SonarQube for IDE

Home

Install for free
Install for free
VS Code

April 21, 2023

SonarQube for IDE: Visual Studio Code v3.17

SonarQube for IDE: Visual Studio Code v3.17 empowers developers to write Clean Code for IaC domains, plus brings a new format for the Rule Help feature and more!


With this release, SonarQube for IDE can analyze the following IaC files:

  • Terraform
  • CloudFormation
  • Docker
  • Kubernetes


With a focus on Security Hotspots, available in SonarQube for IDE when used in connected mode to SonarQube Server 9.7+, developers can create Clean Code for these popular Infrastructure as Code domains.


In addition, this release brings a new format for the Rule Descriptions with educational information to enhance the developer experience.

Now, when clicking on an issue's code in the Error List, you will be presented with contextualized guidance as follows:


Why this is an issue | How to fix it | More info 


Initially available for the top 15 security vulnerabilities, this feature is being progressively rolled out for all remaining rules, helping developers learn as they code.


Plus:


  • New Python rules and quick fixes related to type hints and regular expressions.
  • 3 Java rules that cover design and architecture good practices for Monster Class, Brain Method, and Singleton.



For further details, check out our release notes and community announcement.

VS Code

March 24, 2023

SonarQube for IDE: Visual Studio Code v3.16

SonarQube for IDE: Visual Studio Code v3.16 delivers analysis of Jupyter notebooks, plus support for Go


Responding to the view that code quality is a major challenge with Jupyter notebooks, we are excited to announce that SonarQube for IDE now scans Python/IPython code!


Simply open the notebook and issues in your code will be squiggled by SonarQube for IDE in the code editor and also listed in the Problems view. In addition, SonarQube for IDE rule descriptions provide contextual help, plus a handy quick-fix option for easy remediation.


This represents the first step in empowering Data Scientists to create Clean Code


Plus, 


  • Support for Go analysis
  • A new "Help and feedback" view with handy links for raising any questions or issues using SonarQube for IDE.


For further details, check out our release notes and community announcement.

VS Code

March 08, 2023

SonarQube for IDE: Visual Studio Code v3.15

SonarQube for IDE: Visual Studio Code v3.15 brings automatic analysis of JavaScript code within your HTML files, plus new Quick Fixes for Java and Python.


With 300+ JavaScript detections supported by Sonar, each with a description to help you understand and fix the issue, this latest release from SonarQube for IDE empowers developers to write Clean JavaScript Code within their HTML files. In addition, 43 JavaScript rules have associated Quick Fixes to further help developers.


Plus:

  • 11 new Quick Fixes for Java and 17 for Python


For further details, check out our release notes and community announcement.

VS Code

February 06, 2023

SonarQube for IDE: Visual Studio Code v3.14

SonarQube for IDE: Visual Studio Code v3.14 brings Security Hotspots reporting in your IDE, plus new rules for C++ users.


A Security Hotspot highlights a security-sensitive piece of code requiring developer review.

With this latest release, SonarQube for IDE can now directly report in VS Code any unreviewed Security hotspot that is present in the source files you are working on. 

This means any new hotspots introduced by you will be instantly flagged. Then, simply right-click on the Security Hotspot, and choose Review on Server, to open the Hotspot in SonarQube Server*, and set the output of the review. 


*Available for users of SonarQube Server (min version 9.7) in connected mode to SonarQube for IDE.


Plus 13 new rules to help with C++ 20's std::format feature

 

For further details, check out our release notes and community announcement.

VS Code

December 22, 2022

SonarQube for IDE: Visual Studio Code v3.13

SonarQube for IDE: Visual Studio Code v3.13 brings support for CSS code analysis, enabling developers to write clean front-end code.

 

Additionally, we have added:

 

For further details, check out our release notes and community announcement.

VS Code

November 22, 2022

SonarQube for IDE: Visual Studio Code v3.12

SonarQube for IDE: Visual Studio Code v3.12 delivers improvements to the investigation of taint vulnerabilities.

 

SonarQube for IDE can now display injection vulnerabilities for the whole project, irrespective of where the issue's sink is located. 

 

In addition, SonarQube for IDE will notify you immediately that SonarQube Server (v9.6 onwards) has detected new taint vulnerabilities in your project.

 

While taint vulnerabilities are not detected by SonarQube for IDE (this happens in SonarQube Server and SonarQube Cloud), it's now even easier to investigate and fix them.

 

Plus, we've also added four new quick fixes for Python issues!

 

For further details, check out our release notes and community announcement.

VS Code

October 18, 2022

SonarQube for IDE: Visual Studio Code v3.11

SonarQube for IDE: Visual Studio Code v3.11 enhances the connected mode setup experience with a new, simplified authentication process to SonarQube Server.

 

Together with SonarQube Server v9.7, SonarQube for IDE now offers to automatically generate and securely store the authentication token for you.


Plus: 

  • Support for TypeScript 4.8 and for PHP 8.2

 

For further details, check out our release notes and community announcement.

VS Code

September 29, 2022

SonarQube for IDE: Visual Studio Code v3.10

SonarQube for IDE: Visual Studio Code v3.10 further simplifies connected mode setup for all developers working in a team, plus brings new rules for Python developers!

 

Using connected mode, SonarQube for IDE will offer to bind your local folders to remote projects analyzed by a SonarQube Server instance, or within a SonarQube Cloud organization, you are connected to. Simply accept or reject the suggestion SonarQube for IDE provides.

 

Plus, for Python developers:

  • 7 new rules dedicated to ensuring the quality of your unit test code.

 

For further details, check out our release notes and community announcement.

VS Code

September 28, 2022

SonarQube for IDE: Visual Studio Code v3.9

SonarQube for IDE: Visual Studio Code v3.9 brings tighter integration to SonarQube Server, plus great news for JavaScript and TypeScript developers!

 

Building upon the enhanced connected mode UI delivered in v3.8, this release adds real-time issue sync from SonarQube Server. Now, an issue suppressed in SonarQube Server will be synced to SonarQube for IDE in seconds, automatically.

 

Plus for JS/TS developers:

 

For further details check out our release notes and community announcement.

VS Code

August 11, 2022

SonarQube for IDE: Visual Studio Code v3.8

This release delivers further enhancements to the SonarQube for IDE UI, ensuring a smooth setup process when enabling Connected Mode to SonarQube Server and SonarQube Cloud.


The SonarQube for IDE UI delivers step-by-step guidance throughout the entire connected mode setup, including the project bindings. 


With Connected Mode to SonarQube Server or SonarQube Cloud enabled, SonarQube for IDE will: 

  • Use the same quality profile locally
  • Sync any file or directory inclusions/exclusions
  • Mute any issues already flagged as Won’t Fix or False Positive


Discover more benefits of Connected Mode. 


Read more in our release notes and community announcement.