SonarQube provides the capability to not only show health of an application but also to highlight issues newly introduced. With a Quality Gate in place, you can Clean As You Code and therefore improve code quality systematically.
- SonarSource, author of SonarQube
- Issue tracking, read-only. Only SonarSourcers can create tickets.
- Responsible Disclosure
- Dogfood instance of the next SonarQube version
Have Question or Feedback?
For support questions ("How do I?", "I got this error, why?", ...), please first read the documentation and then head to the SonarSource Community. The answer to your question has likely already been answered!
Be aware that this forum is a community, so the standard pleasantries ("Hi", "Thanks", ...) are expected. And if you don't get an answer to your thread, you should sit on your hands for at least three days before bumping it. Operators are not standing by.
If you would like to see a new feature, please create a new Community thread: "Suggest new features".
Please be aware that we are not actively looking for feature contributions. The truth is that it's extremely difficult for someone outside SonarSource to comply with our roadmap and expectations. Therefore, we typically only accept minor cosmetic changes and typo fixes.
With that in mind, if you would like to submit a code contribution, please create a pull request for this repository. Please explain your motives to contribute this change: what problem you are trying to fix, what improvement you are trying to make.
Make sure that you follow our code style and all tests are passing (Travis build is executed for each pull request).
To build sources locally follow these instructions.
Build and Run Unit Tests
Execute from project base directory:
The zip distribution file is generated in
sonar-application/build/distributions/. Unzip it and start server by executing:
# on linux bin/linux-x86-64/sonar.sh start # or on MacOS bin/macosx-universal-64/sonar.sh start # or on Windows bin\windows-x86-64\StartSonar.bat
Open in IDE
If the project has never been built, then build it as usual (see previous section) or use the quicker command:
Then open the root file
build.gradle as a project in Intellij or Eclipse.
||list vulnerable dependencies|
||list the dependencies that could be updated|
||fix source headers by applying HEADER.txt|
Copyright 2008-2021 SonarSource.
Licensed under the GNU Lesser General Public License, Version 3.0