SonarQube is a\u00a0Code Quality Assurance tool that collects and analyzes source code<\/strong> and provides reports for the code quality of your project. It combines static and dynamic analysis tools and enables quality to be measured continuously over time.<\/p>\n\n\n\n SonarQube is an open-source platform developed by SonarSource for continuous inspection of code quality<\/strong>. Sonar does static code analysis, which provides a detailed report of bugs, code smells, vulnerabilities, code duplications.<\/p>\n\n\n\n SonarQube is\u00a0the #1 ranked solution in application security tools<\/strong>\u00a0and top Software Development Analytics tools. … SonarQube is the leading tool for continuously inspecting Code Quality and Code Security, and guiding development teams during code reviews.<\/p>\n\n\n\n The SonarQube Quality Model divides rules into four categories: Bugs, Vulnerabilities, Security Hotspots, and Code Smells<\/strong>. Rules are assigned to categories based on the answers to these questions: Is the rule about code that is demonstrably wrong, or more likely wrong than not?<\/p>\n\n\n\n SonarQube platform significantly increases the lifetime of applications by reducing complexities, duplications, and potential bugs in the code, keeping neat and clean code architecture, and increasing unit tests. SonarQube\u00a0increases the maintainability of the software<\/strong>. It also has the ability to handle changes.<\/p>\n\n\n\n Quality Gates are the set of conditions a project must meet before it should be pushed to further environments<\/strong>. Quality Gates considers all of the quality metrics for a project and assigns a passed or failed designation for that project.<\/p>\n\n\n\n The SonarQube platform consists of four components:\u00a0analyzers, servers<\/strong>, plugins installed on the server, and, last but not least, databases. Analyzers are responsible for running line-by-line code analysis. They can provide information about technical debt, code coverage, code complexity, detected problems, etc.<\/p>\n\n\n\n SonarQube is available for free under the GNU Lesser General Public License<\/strong>. An enterprise version for paid licensing also exists, as well as a data center edition that supports high availability.<\/p>\n\n\n\n SonarQube doesn’t run your tests or generate reports<\/strong>. To include coverage results in your analysis, you need to set up a third-party coverage tool to generate reports and configure SonarQube to import those reports.<\/p>\n\n\n\n SonarQube is\u00a0an open-source platform used for continuous analysis of your source code quality<\/strong>\u00a0by performing analysis of your code to detect duplications, bugs, security vulnerabilities and code smells.<\/p>\n","protected":false},"excerpt":{"rendered":" What is SonarQube used for? SonarQube is a\u00a0Code Quality Assurance tool that collects and analyzes source code and provides reports for the code quality of your project. It combines static… <\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_joinchat":[],"footnotes":""},"categories":[158,2],"tags":[],"class_list":["post-25978","post","type-post","status-publish","format-standard","hentry","category-sonarqube","category-uncategorised"],"_links":{"self":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts\/25978","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/comments?post=25978"}],"version-history":[{"count":3,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts\/25978\/revisions"}],"predecessor-version":[{"id":26186,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts\/25978\/revisions\/26186"}],"wp:attachment":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/media?parent=25978"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/categories?post=25978"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/tags?post=25978"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}What are SonarQube and its features?<\/h2>\n\n\n\n
Is SonarQube any good?<\/h2>\n\n\n\n
What are SonarQube rules?<\/h2>\n\n\n\n
Who can get benefit from SonarQube?<\/h2>\n\n\n\n
What is the quality gate in SonarQube?<\/h2>\n\n\n\n
What are the main components of the SonarQube platform?<\/h2>\n\n\n\n
Is SonarQube free?<\/h2>\n\n\n\n
Does SonarQube run unit tests?<\/h2>\n\n\n\n
What is SonarQube in Jenkins?<\/h2>\n\n\n\n