+91 700 483 5930   +91 810 584 3520    info@scmgalaxy.com
LOGIN
Sign In or Register
Avatar
Not Registered Yet?

Join Now! It's FREE. Get full access and benefit from this site

Reset My password - Remind Me My username

Username
Password
Remember me
 
scmGalaxy logo

Code Analysis (7)

Source-code Analysis

How can we do the Security Analysys using SonarQube?

For Security Analysy purposes, a source code security analyzer
- examines source code to
- detect and report weaknesses that can lead to security vulnerabilities.

SonarQube Upgrade, Backup and Restore Process

Today I will share the steps to upgrade from the SonarQube version 5.X to SonarQube version 6.X. We have upgrade guide which can be found http://docs.sonarqube.org/display/SONAR/Upgrading but its not complete guide thus I am sharing the steps as follows which can be followed for the production server as well.  As practice shared on the oficial guide that before upgrading to the next major release, you must upgrade to know LTS e.g

SonarQube Frequently asked questions (FAQ)

 
Is SonarQube Replacement for Checkstyle, PMD, FindBugs?
--------------------------------------------------------------
Answers - YES and NO

Alternate of Sonarqube for Code Quality Management tools?

There is not a popular known alternate of Sonarqube and Sonarqube is definitly dominating the Software Quality management domain in terms of open source cateogry. But you may try following tools depends on the use and project requirements.
 

What is SonarQube?

It’s a code quality management platform that allows developer teams to manage, track and eventually improve the quality of the source code.  It’s a web based application that keeps historical data of a variety of metrics and gives trends of leading and lagging indicators for all seven deadly sins of developers.
 
Sonar is an open source platform used by development teams to manage source code quality. Sonar has been developed with a main objective in mind: make code quality management accessible to everyone with minimal effort.
 
As such, Sonar provides code analyzers, reporting tools, defects hunting modules and TimeMachine as core functionality. But it also embarks a plugin mechanism enabling the community to extend the functionality (more than 35 plugins available), making Sonar the one-stop-shop for source code quality by addressing not only developers but also managers needs.

Know About SonarJava! Is it replacement for Checkstyle, PMD, FindBugs?
SonarJava has a great coverage of well-established quality standards. The SonarJava capability is available in Eclipse and IntelliJ for developers (SonarLint) as well as throughout the development chain for automated code review with on-premise SonarQube or on-line SonarCloud.
 
SonarJava is a code analyzer for Java projects. Information about the SonarJava features is available below;
 
Why SonarJava?
SonarQube is currently on the way to deprecate PMD, Checkstyle and Findbugs and use their own technology to analyze Java code (called SonarJava). They do it, because they don't want to spend their time fixing, upgrading (or waiting on it) those libraries (e.g. for Java 8), which for example uses outdated libraries. Well at least since SonarQube 6.3+ it seems to be that Findbugs is (at the moment) no longer supported as a plugin.
 

NEW TUTORIALS