Questions tagged [sonarqube]

SonarQube is the open source platform, to continuously inspect code quality of applications. It allows developers to detect bugs and vulnerabilities as well as to decrease code smells or bad practices, in more than 20 different languages.

SonarQube was formerly known as Sonar.

SonarQube is the open source platform, to continuously inspect code quality of applications.

It allows developers to detect bugs and vulnerabilities as well as to decrease code smells, in more than 20 different languages.

Feature overview

Fully supports the Leak concept to make sure that the code quality of an application gets only better and better as code is added or updated over time
Available for more than 20 languages (including Java, C#, C/C++, Cobol, PL/SQL, ABAP, Javascript, PHP, Web, XML)
Built-in components for an easy integration (Maven, Ant, SVN, Git, JIRA, Mantis, Google Analytics, Redmine, Jenkins)

Resources

Tutorials & Examples

Books

11817 questions

votes

5 answers

How to integrate sonarqube in android studio?

How we can integrate sonarqube in android studio? I have come across static code analysis using sonarqube. Explain how we can achieve that. There are many link available to integrate sonar-runner and sonarqube but either outdated or not sufficient…

android sonarqube

asked May 05 '17 at 17:55

Gurvinder Singh

2,157
3
15
21

votes

1 answer

Sonarqube overall coverage does not match jacoco report coverage

I have a multi-module Android project and I'm seeing a discrepancy between the coverage that jacoco reports and what Sonarqube reports. The project is also a multi-flavor project that generates a lot of different variants. I am using this plugin to…

android sonarqube code-coverage jacoco

asked Oct 24 '16 at 20:19

Nelson Ramirez

7,864
7
28
34

votes

4 answers

How can we ignore some SonarQube rules in Java?

We recently started using SonarQube. We have found some rules that are suggested by SonarQube but we want to ignore them or give them a low priority and even configure the time suggested by SonarQube. For e.g We want to avoid the rule (and/or…

java sonarqube rules sonar-runner sonarqube-scan

asked Aug 23 '16 at 19:26

WowBow

7,137
17
65
103

votes

4 answers

can't be indexed twice - testSourceDirectory and sourceDirectory are same

I have created performance test as a maven submodule to my main module. All the test classes are written under src/main/java and not src/test/java I am able to package the project as jar and run it to performance test my project. I wanted to execute…

maven jenkins sonarqube

asked Apr 24 '15 at 01:51

Amod Pandey

1,336
3
14
22

votes

4 answers

JaCoCo - SonarQube - No information about coverage per test

I'm using JaCoCo for Code Coverage. The Unit Test reports are created with junit and they are imported correctly, so that the unit test information is shown properly. The problem is, that I get the error message: No information about coverage per…

sonarqube jacoco

asked Dec 04 '14 at 14:55

Stelos10

votes

2 answers

in pom.xml (Maven multi-module project) works locally but not on company server

I'm using in pom.xml to exclude certain packages for unit test code coverage. I have set up Sonar locally and the exclusions reflect on the report. But then, the same exclusions are not honored on the company server. I am using…

java maven jenkins sonarqube

asked Aug 07 '14 at 22:57

user3920253

votes

4 answers

How to configure Maven to run a SonarQube project analysis with two different quality profiles?

We run SonarQube analyses for our Java projects via Maven. Maven somehow does this automagically; all we did was add the sonar-maven-plugin to our pom.xml: ... …

maven pom.xml sonarqube

asked Feb 27 '14 at 12:44

barfuin

16,865
10
85
132

votes

6 answers

"SonarQube requires Java 11+ to run" for java 1.8.0_221

I have downloaded SonarQube (7.9.x LTS (July 2019)). I have java version "1.8.0_221" in 64bit windows machine. Environment variable JAVA_HOME is set to C:\Program Files\Java\jdk1.8.0_221, path: C:\Program Files\Java\jdk1.8.0_221\bin & C:\Program…

sonarqube

asked Nov 20 '19 at 06:33

Soheb Khalid

votes

2 answers

How to configure the rule set of SonarLint in Visual Studio Code?

I have installed sonar lint extension on my visual studio code editor and I was wondering if there is a way to enable or disable the rules which are used by the analyzer? There is a way to do it in Visual Studio and Eclipse but I couldn't find a way…

sonarqube visual-studio-code sonarlint

asked Apr 03 '18 at 22:30

ShellZero

4,415
12
38
56

votes

3 answers

Method has 8 parameters, which is greater than 7 authorized

When I am scanning code with sonar lint the following code shows the bug as "Method has 8 parameters, which is greater than 7 authorized" @PutMapping("/something") public List updateSomeThing(@PathVariable final SomeCode code, …

java sonarqube sonarlint sonarlint-eclipse

asked Mar 28 '18 at 12:52

Baji Shaik

1,022
2
10
14

votes

3 answers

Why is SonarQube giving a transient/private error when class is Serialized?

I have a java class that implements serializable and I'm assuming the variable within the class would also be serialized but SonarQube is complaining to me that it is not. My snippet of code is shown below:

java serialization sonarqube

asked May 11 '17 at 14:12

koala421

votes

2 answers

Using Gitlab Variables in Gitlab README.md for SonarQube Badges

I'm using Gitlab and Sonarqube and the Sonarqube Plugin SVG Badges. To represent the Sonarqube state on gitlab I have something like this in my README.md…

sonarqube gitlab gitlab-ci badge readme

asked May 02 '17 at 16:40

Joergi

1,527
3
39
82

votes

9 answers

SonarQube on Java8-project gives jacoco-Exception

I just downloaded the latest version, SonarQube 4.3, then try build a java-8 project with: mvn clean install mvn sonar:sonar That gives me the Exception below. Googling, I got the impression this is an earlier issue that should have been…

java sonarqube jacoco java-8

asked May 28 '14 at 23:24

Rop

3,359
3
38
59

votes

2 answers

Configure Sonar sonar.issue.ignore.multicriteria through maven

I'm using a local instance of Sonar without a centralized infrastructure. In order to keep the configuration of my project in the pom.xml, I want to configure the project through maven and not through the Sonar UI. For me this has the advantage of…

maven sonarqube

asked Feb 17 '14 at 09:40

revau.lt

2,674
2
20
31

votes

1 answer

What does package tangle index data indicate in Sonar?

I have the following data on one of the 7 axes (See the second picture) after running a Sonar analysis on my project. What information can be decoded from this data? Also which of the axes in the diagram below does this data pertain to?

sonarqube code-metrics

asked Mar 10 '13 at 11:28

Inquisitive

7,476
14
50
61

Prev 1 2 3

…

99 100 Next