SonarQube (formerly Sonar)[3] is an open-source platform developed by SonarSource for continuous inspection of code quality to perform automatic reviews with static analysis of code to detect bugs and code smells on 29 programming languages. SonarQube offers reports on duplicated code, coding standards, unit tests, code coverage, code complexity, comments, bugs, and security recommendations.[4][5]

SonarQube
Developer(s)SonarSource
Initial release2006–2007[1]
Stable release
10.6 / June 25, 2024; 6 months ago (2024-06-25)[2]
Repository
Written inJava
Operating systemCross-platform
TypeStatic program analysis
LicenseGNU Lesser General Public License
Websitesonarqube.org

SonarQube provides automated analysis and integration with Maven, Ant, Gradle, MSBuild, and continuous integration tools.[6][7][8]

Overview

edit

SonarQube supports the programming languages: Java (including Android), C#, C, C++, JavaScript, TypeScript, Python, Go, Swift, COBOL, Apex, PHP, Kotlin, Ruby, Scala, HTML, CSS, ABAP, Flex, Objective-C, PL/I, PL/SQL, RPG, T-SQL, VB.NET, VB6, and XML.[9] As of December 2021, analyzing C, C++, Objective-C, Swift, ABAP, T-SQL, and PL/SQL is only available via a commercial license.

SonarQube is an open core product for static code analysis, with additional features offered in commercial editions.

SonarQube for IDE

edit

SonarQube is expandable with the use of plug-ins. It integrates with Eclipse, Visual Studio, Visual Studio Code, and IntelliJ IDEA development environments through SonarQube for IDE[10] plug-ins, as well as external tools such as LDAP, Active Directory, and GitHub.[11][12]

Reception

edit

In 2009, SonarQube received a Jolt Award under the testing tools category.[13][14]

See also

edit

References

edit
  1. ^ "History | SonarSource". www.sonarsource.com.
  2. ^ "What's New in latest releases | SonarQube". www.sonarqube.org.
  3. ^ Freddy Mallet (20 March 2013). "SONAR is becoming SONARQUBE". SonarQube project mailing list. Archived from the original on 24 July 2013. Retrieved 3 July 2013.
  4. ^ "Sonar" (PDF). Methods and Tools. Vol. 18, no. 1. 2010-03-01. pp. 40–46. ISSN 1661-402X. Retrieved 2017-08-29.
  5. ^ Campell/Papapetrou, Ann/Patroklos (2013). Sonar (SonarQube) in action. Greenwich, Connecticut, USA: Manning Publications. p. 350. ISBN 978-1617290954.
  6. ^ Buijze, Allard (2010-02-26). "Measuring Code Quality With Sonar". Archived from the original on 2011-08-12. Retrieved 2017-08-29.
  7. ^ Odendaal, René (2009-06-24). "Continuous Integration on SAP using Subversion, Maven, Hudson, Nexus and Sonar". Archived from the original on 2012-07-24. Retrieved 2017-08-29.
  8. ^ Smart, John (2010-03-14). "How can you improve, harmonize and automate your development process using tools like Maven, Hudson, and Nexus?". Retrieved 2017-08-29.
  9. ^ "Multi-Language - SonarQube". Retrieved 2021-01-25.
  10. ^ "Sonar Streamlines Product Naming to Reflect Core Mission of Code Quality and Security". Retrieved 2024-12-14.
  11. ^ Mariano (2009-11-17). "Creating a Sonar Plugin for software development metrics". Archived from the original on March 24, 2010. Retrieved 2017-08-29.
  12. ^ Hazrati, Vikas (2010-03-30). "Monetizing the Technical Debt". Retrieved 2017-08-29.
  13. ^ "Jolt Awards Winners". 2009-03-18. Archived from the original on February 1, 2010. Retrieved 2010-04-13.
  14. ^ "Jolt Productivity Award #2: Testing and Debugging". 2010-12-01. Retrieved 2010-12-09.
edit