Menu +

Search Posts

What is SonarQube?

SonarQube (formerly Sonar) is an open-source platform developed by SonarSource for continuous inspection of code quality to perform automatic reviews with static analysis of code to detect bugscode smells, and security vulnerabilities on 20+ programming languages. SonarQube offers reports on duplicated codecoding standardsunit testscode coveragecode complexitycomments, bugs, and security vulnerabilities.[

SonarQube can record metrics history and provides evolution graphs. SonarQube provides fully automated analysis and integration with MavenAntGradleMSBuild and continuous integration tools (Atlassian BambooJenkinsHudson, etc.).

SonarQube includes support for the programming languages Java (including Android)C#PHPJavaScriptTypeScriptC/C++RubyKotlinGoCOBOLPL/SQLPL/IABAPVB.NETVB6PythonRPGFlexObjective-CSwiftCSSHTML, and XML. Some of these are only available via a commercial license.

SonarQube is available for free under the GNU Lesser General Public License. An enterprise version for paid licensing also exists, as well as a data center edition that supports high availability.

SonarQube integrates with EclipseVisual Studio, and IntelliJ IDEA development environments through the SonarLint plug-ins, and also integrates with external tools like LDAPActive DirectoryGitHub, and others. SonarQube is expandable with the use of plug-ins.

Leave a Reply

Your email address will not be published. Required fields are marked *