sonarqube
by
SonarSource

Description: Continuous Inspection

View on GitHub ↗

Summary Information

Updated 14 minutes ago
Added to GitGenius on August 31st, 2021
Created on January 5th, 2011
Open Issues & Pull Requests: 1 (+0)
Number of forks: 2,203
Total Stargazers: 10,780 (+1)
Total Subscribers: 337 (+0)

Issue Activity (beta)

Open issues: 0
New in 7 days: 0
Closed in 7 days: 0
Avg open age: N/A days
Stale 30+ days: 0
Stale 90+ days: 0

Recent activity

Opened in 7 days: 0
Closed in 7 days: 0
Comments in 7 days: 0
Events in 7 days: 0

Top labels

No label distribution available yet.

Most active issues this week

No issue events were indexed in the last 7 days.

Detailed Description

SonarQube is a continuous inspection platform written in Java that enables organizations to systematically improve code quality by identifying and tracking issues in their applications. The repository at sonarsource/sonarqube serves as the backend implementation of this widely-used static analysis tool, which is maintained by SonarSource and distributed under the GNU Lesser General Public License, Version 3.0.

The core functionality of SonarQube centers on continuous inspection, which goes beyond simply reporting the current health of an application. The platform highlights issues newly introduced to codebases and supports the implementation of Quality Gates, allowing development teams to achieve and maintain Clean Code standards. This approach enables systematic improvement of code quality over time rather than treating quality as a one-time assessment. The platform addresses multiple dimensions of code quality including test coverage, technical debt, security vulnerabilities, bug detection, and adherence to coding standards.

The repository is classified across a comprehensive range of quality and security domains: code quality, static analysis, static code analysis, code metrics, continuous integration, security scanning, vulnerability assessment, and project management. This breadth reflects SonarQube's role as a multi-faceted tool that integrates into development workflows to enhance developer productivity while maintaining rigorous quality standards.

Building the SonarQube backend requires Java 17, native Git, and npm. The project uses Gradle as its build system, with the build process generating a zip distribution file in sonar-application/build/distributions/. The build system supports various commands including dependency listing, source header fixing via spotlessApply, and Gradle wrapper upgrades. Tests can be disabled during builds if needed, though they are executed by default.

An important architectural aspect of SonarQube is the separation of concerns between the backend and user interface. The UI, referred to as the webapp, is maintained in a separate repository at sonarqube-webapp. During standard builds of the sonarqube repository, the webapp is automatically downloaded from Maven Central as a dependency, allowing backend contributors to work without managing UI changes. However, contributors making UI modifications must clone the webapp repository separately, build it locally, and then build the main sonarqube repository using the WEBAPP_BUILD_PATH environment variable to incorporate their custom UI build.

The project maintains a structured approach to contributions. While the repository accepts pull requests, SonarSource explicitly notes that they are not actively seeking feature contributions due to the difficulty of external contributors aligning with their roadmap and expectations. The project typically accepts only minor cosmetic changes and typo fixes from the community. Feature requests and bug reports are directed to the SonarSource Community forum rather than GitHub issues, as issue tracking is managed through a read-only Jira instance where only SonarSource employees can create tickets.

The repository includes comprehensive documentation and multiple entry points for users and developers. The official website, downloads, and detailed documentation are available through SonarSource's product pages. A Next instance provides access to upcoming SonarQube versions, and the project maintains active community engagement through its forum and social media presence on X (formerly Twitter).

sonarqube
by
SonarSourceSonarSource/sonarqube

Repository Details

Fetching additional details & charts...