SonarQube Frequently asked questions (FAQ)
Is SonarQube Replacement for Checkstyle, PMD, FindBugs?
————————————————————–
Answers – YES and NO
Why Yes?
Sonar will run CheckStyle, FindBugs and PMD, as well as a few other “plugins” such as Cobertura (code coverage) by default for Java projects. The main added value, however, is that it stores the history in a database. You can then see the trend. Are you improving the code base or are you doing the opposite? Only a tool with memory can tell you that.
Why No?
SonarQube is currently on the way to deprecate PMD, Checkstyle and Findbugs and use their own technology to analyze Java code (called SonarJava). They do it, because they don’t want to spend their time fixing, upgrading (or waiting on it) those libraries (e.g. for Java 8), which for example uses outdated libraries. Well at least since SonarQube 6.3+ it seems to be that Findbugs is (at the moment) no longer supported as a plugin.
What is the SonarQube Plugins available which can be integrated with Eclipse, IntelliJ IDEA, Visual Studio, Visual Studio Code, and Atom?
————————————————————–
Answer –
SonarLint is an extension to your favorite IDE that provides on-the-fly feedback to developers on new bugs and quality issues injected into their code.
Reference
Where i can get the Support related to SonarQube?
————————————————————–
Google Grops
Facebook Groups
Linkedin Groups
Public Forum
Top 10 Lessons Learned from 2 Years Work with Codehaus Sonar
————————————————————–
Configure Sonar to exclude files from Maven pom.xml
————————————————————–
Does Sonar support multiple language in same project ex. sonar.language=java,grvy?
————————————————————–
Starting with SonarQube 4.2, multi-language projects are supported.
This automatically happens when sonar.language is not set.
See sample project here: https://github.com/bellingard/multi-language-project
How to exclude the directory in SonarQube?
————————————————————–
try something like this:
sonar.exclusions=src/java/test/**
sonar.exclusions=system/**, test/**, application/third_party/**, application/logs/**
How to Increase SonarQube Heap Size?
————————————————————–
Whenever you get a issues like “SonarQube analysis failed java.lang.OutOfMemoryError: Java heap space”, you may following options to follow.
Option 1 – Reduce the analyze scope by either reducing the project size(split your project in smaller sub projects/modules) or reducing the set of rules that are analyzed.
Option 2 โ Increase the memory size that can be consumed by the JVM. ย This can be done by adding the following Environment Variable:
SONAR_RUNNER_OPTS=”-Xmx3062m -XX:MaxPermSize=512m -XX:ReservedCodeCacheSize=128m”
e.g Linux
> export SONAR_SCANNER_OPTS=”-Xmx3062m -XX:MaxPermSize=512m -XX:ReservedCodeCacheSize=128m”
e.g Windows
> set SONAR_SCANNER_OPTS=”-Xmx3062m -XX:MaxPermSize=512m -XX:ReservedCodeCacheSize=128m”
Reference
Latest posts by scmgalaxy K (see all)
- Use of runtime variables to save into another variable using register in Ansible - September 6, 2018
- Ansible & Ansible Tower Variable Precedence Hierarchy - September 6, 2018
- How to use template in Ansible? - September 6, 2018
Great FAQ on SonarQube! SonarQube is an essential platform for continuous code quality and security analysis, helping teams detect bugs, vulnerabilities, and code smells early in the development lifecycle across 35+ languages with thousands of built-in rules. It integrates seamlessly with popular CI/CD pipelines and IDEs to enforce quality gates and provide fast feedback directly in your workflow. Understanding common questions โ such as how SonarQube works, what SAST is, and how to interpret analysis results โ makes it much easier for developers and DevOps teams to adopt and get the most value from automated static analysis. This not only improves maintainability but also strengthens security practices by catching issues before they reach production.