More Related Content
Similar to postgres.pptx
Similar to postgres.pptx (20)
Recently uploaded
Recently uploaded (20)
postgres.pptx
- 1. ARIT Jodhpur Training Session - SonarQube By:- SHERU GAUR Date:- 19–Jan–2023
- 2. Agenda What is SonarQube? Benefits of SonarQube? Alternative of SonarQube Understanding Various License of SonarQube Architecture of SonarQube How SonarQube works? Components of SonarQube
- 3. Introduction SonarQube is a web-based open source platform by Sonar Source, used to measure and analyze the source code quality. Code quality analysis makes your code more reliable and more readable. It is implemented in Java language and can analyze the code of about 20 different programming languages, including c/c++, PL/SQL, Cobol etc through plug-in. It combines static and dynamic analysis tools and enables quality to be measured continually over time.
- 5. Benefits of SonarQube? Sustainability – Reduces complexity, possible vulnerabilities, and code duplications, optimizing the life of applications. Increase productivity – Reduces the scale, cost of maintenance, and risk of the application; as such, it removes the need to spend more time changing the code. Quality code – Code quality control is an inseparable part of the process of software development. Detect Errors – Detects errors in the code and alerts developers to fix them automatically before submitting them for output. Increase consistency – Determines where the code criteria are breached and enhances the quality. Business scaling – No restriction on the number of projects to be evaluated. Enhance developer skills – Regular feedback on quality problems helps developers to improve their coding skills.
- 6. Alternative of SonarQube There is not a popular known alternate of SonarQube and Reasonable is definitely dominating the Software Quality management domain in terms of open source category. But you may try following tools depends on the use and project requirements. JSHint (Java Script Only) JSHint is a community-driven tool that detects errors and potential problems in JavaScript code. Since JSHint is so flexible, you can easily adjust it in the environment you expect your code to execute. JSHint is open source and will always stay this way. It is a program that flags suspicious usage in programs written in JavaScript. The core project consists of a library itself as well as a CLI program distributed as a Node module. This tool used in software development for checking if JavaScript source code complies with coding rules Coverity It is Static Code Analysis tool. Find critical defects and security weaknesses in code as it’s written before they become vulnerabilities, crashes, or maintenance headaches.
- 7. How beneficial SonarLint SonarLint highlights all the issues in our codes and also displays the severity of each issue. SonarLint also provides suggestions for how to fix those code issues which are highlighted. SonarLint starts the processing of the file as soon as it is opened and highlights all the issues which it found. When we fix the issue, we don't even need to create a new build or generate fresh code quality report, as soon as we save the file with the changes, it does the processing again and shows the result if the issue is fixed or not. SonarLint saves a lot of time and effort by saving us from doing fresh build every time and generating new code quality report every time, thus increasing the efficiency and output which is in return beneficial for the client.
- 9. Various License of SonarQube
- 10. Architecture of SonarQube SonarQube Architecture mainly have four components. we will see it's top-level components of the platform and how they interact. The core engine of the platform, is supported by additional code analyzers that Sonar organizes together to measure quality. Sonar Scanner Source Code Sonar Analyzer SonarQube Database
- 12. Sonar Dashboard
- 13. Thank You