0

Sonarqube produces issues with the code like bugs and security-related issues as vulnerabilities and code smell that could cause issues. Is there a way to add the coding standards to enforce conventions specific to readability and maintainability of code and more of what code reviewers perform in the code. So that automatically it can fail the quality gate if comments, variable conventions, and class and function standards are not met. But one of my Developer is saying that Sonarqube by default profile covers most of the rules and conventions that code reviewers check in the code. But I understand, rules and conventions in the coding standards document can only be reviewed by peer review and not by compilers and Sonarqube tool.

I believe developers and experts in Sonarqube and compilers can confirm whether rules and conventions in coding standards like general style for source code, standards for statements, methods, naming convention, variable assignments, standards for classes, interfaces, packages, etc. Is there is a way to add rules for coding standards via Sonarqube, kindly share?

[edited]

intechops6
  • 1,007
  • 4
  • 22
  • 43
  • 1
    Does anybody even bother to do a web search before posting here? See https://docs.sonarqube.org/display/DEV/Adding+Coding+Rules then [edit] your question to clarify what's still missing. – Robert Apr 22 '19 at 21:39
  • The url talks about adding rules and writing plugins using Java and how to add rules. But my question is too technical, is it possible to add rules for maintaining style, comments, variable and method conventions and more of what peer reviewer will find in the code. – intechops6 Apr 22 '19 at 21:51
  • @intechops6, did you manage to do what you wanted? I have a similar need, and i want to find all classes where developers fail to add comments. Thanks. – jumping_monkey Mar 22 '23 at 02:25

1 Answers1

4

SonarQube performs various code safety and quality checks out the box. If you're looking to assert code formatting then you'll need to use a suitable plugin to extend SonarQube's quality profiles, such as the Checkstyle Plugin

mc1arke
  • 1,030
  • 10
  • 22
  • mc1arke @ There is no one to review the code and want it automated via sonarqube. I have to look for plugins that are available in Sonarqube that has the rules that code reviewers look for in the code. great that you replied, thanks. – intechops6 Apr 24 '19 at 16:32
  • Link seems dead, is the plug-in still around? – CyberMew Dec 09 '21 at 12:10
  • 2
    Link updated to up-to-date home of the plugin – mc1arke Jan 07 '22 at 21:42