New in version 2025.1
Version 2025.1 of Qodana contains several updates.
Kotlin K2 Mode
The Kotlin K2 mode is by default enabled for the Qodana for JVM and Qodana Community for JVM linters. This update aligns with JetBrains’ move towards K2 in IntelliJ IDEA 2025.1 and offers improved performance and stability, along with new Kotlin 2.1 feature support.
Potential issues to be aware of:
Third-party plugins might not support K2 yet
Some inspections are still not implemented, see the details.
To revert the K2 mode, in your linter configuration set the idea.kotlin.plugin.use.k2 property to false.
Improved Incorrect Formatting inspection
The IncorrectFormatting inspection consolidates multiple formatting errors contained in a file into a single problem instead of listing every issue separately. Now, a single problem per file is displayed with example snippets to help you fix issues faster.
This feature is available for all linters except Qodana for C/C++, Qodana Community for C/C++, and Qodana Community for .NET.
To start using it, enable the IncorrectFormatting inspection in your Qodana inspection profile configuration, for example:
New Qodana for C/C++ linter
Starting from version 2025.1 of Qodana, you can analyze your C and C++ projects using two Qodana linters.
The new Qodana for C/C++ linter supports all Clang-Tidy inspections supported by Qodana Community for C/C++, as well as MISRA and dataflow analysis-based inspections.
The existing Qodana Community for C/C++ linter supports only Clang-Tidy inspections.
The details are available on the C / C++ page of the documentation.
Visual Studio integration
Using Qodana plugin for Visual Studio, you can explore Qodana reports and connect to Qodana Cloud, see the Visual Studio section for details.
OWASP Top 10
Qodana now provides predefined taint rules for A01, A03, A07, A08, A10 categories of OWASP Top 10:2021 vulnerabilities. These rules significantly enhance security issue detection by minimizing user effort while ensuring broad security coverage, and provide:
Automatic detection for common security flaws
700+ new configuration entries covering common frameworks and libraries
The ability to customize taint rules using KTS files to define sources and sinks
For details, see the Taint analysis section.
Native mode support
As of version 2025.1, Qodana provides the native mode for the following linters:
Enhanced GitLab CI/CD and Azure Pipelines integration
Starting from 2025.1, Qodana provides the Qodana Scan GitLab Pipeline component for analyzing code using GitLab CI/CD, which means that you can use a native solution instead of Docker images. Besides that, the component supports quick-fixes and analysis of merge requests. The details are available on the GitLab CI/CD page of the documentation.
The Qodana Azure Pipelines extension also supports quick-fixes, see the Azure Pipelines page for details.