Open-source platform for continuous inspection of code quality
This article has multiple issues. Please help improve it or discuss these issues on the talk page. (Learn how and when to remove these template messages)
This article contains content that is written like an advertisement. Please help improve it by removing promotional content and inappropriate external links, and by adding encyclopedic content written from a neutral point of view.(October 2020) (Learn how and when to remove this message)
This article may contain excessive or inappropriate references to self-published sources. Please help improve it by removing references to unreliable sources where they are used inappropriately.(September 2021) (Learn how and when to remove this message)
This article's lead section contains information that is not included elsewhere in the article. If the information is appropriate for the lead of the article, this information should also be included in the body of the article.(September 2021) (Learn how and when to remove this message)
(Learn how and when to remove this message)
SonarQube
A SonarQube project homepage
Developer(s)
SonarSource
Initial release
2006–2007[1]
Stable release
10.4
/ February 6, 2024; 2 months ago (2024-02-06)[2]
Repository
github.com/SonarSource/sonarqube
Written in
Java
Operating system
Cross-platform
Type
Static program analysis
License
Lesser GNU General Public License
Website
sonarqube.org
SonarQube (formerly Sonar)[3] is an open-source platform developed by SonarSource for continuous inspection of code quality to perform automatic reviews with static analysis of code to detect bugs and code smells on 29 programming languages. SonarQube offers reports on duplicated code, coding standards, unit tests, code coverage, code complexity, comments, bugs, and security recommendations.[4][5]
SonarQube provides automated analysis and integration with Maven, Ant, Gradle, MSBuild, and continuous integration tools.[6][7][8]
^"History | SonarSource". www.sonarsource.com.
^"What's New in latest releases | SonarQube". www.sonarqube.org.
^Freddy Mallet (20 March 2013). "SONAR is becoming SONARQUBE". SonarQube project mailing list. Archived from the original on 24 July 2013. Retrieved 3 July 2013.
^"Sonar" (PDF). Methods and Tools. Vol. 18, no. 1. 2010-03-01. pp. 40–46. ISSN 1661-402X. Retrieved 2017-08-29.
^Campell/Papapetrou, Ann/Patroklos (2013). Sonar (SonarQube) in action. Greenwich, Connecticut, USA: Manning Publications. p. 350. ISBN 978-1617290954.
^Buijze, Allard (2010-02-26). "Measuring Code Quality With Sonar". Archived from the original on 2011-08-12. Retrieved 2017-08-29.
^Odendaal, René (2009-06-24). "Continuous Integration on SAP using Subversion, Maven, Hudson, Nexus and Sonar". Archived from the original on 2012-07-24. Retrieved 2017-08-29.
^Smart, John (2010-03-14). "How can you improve, harmonize and automate your development process using tools like Maven, Hudson, and Nexus?". Retrieved 2017-08-29.
"History | SonarSource". www.sonarsource.com. "What's New in latest releases | SonarQube". www.sonarqube.org. Freddy Mallet (20 March 2013). "SONAR is becoming...
C/C++, COBOL. The company offers three products: SonarQube, SonarCloud, and SonarLint. SonarQube is an open core product for static code analysis, with...
execution, for Java only SourceMeter plug-in for SonarQube platform is an extension of the open-source SonarQube platform for managing code quality. The plug-in...
serves as a simple facade or abstraction for various logging frameworks. SonarQube Platform for continuous inspection of code quality. Jasper Reports Java...
Solr in the background, listening on port 8983. ... Gaudin, Olivier. "SonarQube Installation Instructions". codehaus.org. Archived from the original on...
reference; related see AUTOSAR) A framework for source code metrics NASA.gov SonarQube Metric Definitions Metrics of Object Oriented Software (2010)...
Polyspace by MathWorks PVS-Studio by Program Verification Systems SonarQube by SonarSource (Open Source with some commercial plug-in components) SQuORE...
and Java 20. SonarQube JaCoCo plugin — one of the defaults for coverage analyses within the code quality management platform SonarQube EclEmma Eclipse...
the causes of such smells. Tools such as Checkstyle, PMD, FindBugs, and SonarQube can automatically identify code smells. Anti-pattern Design smell List...
tools (reads outputs of Checkstyle, PMD, FindBugs, Polyspace, Coverity or SonarQube) and publishes a summarised view of the project quality or progress. The...
CodeScene was found to find more significant technical debt issues than SonarQube, a static analysis tool.[verification needed] CodeScene users report that...
also plug-ins available for Eclipse, IntelliJ IDEA, Gradle, Maven and SonarQube. SpotBugs also supports all of existing FindBugs plugins such as sb-contrib...
reached, the reliability index of the application is impacted. SQuORE SonarQube Security Reviewer Suite Static program analysis ISO 9126 Software Quality...
integrated with the Eclipse software development environment and with the SonarQube software quality management platform. Contextual information is provided...
bamboo.adroitlogic.com. Retrieved 2016-05-02.[permanent dead link] "SonarQube". Archived from the original on 2015-10-19. Retrieved 2014-03-07. "Transports...
Xiongnu territory. The exploits of famed Han generals Wei Qing and Huo Qubing were of particular note, with both recording multiple successful expeditions...