Questions tagged [sonarqube]

SonarQube is the open source platform, to continuously inspect code quality of applications. It allows developers to detect bugs and vulnerabilities as well as to decrease code smells or bad practices, in more than 20 different languages.

SonarQube was formerly known as Sonar.

SonarQube is the open source platform, to continuously inspect code quality of applications.

It allows developers to detect bugs and vulnerabilities as well as to decrease code smells, in more than 20 different languages.

Feature overview

Fully supports the Leak concept to make sure that the code quality of an application gets only better and better as code is added or updated over time
Available for more than 20 languages (including Java, C#, C/C++, Cobol, PL/SQL, ABAP, Javascript, PHP, Web, XML)
Built-in components for an easy integration (Maven, Ant, SVN, Git, JIRA, Mantis, Google Analytics, Redmine, Jenkins)

Resources

Tutorials & Examples

Books

11817 questions

votes

3 answers

How to exclude some maven project from sonar analysis

I have many(Let say 10 (A, B, C...)) eclipse plugin which is maven based. I have one master pom file which includes all other plugin projects. now by building master file with sonar:sonar goal it will build all the plugins. So my question: Is there…

asked Apr 10 '14 at 07:10

Sumit Singh

15,743
6
59
89

votes

2 answers

Ignore SonarQube warnings in python

How can I ignore SonarQube warnings in Python code In Java, I can use @SuppressWarnings("squid:S1166") Where the ID is the SonarQube rule ID. But what syntax should I use in Python? I've tried # noinspection python:S1313 but it didn't work. To be…

python sonarqube

asked Jun 03 '16 at 08:49

Daniel Scott

7,418
5
39
58

votes

6 answers

How to disable Sonar rules for specific files?

I've got a project I'm working on and some of the files violate some of the rules, but in ways that are not real issues, and are thus distracting noise. However, I don't want to disable these rules globally, and I would prefer not to have to mark…

sonarqube

asked Jan 13 '14 at 23:06

user153275

votes

3 answers

Stream.peek() can be skipped for optimization

I've come across a rule in Sonar which says: A key difference with other intermediate Stream operations is that the Stream implementation is free to skip calls to peek() for optimization purpose. This can lead to peek() being unexpectedly called…

java java-8 sonarqube java-stream side-effects

asked Aug 24 '22 at 08:50

Evgeny Mamaev

1,237
1
14
31

votes

2 answers

Excluding Lombok classes from Sonar coverage report

Latest Jacoco plugin (still in snapshot version, 0.7.10-SNAPSHOT), has a nice new feature to filter out the Lombok generated code (https://github.com/jacoco/jacoco/wiki/FilteringOptions). All we need to do is add a lombok.config file at the root of…

java spring-boot sonarqube lombok jacoco-maven-plugin

asked Nov 22 '17 at 08:55

Vincent F

6,523
7
37
79

votes

5 answers

SonarQube - analyzing branches of the same project

I know that there is no "new project" button on SonarQube UI. However, I have two branches of the same project that I want to do analysis on. The thing is that since the project names are the same, SonarQube will upload the analysis results of the…

sonarqube

asked Jul 16 '14 at 16:38

mrQWERTY

4,039
13
43
91

votes

2 answers

What is the difference between code coverage and line coverage in sonar

I know what the difference is between line and branch coverage, but what is the difference between code coverage and line coverage? Is the former instruction coverage?

code-coverage sonarqube

asked Jul 19 '12 at 13:12

Bartosz Radaczyński

18,396
14
54
61

votes

4 answers

How to export FindBugs/PMD/Checkstyle rules from Sonar and import into Netbeans

My company has sonar set up to with various plugins (PMD, FindBugs, CheckStyle), and although it is very useful as is (it runs after every Jenkins build that was triggered by a check-in to SVN), I would like it if I could run these various plugins…

netbeans findbugs sonarqube checkstyle pmd

asked Nov 16 '11 at 16:46

jalsk

votes

2 answers

Using SonarQube in Eclipse

I just installed SonarQube in Eclipse, but I don't know how to use it : Here It said: Link projects to Sonar server What is the server? Should we create another project somewhere else with the same name as the project in Eclipse? It's really…

eclipse sonarqube

asked Nov 02 '11 at 03:13

akram

votes

3 answers

Refactor this method to reduce its Cognitive Complexity from 21 to the 15 allowed. How to refactor and reduce the complexity

how to reduce the complexity of the given piece of code? I am getting this error in Sonarqube---> Refactor this method to reduce its Cognitive Complexity from 21 to the 15 allowed. this.deviceDetails = this.data && {...this.data.deviceInfo} || {}; …

javascript angular sonarqube karma-jasmine sonarlint

asked Jul 09 '20 at 13:15

sd_30

votes

1 answer

Sonarqube css: How to disable "Unexpected unknown type" rule for selectors with prefix "pr-"

I am running sonarqube's CSS analyzer over my Angular 7 project and it is marking all references to material2 elements in my scss as critical bugs. For example: Unexpected unknown type selector "mat-form-field" How do I add exceptions for…

css angular sonarqube

asked Apr 18 '19 at 09:27

colin-bilkins

votes

2 answers

SonarQube with Jest Unit Tests

I've been trying to find out how to populate SonarQube with both my Jest Unit Tests and the .net Unit Tests. I have a local version of SQ 6.7 and all the latest versions of the Javascript and C# Plugins. When it comes to Jest, I have the…

unit-testing sonarqube jestjs

asked Dec 20 '17 at 20:01

Matt B.

votes

13 answers

How to solve Sonar error: Unable to load component class org.sonar.scanner.scan.ProjectLock

I have some issues while running Sonar on my netbeans' project. It's not working and i have the following error : C:\Users\remy.fischer\Desktop\NetBeansProjects\NetBeansProjects\BinPacking\sonar-scanner-3.0.3.778-windows\bin>sonar-scanner…

sonarqube sonar-runner sonarqube-scan

asked Jun 21 '17 at 07:30

Rémy Fischer

votes

7 answers

sonarqube analysis requires authentication when permission is anyone

sonarqube 5.5 several Java projects, all have permission set to anyone can execute analysis. use mvn sonar:sonar to run analysis Other projects work fine without error. One project was found to not have the permission set. It was giving: Not…

sonarqube sonarqube-scan

asked Jul 20 '16 at 19:13

Ken Hargreaves

votes

3 answers

Properties file exclude multiple paths

I have a sonar-project.properties file, which specifies how sonar-runner inspects the the folder structure, which files to inspect, which files to ignore etc. I cannot successfully determine however how to exclude multiple paths successfully. Here…

node.js properties sonarqube code-coverage sonar-runner

asked Jun 10 '15 at 10:07

Jon Duffy

Prev 1 2 3

…

99 100 Next