From Wikipedia, the free encyclopedia
Jump to navigationJump to search
SonarQube
Sonarqube-48x200.png
SonarQube Project page.png
A SonarQube project homepage
Developer(s)SonarSource
Initial release2006–2007[1]
Stable release
8.9 / May 4, 2021; 2 months ago (2021-05-04)[2]
Repository
Edit this at Wikidata
Written inJava
Operating systemCross-platform
TypeStatic program analysis
LicenseLesser GNU General Public License
Websitesonarqube.org

SonarQube (formerly Sonar)[3] is an open-source platform developed by SonarSource for continuous inspection of code quality to perform automatic reviews with static analysis of code to detect bugs, code smells, and security vulnerabilities on 20+ programming languages. SonarQube offers reports on duplicated code, coding standards, unit tests, code coverage, code complexity, comments, bugs, and security vulnerabilities.[4][5]

SonarQube can record metrics history and provides evolution graphs. SonarQube provides fully automated analysis and integration with Maven, Ant, Gradle, MSBuild and continuous integration tools (Atlassian Bamboo, Jenkins, Hudson, etc.).[6][7][8]

Overview

SonarQube includes support for the programming languages Java (including Android), C#, C, C++, JavaScript, TypeScript, Python, Go, Swift, COBOL, Apex, PHP, Kotlin, Ruby, Scala, HTML, CSS, ABAP, Flex, Objective-C, PL/I, PL/SQL, RPG, T-SQL, VB.NET, VB6, and XML.[9] Some of these are only available via a commercial license.

SonarQube is available for free under the GNU Lesser General Public License. An enterprise version for paid licensing also exists, as well as a data center edition that supports high availability.[10][11]

SonarQube integrates with Eclipse, Visual Studio, Visual Studio Code, and IntelliJ IDEA development environments through the SonarLint plug-ins, and also integrates with external tools like LDAP, Active Directory, GitHub, and others. SonarQube is expandable with the use of plug-ins.[12][13]

Reception

In 2009, SonarQube received the Jolt Awards under testing tools category.[14][15]

See also

  • List of tools for static code analysis

References

  1. ^ https://www.sonarsource.com/company/history/
  2. ^ https://www.sonarqube.org/whats-new/
  3. ^ Freddy Mallet (20 March 2013). "SONAR is becoming SONARQUBE". SonarQube project mailing list. Retrieved 3 July 2013.
  4. ^ "Methods and Tools issue" (PDF). 2010-03-01. Retrieved 2017-08-29.
  5. ^ Campell/Papapetrou, Ann/Patroklos (2013). Sonar (SonarQube) in action. Greenwich, Connecticut, USA: Manning Publications. p. 350. ISBN 978-1617290954.
  6. ^ Buijze, Allard (2010-02-26). "Measuring Code Quality With Sonar". Retrieved 2017-08-29.
  7. ^ Odendaal, René (2009-06-24). "Continuous Integration on SAP using Subversion, Maven, Hudson, Nexus and Sonar". Retrieved 2017-08-29.
  8. ^ Smart, John (2010-03-14). "How can you improve, harmonize and automate your development process using tools like Maven, Hudson, and Nexus?". Retrieved 2017-08-29.
  9. ^ "Multi-Language | SonarQube". Retrieved 2021-01-25.
  10. ^ "License | SonarQube". www.sonarqube.org. Retrieved 2018-03-28.
  11. ^ "Plans & Pricing | SonarSource". www.sonarsource.com. Retrieved 2018-03-28.
  12. ^ Mariano (2009-11-17). "Creating a Sonar Plugin for software development metrics". Archived from the original on March 24, 2010. Retrieved 2017-08-29.
  13. ^ Hazrati, Vikas (2010-03-30). "Monetizing the Technical Debt". Retrieved 2017-08-29.
  14. ^ "Jolt Awards Winners". 2009-03-18. Archived from the original on February 1, 2010. Retrieved 2010-04-13.
  15. ^ "Jolt Productivity Award #2: Testing and Debugging". 2010-12-01. Retrieved 2010-12-09.

External links

  • SonarQube Web Site