SonarQube (formerly Sonar) is an open source platform for continuous inspection of code quality to perform automatic reviews with static analysis of code to detect bugs, code smells and security vulnerabilities on 20+ programming languages including Java (including Android), C#, PHP, JavaScript, C/C++, COBOL, PL/SQL, PL/I, ABAP, VB.NET, VB6, Python, RPG, Flex, Objective-C, Swift, Web and XML. (note that some of them are commercial) SonarQube offers reports on duplicated code, coding standards, unit tests, code coverage, code complexity, comments, bugs, and security vulnerabilities. SonarQube can record metrics history and provides evolution graphs. SonarQube's greatest asset is that it provides fully automated analysis and integration with Maven, Ant, Gradle, MSBuild and continuous integration tools (Atlassian Bamboo, Jenkins, Hudson, etc.). SonarQube also integrates with Eclipse, Visual Studio and IntelliJ IDEA development environments through the SonarLint plugins and integrates with external tools like LDAP, Active Directory, GitHub, etc. SonarQube is expandable with the use of plugins.
Video SonarQube
Reception
In 2009, SonarQube received the Jolt Awards under testing tools category. Featured in continuous integration tools. Used by the Andalusian Autonomous Government, eXo Platform, Apache Software Foundation, Eclipse Foundation, Marvelution.
Maps SonarQube
See also
- List of tools for static code analysis
References
Further reading
- SonarQube Tutorial
- Eclipse Sonar Tutorial
External links
- SonarQube Web Site
- SonarSource Web Site
- Live SonarQube instance
- SonarQube Plugin Library
- SonarQube IDE Integration
Source of article : Wikipedia
0 Comments