- Authors:
- G. Ann Campbell,
- Patroklos P. Papapetrou
Summary SonarQube in Action shows developers how to use the SonarQube platform to help them continuously improve their source code. The book presents SonarQube's core Seven Axes of Quality: design/architecture, duplications, comments, unit tests, complexity, potential bugs, and coding rules. You'll find simple, easy-to-follow discussion and examples as you learn to integrate SonarQube into your development process. About the Technology SonarQube is a powerful open source tool for continuous inspection, a process that makes code quality analysis and reporting an integral part of the development lifecycle. Its unique dashboards, rule-based defect analysis, and tight build integration result in improved code quality without disruption to developer workflow. It supports many languages, including Java, C, C++, C#, PHP, and JavaScript. About the Book SonarQube in Action teaches you how to effectively use SonarQube following the continuous inspection model. This practical book systematically explores SonarQube's core Seven Axes of Quality (design, duplications, comments, unit tests, complexity, potential bugs, and coding rules). With well-chosen examples, it helps you learn to use SonarQube's review functionality and IDE integration to implement continuous inspection best practices in your own quality management process. The book's Java-based examples translate easily to other development languages. No prior experience with SonarQube or continuous delivery practice is assumed Purchase of the print book includes a free eBook in PDF, Kindle, and ePub formats from Manning Publications. What's InsideGather meaningful quality metrics Integrate with Ant, Maven, and Jenkins Write your own plugins Master the art of continuous inspectionAbout the Authors Ann Campbellb and Patroklos Papapetrou are experienced developers and team leaders. Both actively contribute to the SonarQube community. Table of ContentsPART 1 WHAT THE NUMBERS ARE TELLING YOU An introduction to SonarQubeIssues and coding standardsEnsuring that your code is doing things rightWorking with duplicate codeOptimizing source code documentationKeeping your source code files elegantImproving your application designPART 2 SETTLING IN WITH SONARQUBE Planning a strategy and expanding your insightContinuous Inspection with SonarQubeLetting SonarQube drive code reviewsIDE integrationPART 3 ADMINISTERING AND EXTENDING Security: users, groups, and roles Rule profile administration Making SonarQube fit your needsManaging your projectsWriting your own plugins
Cited By
Tóth M and Bozó I Supporting Secure Coding for Erlang Proceedings of the 39th ACM/SIGAPP Symposium on Applied Computing, (1307-1311)- Adams L, S. Abdelfattah A, Hossain Chy M, Perry S, Harris P, Cerny T, Amoroso d’Aragona D and Taibi D Evolution and Anti-patterns Visualized: MicroProspect in Microservice Architecture Software Architecture. ECSA 2023 Tracks, Workshops, and Doctoral Symposium, (309-325)
- Wu Z, Chen X and Lee S (2023). A systematic literature review on Android-specific smells, Journal of Systems and Software, 201:C, Online publication date: 1-Jul-2023.
- Chren S, Macák M, Rossi B and Buhnova B Evaluating Code Improvements in Software Quality Course Projects Proceedings of the 26th International Conference on Evaluation and Assessment in Software Engineering, (160-169)
- Wang J, Huang Y, Wang S and Wang Q Find bugs in static bug finders Proceedings of the 30th IEEE/ACM International Conference on Program Comprehension, (516-527)
- Tan A, Chong C and Aleti A (2022). E-SC4R, Journal of Systems and Software, 186:C, Online publication date: 1-Apr-2022.
- Vogel-Heuser B, Neumann E and Fischer J (2021). MICOSE4aPS: Industrially Applicable Maturity Metric to Improve Systematic Reuse of Control Software, ACM Transactions on Software Engineering and Methodology, 31:1, (1-24), Online publication date: 31-Jan-2022.
- Naik A, Mendelson J, Sands N, Wang Y, Naik M and Raghothaman M Sporq: An Interactive Environment for Exploring Code using Query-by-Example The 34th Annual ACM Symposium on User Interface Software and Technology, (84-99)
- Peldszus S, Bürger J, Kehrer T and Jürjens J (2021). Ontology-driven evolution of software security, Data & Knowledge Engineering, 134:C, Online publication date: 1-Jul-2021.
- Schnappinger M, Fietzke A and Pretschner A Human-level Ordinal Maintainability Prediction Based on Static Code Metrics Proceedings of the 25th International Conference on Evaluation and Assessment in Software Engineering, (160-169)
- Tan J, Feitosa D, Avgeriou P and Lungu M (2020). Evolution of technical debt remediation in Python, Journal of Software: Evolution and Process, 33:4, Online publication date: 1-Apr-2021.
- Buro S, Crole R and Mastroeni I On Multi-language Abstraction Static Analysis, (310-332)
- Amanatidis T, Mittas N, Moschou A, Chatzigeorgiou A, Ampatzoglou A and Angelis L (2020). Evaluating the agreement among technical debt measurement tools: building an empirical benchmark of technical debt liabilities, Empirical Software Engineering, 25:5, (4161-4204), Online publication date: 1-Sep-2020.
- Dias R, de Alcântara dos Santos Neto P, de Sousa Ibiapina I, Avelino G and da Costa Castro O Effects of Visualizing Technical Debts on a Software Maintenance Project Proceedings of the XVIII Brazilian Symposium on Software Quality, (39-48)
- Zhou S, Vasilescu B and Kästner C What the fork: a study of inefficient and efficient forking practices in social coding Proceedings of the 2019 27th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, (350-361)
- Heo K, Raghothaman M, Si X and Naik M Continuously reasoning about programs using differential Bayesian inference Proceedings of the 40th ACM SIGPLAN Conference on Programming Language Design and Implementation, (561-575)
- Schnappinger M, Osman M, Pretschner A and Fietzke A Learning a classifier for prediction of maintainability based on static analysis tools Proceedings of the 27th International Conference on Program Comprehension, (243-248)
- Lenhard J, Blom M and Herold S (2019). Exploring the suitability of source code metrics for indicating architectural inconsistencies, Software Quality Journal, 27:1, (241-274), Online publication date: 1-Mar-2019.
- Mercaldo F, Di Sorbo A, Visaggio C, Cimitile A, Martinelli F and Gerardo C (2018). An exploratory study on the evolution of Android malware quality, Journal of Software: Evolution and Process, 30:11, Online publication date: 14-Nov-2018.
- Behnamghader P, Meemeng P, Fostiropoulos I, Huang D, Srisopha K and Boehm B A scalable and efficient approach for compiling and analyzing commit history Proceedings of the 12th ACM/IEEE International Symposium on Empirical Software Engineering and Measurement, (1-10)
- Russo D, Ciancarini P, Falasconi T and Tomasi M (2018). A Meta-Model for Information Systems Quality, ACM Transactions on Management Information Systems, 9:3, (1-38), Online publication date: 30-Sep-2018.
- Alfayez R, Behnamghader P, Srisopha K and Boehm B An exploratory study on the influence of developers in technical debt Proceedings of the 2018 International Conference on Technical Debt, (1-10)
- Russo D, Taccogna G, Ciancarini P, Messina A and Succi G Contracting agile developments for mission critical systems in the public sector Proceedings of the 40th International Conference on Software Engineering: Software Engineering in Society, (47-56)
- Sousa L, Oliveira A, Oizumi W, Barbosa S, Garcia A, Lee J, Kalinowski M, de Mello R, Fonseca B, Oliveira R, Lucena C and Paes R Identifying design problems in the source code Proceedings of the 40th International Conference on Software Engineering, (921-931)
- Stevenson J and Wood M Inheritance usage patterns in open-source systems Proceedings of the 40th International Conference on Software Engineering, (245-255)
- de Andrade Gomes P, Garcia R, Spadon G, Eler D, Olivete C and Correia R Teaching software quality via source code inspection tool 2017 IEEE Frontiers in Education Conference (FIE), (1-8)
- Lenhard J, Hassan M, Blom M and Herold S Are code smell detection tools suitable for detecting architecture degradation? Proceedings of the 11th European Conference on Software Architecture: Companion Proceedings, (138-144)
- Tollin I, Fontana F, Zanoni M and Roveda R Change Prediction through Coding Rules Violations Proceedings of the 21st International Conference on Evaluation and Assessment in Software Engineering, (61-64)
- Rahman A, Pradhan P, Partho A and Williams L Predicting Android application security and privacy risk with static code metrics Proceedings of the 4th International Conference on Mobile Software Engineering and Systems, (149-153)
- Matthies C, Kowark T, Richly K, Uflacker M and Plattner H ScrumLint Proceedings of the 9th International Workshop on Cooperative and Human Aspects of Software Engineering, (40-43)
- Schreiber M, Kraft B and Zündorf A Cost-efficient quality assurance of natural language processing tools through continuous monitoring with continuous integration Proceedings of the 3rd International Workshop on Software Engineering Research and Industrial Practice, (46-52)
- Stroggylos K, Mitropoulos D, Tzermias Z, Papadopoulos P, Rafailidis F, Spinellis D, Ioannidis S and Katsaros P Securing Legacy Code with the TRACER Platform Proceedings of the 18th Panhellenic Conference on Informatics, (1-6)