I've used the C plugin for Sonar for while.
But the plugin library list has recently been updated and seems to indicated the C plugin has been merged with the commercial c++ plugin?
Does that mean that the C plugin is no longer free of charge?
Is the C plugin still active, in terms of developing features and support?
Jesper
The C plugin is still available for download and usage.
But it will no longer be supported and will no longer evolve.
The default C/C++/Objective-C plugin for SonarQube is commercial right now. You have to pay to use it. The Sonar Community C /C++ plugin is good. It has many functionalities. Its called sonar-cxx. You can find it Here- https://github.com/wenns/sonar-cxx/wiki/Installation
You can download it from here - https://github.com/wenns/sonar-cxx/releases/tag/cxx-0.9.1
Related
With Sonarqube no longer supporting Developer Cockpit I am in search of a recommended plugin to replace it with. Is there any other commercial or non commercial plugins that are intended to replace this?
I have not found any documentation or suggestions this far.
As far as I know, there's currently no replacement plugin.
From SonarSource perspective, it is planned to develop this set of developer-oriented features as part of SonarQube roadmap: https://www.sonarqube.org/roadmap/
I am using eclipse Mars 4.5.0 IDE and I would like to do some Groovy project.Adding groovy as a plugin is not working, because I am not able to connect to http://dist.springsource.org/snapshot/GRECLIPSE/e4.5/p2.index. In fact even simple update are not working. There is always some connection time out like connection to http://download.eclipse.org/eclipse/update/4.5/content.xml.
However I do have groovy installed on my system. Is there anyway I could tell the IDE to use the system groovy? Or is it possible to download the plugin and manually add it to the IDE? I am using windows 7
The groovy compiler delivered by the plugin is patched and therefore I don't think it is possible to use an external groovy compiler.
If you're behind a proxy, try to configure eclipse with manual proxy settings.
At least the 4.6 and 4.7 snapshot update site works well for me ATM, but when i had access problems, I downloaded the last working build from the ci server mentioned in the wiki:
e.g. E45 build and publish -> #393 -> Artifacts -> Zipped Update Site
and used it as an update site (add.. -> archive).
I'm trying to notify my Slack when a SonarQube analysis has been processed and for that I saw a plugin: https://github.com/astrebel/sonar-slack-notifier-plugin
I followed all the step but I didn't see the slack hook setting in my administration/general view.
You don't mention your version of SonarQube, but that plugin's README clearly states that it is no longer maintained, and implies that it's not compatible above SonarQube 5.4.
Assuming you have a more recent version than that, you should look at the built-in webhooks, which will POST notifications once analysis reports have been integrated.
Any ideas when cobertura will support java 7?
Found http://sourceforge.net/tracker/index.php?func=detail&aid=3295711&group_id=130558&atid=720018
We preferred cobertura over emma and other code coverage tools and looks like we have to redo all those again, now that none of them support java 7 yet.
Thanks
Cobertura 2.0.3 supports Java 7, the cobertura-maven-plugin version 2.6 which uses this version has been just released
I was able to get it to work by adding the following argument:
-XX:-UseSplitVerifier
I got it from here.
I think the answer is: it won't. There is discussion on the mailing list that the project is not being maintained, and there are Java 7 bugs that have been open for a year. On the bright side, JaCoCo functionality is comparable and is being actively maintained.
Further to Jagger's comment, it looks like this is now being actively worked on for the next release - see:
https://github.com/cobertura/cobertura/commit/b303fdc94851088a3c8699651770faef33180924
with the comment "Fix java 7 stack map issue".
Old thread, but my answer may be useful: Cobertura does support the latest Java versions and is actively maintained. eCobertura (the Eclipse plug-in for Cobertura) hasn't been maintained since 2010, but Cobertura itself is still maintained.
eCobertura will not run with Java 7 or higher, but Cobertura will.
If you are looking for coverage reports (suc h as the ones that eCobertura used to provide), just run the Cobertura maven plugin with mvn cobertura:cobertura and check the HTML report under target/site/cobertura/index.html
We are working on a web project from scratch and are looking at the following static code analysis tools.
Conventions (Checkstyle)
Bad practices (PMD)
Potential bugs (FindBugs)
The project is built on Maven. Instead of using multiple tools for the purpose, I was looking at a single flexible solution and came across SonarQube.
Is it true that we can achieve the results from Checkstyle, PMD and Findbugs with SonarQube?
Sonar will run CheckStyle, FindBugs and PMD, as well as a few other "plugins" such as Cobertura (code coverage) by default for Java projects. The main added value, however, is that it stores the history in a database. You can then see the trend. Are you improving the code base or are you doing the opposite? Only a tool with memory can tell you that.
You should run Sonar in your CI system so that even things that take some time to execute (such as CPD – copy paste detector) can run. And you'll have your history. Whereas with an Eclipse plugin, for example, you'll detect violations sooner – which is great – but you will be tempted to run it less often if it starts taking too long, or run less "quality plugins" (such as skipping CPD or skipping code coverage analysis). And you won't have history.
Also, Sonar generates visual reports, "Dashboard" style. Which makes it very easy to grasp. With Sonar in Jenkins, you'll be able to show developers and your management the effects of the work that was performed on the quality of the code base over the last few weeks and months.
Sonar uses these 3 tools as plugins and aggregates the data from all three giving addition value by showing graphs and such from these tools. So they are complementary to sonar.
Yes and no. In addition to the other answers.
SonarQube is currently on the way to deprecate PMD, Checkstyle and Findbugs and use their own technology to analyze Java code (called SonarJava). They do it, because they don't want to spend their time fixing, upgrading (or waiting on it) those libraries (e.g. for Java 8), which for example uses outdated libraries.
They also got a new set of plugins for your personal IDE called SonarLint.
Sonar is great, but if you want to use the mentioned tools separately and still have nice graphs, you can use the Analysis Collector Plugin as part of your Jenkins CI build. A slight advantage of this is that you can check in your PMD/Findbugs/Checkstyle configuration into your SCM and have it integrated into your Maven build, rather than relying on a separate Sonar server.
... a few years later: no, it is not! SonarQube supposes to be able to cover all the rules with its own analyzer, but there are still rules from PMD or CheckStyle not covered by SonarQube. See for example: PMD ReturnFromFinallyBlock.
Sonar is much more than these tools alone.
The greatest benefits is the gui, which lets you configure anything easily.
The statistics it offers are very detailed (lines of code etc).
And it even offers great support for test coverage etc :)
Here you can take a good look:
http://nemo.sonarsource.org/
I would still use these tools in addition to sonar because they can fail the maven build when someone violates a rule. Where as sonar is more retrospective.
Well at least since SonarQube 6.3+ it seems to be that Findbugs is (at the moment) no longer supported as a plugin. Sonarsource is working on replacements of Findbugs-rules with its own Java-plugin.
They even had a list for the replacement status of each rule here, but it got removed by now.
See https://community.sonarsource.com/t/where-is-dist-sonarsource-com-content/5353 for more details.