May 2026#

These release notes are for the Codacy Cloud updates during May 2026.

📢 Visit the Codacy roadmap and let us know your feedback on both new and planned product updates!

Product enhancements#

  • Draft PR AI Review Control: The PR reviewer no longer runs automatically for draft PRs. Please trigger it manually using the button on the summary if you want a review. (CF-2354)

  • Deprecation of AI Suggestions: Deprecated AI suggestions in GitHub; please use our PR reviewer instead. (CF-2293)

  • AI Inventory Access Update: AI Inventory is now only available to Business Tier accounts. (LK-2130)

  • YAML Support for Environment Files: Codacy now supports .env, .env.production, .env.prod, and .env.staging files for the YAML language. All tools running for YAML will be able to scan these files as well. (TCE-1315)

  • Improved Opengrep Secrets Detection: We improved the rule "hardcoded-passwords" in Opengrep to cover better use cases using keywords like (api|secret|private|access|aws|ssh|auth|session|encryption|decryption|gcp)-key or password|motdepasse|heslo|adgangskode|wachtwoord|salasana|passwort|passord|senha|geslo|clave|losenord|parola|secret|pwd. (TCE-1496)

  • ESLint v8 Vue Parsing Fix: We fixed the parsing issues with .vue files in ESLint v8. (TCE-1429)

  • Lizard Parameter Count Fix: We found an issue with the count of parameters within a method in TypeScript files using Lizard. The latest version fixed that issue, and now it's counting correctly. (TCE-1519)

  • Fix for Empty Commit Detection: Fixed a bug where the AI reviewer would report that a commit is empty, or that certain files did not appear to be altered within the commit (e.g., .txt files). (CF-2449)

  • Improved AI Reviewer Accuracy: Resolved an issue where the AI reviewer incorrectly flagged updated dependencies or API versions as unrecognized. (CF-2448)

  • Refactored Jira Prompts: Fixed a bug where the AI reviewer would ask for a Jira ticket, even though the users were not using Jira. (CF-2440)

Tool versions#

  • Eslint v9 has a new version: 9.39.4 ( updated from 9.38.0 )
  • Lizard has a new version: 1.22.2 ( updated from 1.17.31 )
  • Opengrep has a new version: 1.21.0 ( updated from 1.17.0 )
  • AgentLinter: 0.3.3
  • Aligncheck: 1.0.0
  • Ameba: 1.6.4
  • Bandit: 1.8.3
  • Biomejs: 2.4.7
  • Brakeman: 4.3.1
  • Bundler-audit: 0.9.1
  • Checkov: 3.2.508
  • Checkstyle: 10.26.1
  • Clang-tidy: 10.0.1
  • Codenarc: 3.6.0
  • Codesniffer: 3.10.1
  • Coffeelint: 5.2.11
  • Cppcheck: 2.18.0
  • Credo: 1.7.12
  • Csslint: 1.0.5
  • Dartanalyzer: 3.9.3
  • Deadcode: 1.0.0
  • Detekt: 1.23.8
  • Eslint v8: 8.57.0
  • Eslint v7: 7.32.0
  • Faux-pas: 1.7.2
  • Flawfinder: 2.0.19
  • Golangci-lint: 2.7.2
  • Gorevive: 1.12.0
  • Gosec: 2.22.7
  • Hadolint: 2.12.0
  • Jackson-linter: 2.19.2
  • Jshint: 2.13.6
  • Markdownlint: 0.33.0
  • Phpmd: 2.14.1
  • Pmd v6: 6.55.0
  • Pmd v7: 7.16.0
  • Prospector: 1.18.0
  • Psscriptanalyzer: 1.24.0
  • Pylint v1: 1.9.5
  • Pylint: 4.0.5
  • Reek: 6.5.0
  • Remark-lint: 10.0.1
  • Roslyn: 1.23.0
  • Rubocop: 1.80.2
  • Ruff: 0.12.7
  • Scalameta-pro: 1.4.4
  • Scalastyle: 1.5.1
  • Shellcheck: 0.10.0
  • Sonar-csharp: 9.32
  • Sonar-visual-basic: 8.13
  • Spectral: 1.22.0
  • Spotbugs: 4.8.4
  • Sqlfluff: 4.1.0
  • Sqlint: 0.2.1
  • Staticcheck: 2025.1.1
  • Stylelint: 16.23.0
  • Swiftlint: 0.63.2
  • Tailor: 0.12.0
  • Trivy: 0.70.0
  • Tslint: 6.1.3
  • Tsqllint: 1.16.0

Was this page helpful?

Your feedback helps us improve the documentation.