SonarQube
This article has multiple issues. Please help or discuss these issues on the talk page. (Learn how and when to remove these template messages)
|
Developer(s) | SonarSource |
---|---|
Initial release | 2006–2007[1] |
Stable release | 8.9
/ May 4, 2021[2] |
Repository | |
Written in | Java |
Operating system | Cross-platform |
Type | Static program analysis |
License | Lesser GNU General Public License |
Website | sonarqube |
SonarQube (formerly Sonar)[3] is an open-source platform developed by SonarSource for continuous inspection of code quality to perform automatic reviews with static analysis of code to detect bugs, code smells, and security vulnerabilities on 20+ programming languages. SonarQube offers reports on duplicated code, coding standards, unit tests, code coverage, code complexity, comments, bugs, and security vulnerabilities.[4][5]
SonarQube can record metrics history and provides evolution graphs. SonarQube provides fully automated analysis and integration with Maven, Ant, Gradle, MSBuild and continuous integration tools (Atlassian Bamboo, Jenkins, Hudson, etc.).[6][7][8]
Overview[]
SonarQube includes support for the programming languages Java (including Android), C#, C, C++, JavaScript, TypeScript, Python, Go, Swift, COBOL, Apex, PHP, Kotlin, Ruby, Scala, HTML, CSS, ABAP, Flex, Objective-C, PL/I, PL/SQL, RPG, T-SQL, VB.NET, VB6, and XML.[9] As of December 2021, analyzing C, C++, Obj-C, Swift, ABAP, T-SQL and PL/SQL is only available via a commercial license.
SonarQube is available for free under the GNU Lesser General Public License. An enterprise version for paid licensing also exists, as well as a data center edition that supports high availability.[10][11]
SonarLint[]
SonarQube integrates with Eclipse, Visual Studio, Visual Studio Code, and IntelliJ IDEA development environments through the SonarLint plug-ins, and also integrates with external tools like LDAP, Active Directory, GitHub, and others. SonarQube is expandable with the use of plug-ins.[12][13]
Reception[]
In 2009, SonarQube received a Jolt Award under testing tools category.[14][15]
See also[]
References[]
- ^ "History | SonarSource". www.sonarsource.com.
- ^ "What's New in latest releases | SonarQube". www.sonarqube.org.
- ^ Freddy Mallet (20 March 2013). "SONAR is becoming SONARQUBE". SonarQube project mailing list. Archived from the original on 24 July 2013. Retrieved 3 July 2013.
- ^ "Sonar" (PDF). Methods and Tools. Vol. 18 no. 1. 2010-03-01. pp. 40–46. ISSN 1661-402X. Retrieved 2017-08-29.
- ^ Campell/Papapetrou, Ann/Patroklos (2013). Sonar (SonarQube) in action. Greenwich, Connecticut, USA: Manning Publications. p. 350. ISBN 978-1617290954.
- ^ Buijze, Allard (2010-02-26). "Measuring Code Quality With Sonar". Archived from the original on 2011-08-12. Retrieved 2017-08-29.
- ^ Odendaal, René (2009-06-24). "Continuous Integration on SAP using Subversion, Maven, Hudson, Nexus and Sonar". Archived from the original on 2012-07-24. Retrieved 2017-08-29.
- ^ "Multi-Language | SonarQube". Retrieved 2021-01-25.
- ^ "License | SonarQube". www.sonarqube.org. Retrieved 2018-03-28.
- ^ "Plans & Pricing | SonarSource". www.sonarsource.com. Retrieved 2018-03-28.
- ^ Mariano (2009-11-17). "Creating a Sonar Plugin for software development metrics". Archived from the original on March 24, 2010. Retrieved 2017-08-29.
- ^ Hazrati, Vikas (2010-03-30). "Monetizing the Technical Debt". Retrieved 2017-08-29.
- ^ "Jolt Awards Winners". 2009-03-18. Archived from the original on February 1, 2010. Retrieved 2010-04-13.
- ^ "Jolt Productivity Award #2: Testing and Debugging". 2010-12-01. Retrieved 2010-12-09.
External links[]
- Static program analysis tools
- Free software testing tools