Eating the dog food

The SonarQube platform includes an increasing powerful lineup of tools to manage technical debt. So why don’t you ever see SonarSourcers using Nemo, the official public instance, to manage the debt in the SonarQube code? Because there’s another, bleeding-edge instance where we don’t just manage our own technical debt, we also test our code changes, as soon as possible after they’re made.

Read the rest of this page »

SonarQube Java Analyzer : The Only Rule Engine You Need

If you have been following the releases of the Java plugin, you might have noticed that we work on two major areas for each release: we improve our semantic analysis of Java, and we provide a lot of new rules.

Another thing you might have noticed, thanks to the tag system introduced by the platform last year, is that we are delivering more and more rules tagged with “bug” and “security”. This is a trend we’ll try to strengthen on the Java plugin to provide users valuable rules that detect real problems in their code, and not just formatting or code convention issues.

Read the rest of this page »

C/C++/Objective-C: Dark past, bright future

We’ve just released version 3.3 of the C/C++/Objective-C plugin, which features an increased scope and precision of analysis for C, as well as detection of real bugs such as null pointer dereferences and bugs related to types for C. These improvements were made possible by the addition of semantic analysis and symbolic execution, which is the analysis not of the structure of your code, but of what the code is actually doing.

Read the rest of this page »

SonarQube 5.0 in Screenshots

The team is proud to announce the release of SonarQube 5.0, which includes many new features

  • Issues page redesign
  • Keyboard shortcuts added to Issues
  • Built-in SCM support

Read the rest of this page »

COBOL is… Alive!

Most C, Java, C++, C#, JavaScript… developers reading this blog entry might think that COBOL is dead and that SonarSource should better focus its attention on more hyped languages like Scala, Go, Dart, and so on. But in 1997, the Gartner Group reported that 80 percent of the world’s business ran on COBOL, with more than 200 billion lines of code in existence and an estimated 5 billion lines of new code annually. COBOL is mainly used in the banking and insurance markets, and according to what we have seen in the past years, the erosion of the number of COBOL lines of code used in production is pretty low. So not only is COBOL not YET dead, but several decades will be required to see this death really happen. We released the first version of the COBOL plugin at the beginning of 2010 and this language plugin was in fact the first one to embed our own source code analysis technology, even before Java, C, C++, PL/SQL, … So at SonarSource, COBOL is a kind of leading technology :).

Read the rest of this page »

SonarQube 5.x series: It just keeps getting better and better!

We recently wrapped up the 4.x series of the SonarQube platform by announcing its Long Term Support version: 4.5.1. At the same time, we sat down to map out the themes for the 5.x series, and we think they’re pretty exciting.

In the 5.x series, we want the SonarQube platform to become:

  • Fully operational for developers: with easy management of the daily incoming technical debt, and “real” cross-source navigation features
  • Better tailored for big companies: with great performance and more scalability for large instances, and no more DB access from an analysis

Read the rest of this page »

Walking the Tightrope: Balancing Agility and Stability

About a year ago we declared a Long Term Support (LTS) version for the first time ever, and recently, we declared another one (version 4.5.1). But we never talked about what LTS means or why we did it.

Here’s the story:

Read the rest of this page »

New LTS Version Sums Impressive Array of New Features

In November, SonarQube version 4.5.1 was announced as the new Long Term Support (LTS) release of the platform. It’s been nearly a year since the last LTS version was announced – a very busy, feature-packed year. Let’s take a look at the results.

Read the rest of this page »

Do you care about your code? Track code coverage on new code, right now !

A few weeks ago, I had a passionate debate with my old friend Nicolas Frankel about the usefulness of the code coverage metric. We started on Twitter and then Nicolas wrote a blog entry stating “Your code coverage metric is not meaningful” and so useless. Not only am I thinking exactly the opposite, but I would even say that not tracking the code coverage on new code is almost insane nowadays.

Read the rest of this page »

What about Microsoft Component Extensions for C++?

After my previous blog entry about the support of Objective-C, you could get the impression that we’re fully focused on Unix-like platforms and have completely forgotten about Windows. But that would be a wrong impression

Read the rest of this page »

Page 1 of 2312345678910...20...Last »

© 2008-2013, SonarSource S.A, Switzerland. All content is copyright protected. SONARQUBE and SONARSOURCE are
trademarks of SonarSource SA. All other trademarks and copyrights are the property of their respective owners. All rights are expressly reserved.