Stack Overflow
Stack Overflow

Questions tagged [sonarqube]

SonarQube is the open source platform, to continuously inspect code quality of applications. It allows developers to detect bugs and vulnerabilities as well as to decrease code smells or bad practices, in more than 20 different languages.

SonarQube was formerly known as Sonar.

SonarQube is the open source platform, to continuously inspect code quality of applications.

It allows developers to detect bugs and vulnerabilities as well as to decrease code smells, in more than 20 different languages.

Feature overview

  • Fully supports the Leak concept to make sure that the code quality of an application gets only better and better as code is added or updated over time
  • Available for more than 20 languages (including Java, C#, C/C++, Cobol, PL/SQL, ABAP, Javascript, PHP, Web, XML)
  • Built-in components for an easy integration (Maven, Ant, SVN, Git, JIRA, Mantis, Google Analytics, Redmine, Jenkins)

Resources

Tutorials & Examples

Books

10748 questions
187
votes
5 answers

Turning Sonar off for certain code

Is it possible to turn off sonar (www.sonarsource.org) measurements for specific blocks of code, which one doesn't want to be measured? An example is the "Preserve Stack Trace" warning which Findbugs outputs. When leaving the server, I might well…
Ant Kutschera
  • 5,209
  • 3
  • 25
  • 36
164
votes
15 answers

SonarQube Exclude a directory

I am trying to exclude a directory from being analyzed by Sonar. I have the following properties defined in my sonar-project.properties file: sonar.sources=src/java sonar.exclusions=src/java/test/****/*.java The directory structure I have…
user1982350
  • 1,781
  • 2
  • 11
  • 11
143
votes
13 answers

How to configure multi-module Maven + Sonar + JaCoCo to give merged coverage report?

I've searched up and down the internet for this one. There's lots of half-answers out there, to do with Maven properties such as ${sonar.jacoco.reportPath}, or org.jacoco:jacoco-maven-plugin:prepare-agent or setting maven-surefire-plugin argLine…
Stewart
  • 17,139
  • 8
  • 45
  • 74
113
votes
10 answers

Hide Utility Class Constructor : Utility classes should not have a public or default constructor

I am getting this warning on Sonar.I want solution to remove this warning on sonar. My class is like this : public class FilePathHelper { private static String resourcesPath; public static String getFilePath(HttpServletRequest request) { …
Oomph Fortuity
  • 4,952
  • 10
  • 35
  • 85
110
votes
8 answers

Is SonarQube Replacement for Checkstyle, PMD, FindBugs?

We are working on a web project from scratch and are looking at the following static code analysis tools. Conventions (Checkstyle) Bad practices (PMD) Potential bugs (FindBugs) The project is built on Maven. Instead of using multiple tools for…
Johnny
  • 1,157
  • 2
  • 9
  • 6
98
votes
14 answers

Delete a project from SonarQube

Does anyone know how to delete a project from a SonarQube server? Thanks, Ronen.
rperez
  • 8,100
  • 10
  • 33
  • 44
96
votes
4 answers

SonarQube And SonarLint difference

How exactly is sonarQube different from SonarLint ? SonarQube has a server associated with it and Sonar lint works more like a plugin. But what are their specific difference ?
Jeevan Varughese
  • 1,811
  • 1
  • 13
  • 20
79
votes
5 answers

Are there any Quality Management tools other than SonarQube

We in our organization are trying to implement a source code quality management tool. SonarQube is one such tool that we have come across, and it's quite full of features and is phenomenal. We want to compare it with its peers, if there are any,…
Himanshu Taneja
  • 845
  • 1
  • 6
  • 5
79
votes
8 answers

JaCoCo SonarQube incompatible version 1007

I'm using SonarQube for code quality control and suddenly builds that would otherwise pass can't be analyzed and fails. [INFO] [00:00:03.630] Analysing /mySuperProject/target/jacoco.exec -> java.io.IOException: Incompatible version 1007 When I…
Padvinder
  • 951
  • 1
  • 6
  • 9
71
votes
4 answers

New Integer vs valueOf

I was using Sonar to make my code cleaner, and it pointed out that I'm using new Integer(1) instead of Integer.valueOf(1). Because it seems that valueOf does not instantiate a new object so is more memory-friendly. How can valueOf not instantiate a…
LB40
  • 11,121
  • 16
  • 66
  • 104
66
votes
5 answers

What's the current state of static analysis tools for Scala?

I saw a StackOverflow question regarding static analysis in Scala, but that one was answered in 2009. As you know, the Scala tools are changing very rapidly. I was therefore wondering if someone familiar with the current state of static analysis…
marekinfo
  • 1,392
  • 1
  • 11
  • 12
66
votes
8 answers

SonarQube not picking up Unit Test Coverage

I am having issues with sonar picking up the jacoco analysis report. Jenkins however is able to pick up the report and display the results. My project is a maven build, built by Jenkins. The jacoco report is generated by maven (configured in the…
anton91
  • 833
  • 2
  • 10
  • 12
64
votes
7 answers

Sonar Violation: Security - Array is stored directly

There is a Sonar Violation: Sonar Violation: Security - Array is stored directly public void setMyArray(String[] myArray) { this.myArray = myArray; } Solution: public void setMyArray(String[] newMyArray) { if(newMyArray == null) { …
Junchen Liu
  • 4,687
  • 10
  • 47
  • 57
61
votes
9 answers

How to make Sonar ignore some classes for codeCoverage metric?

I have a Sonar profile in Maven. Everything works fine except the code coverage metric. I want to make Sonar ignore some classes only for the code coverage metric. I have the following profile: sonar
Dmitrii Borovoi
  • 2,266
  • 6
  • 30
  • 43
55
votes
4 answers

Why does the Maven command "mvn sonar:sonar" work without any plugin configuration in my "pom.xml"?

I have a Maven web project in my repo. I am a Maven noob but still I understand the fact that there are plugins which we need to configure only then we could run plugin specific commands. Facts: I have a sonar server running on my local machine at…
Rakesh Waghela
  • 1,989
  • 2
  • 24
  • 45
1
2 3
99 100