The SonarQube COBOL Plugin Tracks Sneaky Bugs in Conditions

Not long ago, I wrote that COBOL is not a dead language and there are still billions lines of COBOL code in production today. At COBOL’s inception back in 1959, the goal was to provide something close to natural language so that even business analysts could read the code. As a side effect, the language is really, really verbose. Each time a ruby, python or scala developer complains about the verbosity of Java, C# or C++, he should have a look at a COBOL program to see how much worse it could be :). Moreover, since there is no concept of a local variable in COBOL, the ability to factorize common pieces of code in PARAGRAPHS or SECTIONS is limited. In the end, the temptation to duplicate logic is strong. When you combine those two flaws: verbosity and duplicated logic, guess what the consequence is: it’s pretty easy in COBOL to inject bugs in conditions.

Read the rest of this page »

SonarQube User Conference in Paris

We are very happy to announce that we are organizing our first Paris SonarQube User Conference, on June 10, 2015 from 9:30 a.m. until 2 p.m. at the Salons de l’Aéro-Club, 6 Rue Galilée in the 16th arrondissement.

This conference offers a great opportunity to meet other members of the community and compare notes on your experiences with the platform. We’ll also discuss new features, and the platform road map. We’re expecting many members of the community, including speakers from our global customer base and partners, and of course the SonarSource Team. We are expecting heated debate around the adoption and perspectives for SonarQube, as well as some insights on the paradigm shift in managing Technical Debt!

The program will also feature talks from Jean-Louis Letouzey (www.sqale.org) on understanding and leveraging the SQALE methodology, and Jean-Marc Prieur from Microsoft (http://blogs.msdn.com/b/jmprieur/) on the integration with Visual Studio & TFS.

To register for the event, simply send an email to kristi.karu At sonarsource.com. We are looking forward to meeting you there!

Announcing SonarQube integration with MSBuild and Team Build

This is a cross-post of Microsoft ALM web site.

Technical debt is the set of problems in a development effort that make forward progress on customer value inefficient. Technical debt saps productivity by making code hard to understand, fragile, difficult to validate, and creates unplanned work that blocks progress. Technical debt is insidious. It starts small and grows over time through rushed changes, lack of context and lack of discipline. Organizations often find that more than 50% of their capacity is sapped by technical debt.

Read the rest of this page »

SonarQube 5.1 in Screenshots

The team is proud to announce the release of SonarQube 5.1, which includes many new features:

  • New issues page & improved issue management
  • New rules page
  • Improved layout and navigation
  • Simplified component Viewer
  • All text files in a project imported
  • Preview analysis timezone issue solved

Read the rest of this page »

SonarQube User Conference – U.S. West (Santa Clara, CA)

We are very happy to announce that the second SonarQube user conference will take place on April 27th at the Santa Clara Convention Center, in Santa Clara, California.

Read the rest of this page »

Codehaus & Ben: Thank You and Good Bye

It seems very natural today that SonarQube is hosted at Codehaus, but there was a time when it was not! In fact joining Codehaus was a big achievement for us; you might even say it was one of the project’s first milestones, because Codehaus didn’t accept just any project. That may seem strange today, when you can get started on Github in a matter of minutes, but Codehaus was picky, and just being accepted was a big deal.

Read the rest of this page »

The speed of a caravan in the desert

“What is the speed of a caravan in the desert?” Language Team Technical Lead Evgeny Mandrikov posed that question recently to illustrate a point about developer tools. The answer to the caravan question is that it moves at the speed of the slowest camel. He was using the metaphor to illustrate a point about developer tools: a developer can only work at the speed of her slowest tool.

This is one reason developers want – and smart managers buy – machines with fast processors. We like them not just because we’re gear-head (chip-head?) geeks, but because they get us closer to the ability to work at the speed of thought. But what about the other tools? What about the quality tools?

Read the rest of this page »

Eating the dog food

The SonarQube platform includes an increasing powerful lineup of tools to manage technical debt. So why don’t you ever see SonarSourcers using Nemo, the official public instance, to manage the debt in the SonarQube code? Because there’s another, bleeding-edge instance where we don’t just manage our own technical debt, we also test our code changes, as soon as possible after they’re made.

Read the rest of this page »

SonarQube Java Analyzer : The Only Rule Engine You Need

If you have been following the releases of the Java plugin, you might have noticed that we work on two major areas for each release: we improve our semantic analysis of Java, and we provide a lot of new rules.

Another thing you might have noticed, thanks to the tag system introduced by the platform last year, is that we are delivering more and more rules tagged with “bug” and “security”. This is a trend we’ll try to strengthen on the Java plugin to provide users valuable rules that detect real problems in their code, and not just formatting or code convention issues.

Read the rest of this page »

C/C++/Objective-C: Dark past, bright future

We’ve just released version 3.3 of the C/C++/Objective-C plugin, which features an increased scope and precision of analysis for C, as well as detection of real bugs such as null pointer dereferences and bugs related to types for C. These improvements were made possible by the addition of semantic analysis and symbolic execution, which is the analysis not of the structure of your code, but of what the code is actually doing.

Read the rest of this page »

Page 1 of 2412345678910...20...Last »

© 2008-2015, SonarSource S.A, Switzerland. All content is copyright protected. SONARQUBE and SONARSOURCE are
trademarks of SonarSource SA. All other trademarks and copyrights are the property of their respective owners. All rights are expressly reserved.