SonarQube (formerly Sonar) is an open source platform developed by SonarSource for continuous inspection of code quality to perform automatic reviews with static analysis of code to detect bugs, code smells and security vulnerabilities on 20+ programming languages. SonarQube offers reports on duplicated code, coding standards, unit tests, code coverage, code complexity, comments, bugs, and security vulnerabilities.
SonarQube can record metrics history and provides evolution graphs. SonarQube's provides fully automated analysis and integration with Maven, Ant, Gradle, MSBuild and continuous integration tools (Atlassian Bamboo, Jenkins, Hudson, etc.).
Video SonarQube
Overview
Sonarqube includes support for the programming languages; Java (including Android), C#, PHP, JavaScript, C/C++, COBOL, PL/SQL, PL/I, ABAP, VB.NET, VB6, Python, RPG, Flex, Objective-C, Swift, Web and XML. Some of these are only available via the commercial license.
SonarQube is available for free under GNU Lesser GPL License, Version 3. An Enterprise version for paid licensing also exists, as well as a datacenter edition that supports high availability.
It integrates with Eclipse, Visual Studio and IntelliJ IDEA development environments through the SonarLint plugins and integrates with external tools like LDAP, Active Directory, GitHub, etc. SonarQube is expandable with the use of plugins.
Maps SonarQube
Reception
In 2009, SonarQube received the Jolt Awards under testing tools category.
See also
- List of tools for static code analysis
References
Further reading
- SonarQube Tutorial
- Eclipse Sonar Tutorial
External links
- SonarQube Web Site
- SonarSource Web Site
- Live SonarQube instance
- SonarQube Plugin Library
- SonarQube IDE Integration
Source of the article : Wikipedia
0 Comments