Logo
Sign in
Product Logo
SonarQube for IDESonarSource

Free IDE extension that provides on-the-fly analysis and coding guidance.

Vendor

Vendor

SonarSource

Company Website

Company Website

Product details

An advanced linter in your IDE for Clean Code

Up your coding game and discover issues early. SonarQube for IDE takes linting to another level empowering you to find & fix issues in real time.

Features

  • **Resolve issues fast: **SonarQube for IDE offers Quick Fixes for many detected issues. With a single click, SonarQube for IDE will automatically edit your source code to comply with the rule description and fix the issue. You may also preview the edit before you execute.
  • **Keep secrets out of repositories: **SonarQube for IDE detects exposed Secrets in your source code, ensuring they can be removed before they make it to your repository. When running in Connected Mode, the SonarQube Server or SonarQube Cloud Quality Profiles are applied to locally detected Secrets. Custom secret patterns will also be detected.
  • Contextual learning opportunities - SonarQube for IDE not only uncovers issues in your code, it also offers contextual information designed to help you improve your coding skills. - When an issue is highlighted, selecting "view problem" will open the SonarQube for IDE Rule Description. Here you are presented with more information as to why is this an issue, and the potential impact if left unresolved. This, together with suggested ways to fix the issue, often with code examples, plus additional resources all combine to offer you the option to learn.
  • **Detect and resolve taint vulnerabilities: **Taint analysis detects any injection vulnerability pattern in your source code. In connected mode, SonarQube for IDE pulls taint issues detected by SonarQube Server or SonarQube Cloud following a project analysis. You can then learn about the vulnerability and fix it locally. Then commit your code to the server and rerun the analysis on SonarQube Server or SonarQube Cloud. The new status (of the issue) will show up automatically in your local analysis.
  • **Focus on new code: **SonarQube for IDE allows you to focus on new code by filtering issues shown in the IDE, as determined by your SonarQube Server or SonarQube Cloud new code definition. With a simple toggle, you can select whether to see all issues in a project or just those in your new code, according to the set definition.