SonarQube 7.9 released The wait is over

The Definitive Guide to
SonarQube 7.9 LTS

What is an LTS? It’s simply a version designed for Long-Term Support and built for months of reliability. Of course, all the features released since the last LTS (6.7) are neatly packaged up and included.

Read on to discover all the benefits to upgrading

New Languages

Since the last LTS, we added support for six more languages and hundreds of new rules. We now help you spot bugs, vulnerabilities and code smells in 27 popular languages.

SonarQube supports Kotlin programming language. SonarQube supports Scala programming language. SonarQube supports Ruby programming language. SonarQube supports CSS style sheet language. SonarQube supports GO programming language. SonarQube supports Apex programming language.

Developer Led App Security

With SonarQube, your development team finds security issues right in code review where they’re easiest to fix.

Security shield
Security

Hotspots chevron Code Review

Security Hotspots highlight suspicious code snippets that developers should review and triage as they may hide a vulnerability.

Available for:

Security Hotspots available for Java programming language. Security Hotspots available for JavaScript programming language. Security Hotspots available for Visual Basic programming language. Security Hotspots available for C# programming language. Security Hotspots available for Python programming language. Security Hotspots available for PHP programming language.
Security lock
Security

Vulnerabilities chevron Code Change/Fix

Security Vulnerabilities require immediate action. SonarQube provides detailed issue descriptions and code highlights that explain why your code is at risk.

Available for:

Security Vulnerabilities available for Java programming language. Security Vulnerabilities available for C# programming language. Security Vulnerabilities available for PHP programming language.

Detection of Injection Flaws
DE Available on Developer Edition EE Available on Enterprise Edition DCE Available on Data Center Edition

Don’t let untrusted user input flow through your code and compromise your application.

Taint Analysis tracks non-trusted user input throughout the execution flow for Java code
  • Java
  • PHP
  • C#
Dedicated security reports with standard OWASP and SANS categories

OWASP / SANS Security Reports
EE Available on Enterprise Edition DCE Available on Data Center Edition

Built-in security reports, with developer friendly language, shorten the vulnerability feedback loop and get developers fixing security holes quickly.

Analysis That Fits the Way You Work

Get all your code analyzed, right where it lives. We’ve included more tools and integrations that align analysis with your preferred workflow.

Pull Request Analysis
DE Available on Developer Edition EE Available on Enterprise Edition DCE Available on Data Center Edition

Adding to the analysis of feature and maintenance branches, you can now check the quality of your Pull Requests. Only commit clean, safe code.

Branches for Applications
EE Available on Enterprise Edition DCE Available on Data Center Edition

Monitor the quality of branches in your Applications, after choosing which branches to track in underlying projects.

Your branch analysis with Quality Gate

Pull Request Decoration

Quality & Security feedback right in your favorite ALM, with clear Quality Gate status and issue summary.

  • Bitbucket Server
  • GitHub Enterprise
  • Azure DevOps Server
Your pull request from Bitbucket using SonarQube

Enterprise Management Tools
EE Available on Enterprise Edition DCE Available on Data Center Edition

Know where your projects stand. Get everyone in the value chain speaking the same code quality ‘language’, derived from a common set of metrics.

Live Portfolio/Application Updating

Portfolio releasability along with other KPIs, are now updated automatically as underlying projects are analysed.

Clean Portfolio hierarchy for easier Enterprise management.
Live Portfolio dashboard with project rating breakdown by metric.

New Portfolio PDFs

The new format generates concise PDFs with actionable data that’s easy to embed in presentations and share with larger audiences.

Clean Portfolio hierarchy

The Portfolios page now focuses on the few global Portfolios you’ve defined and makes it easy for you to explore them more in detail.

Additional Features…

  • Project structure follows file directory layout
  • Built-in project badges
  • Import analysis from 3rd party tools (TSLint, ESLint, PMD, Checkstyle, etc.)
  • Scale compute engine resources

  • VB.NET now free and open-source
  • Documentation now embedded in the product
  • SAML 2.0 support
  • Create Portfolios using project tags

 

Time to enjoy all these
new LTS features!

Get SonarQube