As a quality-first focus becomes increasingly important in modern software development, more and more developers are asking how to find new issues before they check their code in.

For some of you, it’s a point of pride. For others, it’s a question of keeping management off your back, and for still others it’s simply a matter of not embarrassing yourself publicly. Fortunately, the SonarQube developers (being developers themselves) understand the problem and have come up with three different ways of dealing with it: the Eclipse plugin, the IntelliJ plugin, and the Issues Report plugin.

Read the rest of this page »

A new year provides a good opportunity to look back at what was achieved the previous year. This is what I am going to do in this post for the Sonar platform.

Let’s start with a short version of this retrospective. Last year was made of:

• 6 releases of Sonar platform
• 200 releases of ecosystem products
• 65,000 downloads of Sonar
• 12,000+ messages on mailing lists

So I suppose, we can call this a pretty active year for the community. Now, the longer version:

Read the rest of this page »

The beginning of a new year always provides a good opportunity to look back at what was achieved the previous year and this is what I am going to do today for the Sonar platform.

Let’s start with a short version of this retrospective. Last year was made of:

• 8 releases of Sonar
• 110+ releases in the ecosystem
• 55,000 downloads of Sonar
• 10,000+ messages on mailing lists

So I suppose we can call this a pretty active year for the community. Now, the longer version:

The Plan

One year ago, we had the following ambitions :

Track changes : The next step is to provide the ability to report on code coverage of new source code. This is to ensure that whatever legacy code is there, teams have the ability to monitor the coverage by unit tests on added code if they wish.

Since Sonar 2.7 and with help of the SCM Activity plugin, this magic feature is available.

Code Review : This is really the next strategic move for the Sonar platform : add a manual dimension to the automated one to provide a complete code review tool.

This was a major change to accomodate into the platform and we therefore decided to adopt a baby step approach. The full functionality was delivered over 5 releases, from 2.8 to 2.12. Here is what the platform now covers:

• Review a violation
• Comment, assign, plan a review
• Flag false-positive violations through the UI
• Create manual violations through the UI
• Change the severity of a violation through the UI

Next step will be to provide the ability to customize the review workflow and its related permissions.

Language consolidation : Provide a Squid-like engine to the C# plugin to make it more robust

It took us 6 month with the great help of Alexandre Victoor to rewrite the C# plugin that embeds its own C# parser and natively supports visual studio projects.

Language consolidation : Improve the C parser to gain robustness, support non ANSI-85 extensions and increase significantly the number of rules available

We haven’t worked as much as we wanted on this C plugin and so the number of rules remains limited. That’s why we’ve already started working to implement the MISRA-C standard.

Language consolidation : Improve the PL/SQL plugin to provide currently missing metrics

A PL/SQL parser has been written to provide all those metrics and to start implementing some new rules outside the Toad CodeXpert tool.

Sonar Eclipse : Now that we have a stable version 1.0 of the plugin, we can start building on it. The objective for this year is to provide capability for running local analysis inside Eclipse

This local mode is now available but in fact the greatest new feature of Sonar Eclipse is certainly the integration of Mylyn to manage reviews directly from the IDE.

Support New Bootstrappers : We have started last year some background work to decouple Sonar from Maven. This work will enable us to support 2 new mechanisms for bootstrapping analysis in Sonar 2.6 : an ANT task and a Java runner. Next step is to also provide Gradle bootstrapper.

DONE, DONE, DONE, Sonar is now fully decoupled from Maven but if you want to use the power of Maven along with Sonar, it is of course still possible.

JaCoCo Integration : We intend to make 2 major integrations of JaCoCo into Sonar this year. The first one is to integrate it into Sonar core. The second one is to provide ANT integration of JaCoCo and therefore provide a simple way of gathering code coverage when you execute unit tests from ANT.

DONE & DONE.

Beyond the Plan

Obviously, we did not plan for all upcoming innovations for the year. Here are three major features of Sonar that weren’t planned and that have been implemented:

• Sonar CPD : this new technology introduced in Sonar 2.10 will fully replace PMD CPD in Sonar 2.14 and allows to track cross-projects duplications
• i18n : Since Sonar 2.10 the Sonar UI can be in spanish, french, greek…
• Email notifications : Since Sonar 2.10 a user can subscribe to some events to be notified by email. For instance when a review is assigned to him.

And this is also true in the ecosystem, here are two examples:

• a great effort made on the PHP plugin to resurrect it
• development of an extension for SAP ABAP

So after all this, what could be an exciting challenge for 2012 ? This is going to be the subject of my next post !

The Sonar team is proud to announce the release of Sonar Eclipse 2.1. This new version is the logical extension of Sonar 2.8 and provides support for Manual Code Reviews. As stated previsouly, “we firmly believe that Manual Code Review adds a new dimension to Sonar and it must be integrated as much and simply as possible to the development process and especially to Sonar Eclipse” : this is now done with version 2.1.

As usual, here is a quick overview in screenshots of this new functionality.

Read the rest of this page »

Have you tried Sonar Eclipse? If you’re a fan of Sonar and you monitor the quality of your code daily, you probably already have installed this set of plugins that brings the power of Sonar right into your IDE. As a developer, I personally find it really useful to fix the violations directly in the code editor – while you can not do much about it when you’re browsing the web resource viewer of Sonar.

Read the rest of this page »