Wednesday, May 16, 2018

Sonar Lint for the Impatient

Remove issues before they reach customer sites. No quality problems shall reach your Git master branch.

What is Sonar?

SonarQube is a central server that processes full analyses (triggered by the various SonarQube Scanners). Its purpose is to give a 360° vision of the quality of your code base. For this, it analyzes all the source lines of your project on a regular basis.


It should be added that SonarQube also performs scans with well-known third party analyzers (SpotBugs - previously FindBugs -, Checkstyle, PMD) whereas SonarLint does not include those. I think the reason is a prioritization on performance and findBugs relying on java byte-code.

What is SonarLint?

SonarLint lives only in your IDE (IntelliJ, Eclipse or Visual Studio). Its purpose is to give instantaneous feedback as you type your code. For this, it concentrates on what code you are adding or updating.

Findings are displayed in the source code with information such as rule violation, rating of the rule and explanation. You have a window where all findings are displayed to provide an overview and navigation support. You are free to analyze a single file, a package, or the whole project; you can also excludes files or packages from the analysis.

Connect SonarLint to your prefered code quality product. It then uses the same code analyzers, rules and settings locally that are used on the server.

Issues marked as Won’t Fix or False Positive in SonarQube or SonarCloud disappear from your IDE.

Both SonarLint and SonarQube rely on the same static source code analyzers - most of them being written using SonarSource technology.

How to use It?

  1. Install the SonarLint in your favorite IDE
    1. configure the SonarCube instance to synchronize the rule set used in your project
  2. Configure the plugin to access your SonarCube instance
  3. Run it, 
    1. See the messages in the next few seconds
    2. Jump to the source and correct the problem
    3. Iterate until all issues are solved
  4. Run your unit tests and acceptance tests - TDD and ATDD -
  5. Commit your changes
This approach guarantees you always release source code without any SonarCube issues, therefore SonarCube always show no findings for new code and for refactored code.

And you have made a step to the journey to become a professional software developer and achieve craftsmanship.

Posted by at
Labels:

1 comment:

  1. UnknownAugust 21, 2018 at 1:24 PM

    Give the power to write better code. SonarLint improved with the newest release. You can now select the active rules even if you have no SonarQube server instance. Use it and fix code issues before they exist.

    ReplyDelete

Subscribe to: Post Comments (Atom)