Sonar En
Download as PPT, PDF0 likes185 views
Sonar is an open source code quality management platform that analyzes code to check for bugs, vulnerabilities, and maintainability issues. It covers seven axes of code quality including architecture, design, comments, coding rules, potential bugs, complexity, and unit tests. Sonar provides centralized quality management across all projects, with metrics, alerts, and trends over time. Developers can integrate it with build tools like Maven to continuously analyze code quality.
Sonar En
- 1. http://www. sonarsource.org Quality Management Platform
- 2. What is ‘Code quality platform’? Sonar is an open platform to manage code quality. As such, it covers the 7 axes of code quality: Architecture & Design, Comments, Coding rules, Potential bugs, Complexity, Unit tests, Duplications. B enefit of using ‘Code quality platform’ - q uality is central and you can easily manage it. Quality Management Platform
- 3. Sonar has been a very popular quality management platform. The platform is billed as to continuously analyze and measure the code quality . Sonar is an aggregate tool for complex source code management and quality measures. It uses Clover2, Cobertura, PMD, Checkstyle, and Findbugs under the hood. What is Sonar ? Many l anguages are covered (Java, C, .Net, Flex, PHP, PL/SQL, Cobol, JSP, JSF, Visual Basic 6) ; Extend ed with plugins ; All quality in one central place; Web-based application and everything is in 3 clicks;
- 4. All projects are in the open Easy d rill down to source code Coding rules Unit Tests Standard Metrics TimeMachine Maven ready Leverage existing components Plugins Security Why use Sonar ?
- 5. There is a very simple procedure: Create a file named 'pom.xml' into the root directory of your project Execute the maven2 plugin (#> mvn sonar:sonar) And that’s it! Any m anual measures can be easily managed directly from the component (project, module or package) dashboard There is a possibility to integrate with Bamboo, CruiSeControl, Hudson, TeamCity. How Sonar works?
- 6. Home page | filters | favourites Browsing project | customising dashboards | Rules Compliance Index (RCI) | Treemap | Events | Alerts The resource viewer | violation tab| duplication tab| coverage tab | dependencies tab | Quality profiles | Alert configuration Time machine | custom chart Tendencies Coding rule mapping ( Checkstyle , PMD , Findbugs ) Update center | plug-in Library Sonar in actions
- 7. Physical lines | Lines of code Comment lines | Commented-out lines of code Packages | Files | Classes | Directories Accessors | methods | Public API Duplicated lines | blocks | files Statements | Complexity | complexity by method | Average complexity by file Unit tests | Line coverage Tags | etc Sonar metrics CHECKSTYLE | PMD | FindBugs
- 8. Main features: Possible bugs - empty try/catch/finally/switch statements Dead code - unused local variables, parameters and private methods Suboptimal code - wasteful String/StringBuffer usage Overcomplicated expressions - unnecessary if statements, for loops that could be while loops Duplicate code - copied/pasted code means copied/pasted bugs PMD ( Programming Mistake Detector )
- 9. Sonar is a web application and requires a maven plugin that uses both a database s . System Requirements Java Development Kit v.1.5 or later Maven 2.x or 3.x (since Sonar 2.4) Database (Mysql, Oracle, PostgreSQL, MSSQL) Web Server needs a healthy 500Mb of RAM Browser should allow Javascript
- 10. Thank you! :) Author: Trusov Aleksey Any questions?