Skip to content

Cloud May 2026#

These release notes are for the Codacy Cloud updates during May 2026.

📢 Visit the Codacy roadmap and let us know your feedback on both new and planned product updates!

Product enhancements#

  • Draft PR AI Review Control: The PR reviewer no longer runs automatically for draft PRs. Please trigger it manually using the button on the summary if you want a review. (CF-2354)

  • Deprecation of AI Suggestions: Deprecated AI suggestions in GitHub; please use our PR reviewer instead. (CF-2293)

  • AI Inventory Access Update: AI Inventory is now only available to Business Tier accounts. (LK-2130)

  • YAML Support for Environment Files: Codacy now supports .env, .env.production, .env.prod, and .env.staging files for the YAML language. All tools running for YAML will be able to scan these files as well. (TCE-1315)

  • Improved Opengrep Secrets Detection: We improved the rule "hardcoded-passwords" in Opengrep to cover better use cases using keywords like (api|secret|private|access|aws|ssh|auth|session|encryption|decryption|gcp)-key or password|motdepasse|heslo|adgangskode|wachtwoord|salasana|passwort|passord|senha|geslo|clave|losenord|parola|secret|pwd. (TCE-1496)

  • ESLint v8 Vue Parsing Fix: We fixed the parsing issues with .vue files in ESLint v8. (TCE-1429)

  • Lizard Parameter Count Fix: We found an issue with the count of parameters within a method in TypeScript files using Lizard. The latest version fixed that issue, and now it's counting correctly. (TCE-1519)

  • Fix for Empty Commit Detection: Fixed a bug where the AI reviewer would report that a commit is empty, or that certain files did not appear to be altered within the commit (e.g., .txt files). (CF-2449)

  • Improved AI Reviewer Accuracy: Resolved an issue where the AI reviewer incorrectly flagged updated dependencies or API versions as unrecognized. (CF-2448)

  • Refactored Jira Prompts: Fixed a bug where the AI reviewer would ask for a Jira ticket, even though the users were not using Jira. (CF-2440)

Tool versions#

  • Eslint v9 has a new version: 9.39.4 ( updated from 9.38.0 )
  • Lizard has a new version: 1.22.2 ( updated from 1.17.31 )
  • Opengrep has a new version: 1.21.0 ( updated from 1.17.0 )
  • AgentLinter: 0.3.3
  • Aligncheck: 1.0.0
  • Ameba: 1.6.4
  • Bandit: 1.8.3
  • Biomejs: 2.4.7
  • Brakeman: 4.3.1
  • Bundler-audit: 0.9.1
  • Checkov: 3.2.508
  • Checkstyle: 10.26.1
  • Clang-tidy: 10.0.1
  • Codenarc: 3.6.0
  • Codesniffer: 3.10.1
  • Coffeelint: 5.2.11
  • Cppcheck: 2.18.0
  • Credo: 1.7.12
  • Csslint: 1.0.5
  • Dartanalyzer: 3.9.3
  • Deadcode: 1.0.0
  • Detekt: 1.23.8
  • Eslint v8: 8.57.0
  • Eslint v7: 7.32.0
  • Faux-pas: 1.7.2
  • Flawfinder: 2.0.19
  • Golangci-lint: 2.7.2
  • Gorevive: 1.12.0
  • Gosec: 2.22.7
  • Hadolint: 2.12.0
  • Jackson-linter: 2.19.2
  • Jshint: 2.13.6
  • Markdownlint: 0.33.0
  • Phpmd: 2.14.1
  • Pmd v6: 6.55.0
  • Pmd v7: 7.16.0
  • Prospector: 1.18.0
  • Psscriptanalyzer: 1.24.0
  • Pylint v1: 1.9.5
  • Pylint: 4.0.5
  • Reek: 6.5.0
  • Remark-lint: 10.0.1
  • Roslyn: 1.23.0
  • Rubocop: 1.80.2
  • Ruff: 0.12.7
  • Scalameta-pro: 1.4.4
  • Scalastyle: 1.5.1
  • Shellcheck: 0.10.0
  • Sonar-csharp: 9.32
  • Sonar-visual-basic: 8.13
  • Spectral: 1.22.0
  • Spotbugs: 4.8.4
  • Sqlfluff: 4.1.0
  • Sqlint: 0.2.1
  • Staticcheck: 2025.1.1
  • Stylelint: 16.23.0
  • Swiftlint: 0.63.2
  • Tailor: 0.12.0
  • Trivy: 0.70.0
  • Tslint: 6.1.3
  • Tsqllint: 1.16.0

Share your feedback 📢

Did this page help you?

Thanks for the feedback! Is there anything else you'd like to tell us about this page?

We're sorry to hear that. Please let us know what we can improve:

Alternatively, you can create a more detailed issue on our GitHub repository.

Thanks for helping improve the Codacy documentation.

Edit this page on GitHub if you notice something wrong or missing.

If you have a question or need help please contact support@codacy.com.

Last modified June 11, 2026