SonarSolidity: is a SonarQube static code analyzer for Solidity Smart Contracts.
To begin with you should install a SonarQube 7.2+ instance (https://www.sonarqube.org/downloads/), please follow the instructions provided. As soon as you installed SonarQube, then download the latest release from here and copy paste it in the folder sonarqube/extensions/plugins/ then start your instance and you are ready to go!
git clone --recursive https://github.com/sagap/sonar-solidity.git mvn clean install
- Metrics (cognitive complexity, number of lines, number of contracts etc)
- 25 Rules
ANTLR4 grammar to build the Parser and the Lexer.
SonarSolidity supports the import of reports from
Solium linter version 1.0.0 .
- 13 Security Rules
- 32 Style Rules
Please read documentation on how to take advantage of this feature.
Licensed under the GNU Lesser General Public License, Version 3.0