Sonarqube - Continuous Code Quality

•    Java

SonarQube is the open source platform for continuous inspection of code quality. SonarQube provides the capability to not only show health of an application but also to highlight issues newly introduced. With a Quality Gate in place, you can fix the leak and therefore improve code quality systematically. Code analyzers can detect tricky issues such as null-pointers dereferences, logic errors, resource leaks.

dashboard - 📺 Create your own team dashboard with custom widgets

•    Javascript

Create your own team dashboard with custom widgets. Run npm run dev and go to http://localhost:3000.

sonar-dotnet - Code analyzer for C# and VB

•    CSharp

Code Analyzer for C#

sonar-java - :coffee: SonarJava : Java static analyzer for SonarQube & SonarLint

•    Java

Code Analyzer for Java

sonar-kotlin - SonarQube plugin for Kotlin

•    Kotlin

Read about detekt configuration files here and about detekt baseline formats here. Best ways to get started is to configure the detekt-gradle-plugin in your project and use its detektBaseline and detektGenerateConfig tasks.

sonar-csharp - Code analyzer for C# projects

•    CSharp

Code Analyzer for C#

SonarJS - SonarJS: JavaScript Analyzer for SonarQube

•    Java

SonarQube JavaScript Analyzer

sonarlint-visualstudio - SonarLint extension for VisualStudio

•    CSharp

SonarLint is a Visual Studio 2015 and 2017 extension that provides on-the-fly feedback to developers on new bugs and quality issues injected into .NET code. SonarLint for Visual Studio is based on and benefits from the .NET Compiler Platform (aka "Roslyn") and its code analysis API to provide a fully-integrated user experience in Visual Studio 2015 and Visual Studio 2017. SonarLint is free, open source, and available in the Visual Studio Gallery.To provide feedback (request a feature, report a bug etc.), simply create a GitHub Issue. Alternatively you can use SonarQube Google Group or StackOverflow with the tag sonarlint-vs.

SonarTS - Static code analyzer for TypeScript

•    TypeScript

Static code analyzer for TypeScript detecting bugs and suspicious patterns in your code.See the documentation here and example project here.

reverse-proxy-auth-sonar-plugin - This plugin allows delegation of SonarQube authentication to the reverse proxy via HTTP Header

•    Java

Reverse Proxy Authenticator plugin for Sonar.

sonar-scanner-npm - SonarQube Scanner for the JavaScript world

•    Javascript

sonarqube-scanner makes it very easy to trigger SonarQube / SonarCloud analyses on a JavaScript code base, without needing to install any specific tool or (Java) runtime. Prerequisite: you've installed the package as a dev dependency.

ansible-role-sonar - Ansible Role - SonarQube

An Ansible Role that installs SonarQube on RedHat/CentOS and Debian/Ubuntu Linux servers. Finally, recent versions of SonarQube also require MySQL 5.6 or later.

ansible-role-sonar-runner - Ansible Role - SonarQube Runner

•    Shell

An Ansible Role that installs Sonar Runner on RedHat/CentOS and Debian/Ubuntu Linux servers. The role is currently configured to support SonarQube installations using MySQL as a database backend.

drupalci-sonar-jenkins - Drupal CI environment with SonarQube and Jenkins for Drupal Core code analysis

This Vagrant configuration (with Ansible for provisioning) will install Jenkins, PHP, SonarQube, and Drupal CI profiles for code analysis (along with a bunch of other required software). Note for Windows users: This guide assumes you're on a Mac or Linux host. Windows support may be added when I get a little more time; the main difference is Ansible needs to be bootstrapped from within the VM after it's created. See JJG-Ansible-Windows for more information.

sonarqube-licensecheck - SonarQube Licensecheck Plugin

•    Java

This SonarQube plugin ensures that projects in an organization adhere to a set of standard libraries and versions. This enables the governance of the used libraries and licences. Put the pre-built jar-file (from release downloads) in the directory $SONARQUBE_HOME/extensions/plugins and restart the server to install the plugin. Activate the rules of this plugin ("License is not allowed", "Dependency has unknown license") in your SonarQube quality profiles - otherwise the plugin is not executed.

devops-compose - DevOps tools on Docker Compose

•    Shell

Create the following stack. Create a PostgreSQL instance. It is recommended to use managed services such as Amazon RDS or Google Cloud SQL for maintenancebility reason. MySQL is available and works as well but PostgreSQL is recommended for JIRA.

sonar-plsql - Open source SonarQube plugin to perform static analysis of PL/SQL and Oracle SQL code

•    Java

Enables analysis and reporting on PL/SQL projects.

SonarOnDocker - A Docker image contains SonarQube + MySQL

•    Java

Complete Docker Compose guide to configure and run SonarQube + MySQL docker applications. Orchestrating Docker with compose sounds easy, but there are a few pitfalls in practice. Read on to learn about the whole story, or if you just wanna run it, jump directly to Getting Started.

dependency-check-sonar-plugin - Integrates Dependency-Check reports into SonarQube

•    Java

Integrates Dependency-Check reports into SonarQube

jest-sonar-reporter - A Sonar test reporter for Jest.

•    Javascript

jest-sonar-reporter is a custom results processor for Jest. The processor converts Jest's output into Sonar's generic test data format. Configure Jest in your package.json to use jest-sonar-reporter as a custom results processor.