.NET - Enables to perform objective and automated code quality reviews against pre-defined or home made coding best practices on multi-language .NET solutions (C# + VB.NET).
ABAP (Commercial) - Enables to perform objective and automated SAP ABAP code quality reviews against coding best practices.
C/C++ (SonarSource, Commercial) - Enables to perform objective and automated C/C++ code quality reviews against pre-defined or home made coding best practices.
C++ (Community) - Provides basic support for C++ projects.
C# - Provides support for C# projects.
Cobol (Commercial) - Enables to perform objective and automated Cobol code quality reviews against pre-defined or home made coding best practices.
Delphi / Pascal - Provides support for Delphi or Pascal projects.
Drools - Provides support for Drools projects.
Erlang - Provides support for Erlang projects.
Flex / ActionScript - Provides support for ActionScript projects.
Groovy - Provides support for Groovy projects.
Java - Provides support for Java projects.
Natural (Commercial) - Enables to perform objective and automated Natural code quality reviews against coding best practices.
Pacbase (Commercial) - Provides support for Pacbase projects.
PHP - Provides support for PHP projects.
PL/I (Commercial) - Enables to perform objective and automated PL/I code quality reviews against pre-defined or home made coding best practices.
PL/SQL (Commercial) - Enables to perform objective and automated PL/SQL code quality reviews against pre-defined or home made coding best practices. This plugin can extract PL/SQL code from Oracle Forms.
Python - Provides support for Python projects.
VB.NET (Commercial) - Enables to perform objective and automated VB.NET code quality reviews against pre-defined or home made coding best practices.
Visual Basic 6 (Commercial) - Enables to perform objective and automated Visual Basic 6 code quality reviews against coding best practices.
Web - Provides support for web pages (HTML, JSP, JSP, PHP, Ruby, etc.).
XML - Provides support for XML projects.
Developer Cockpit (Commercial) - Enables each developer to identify their individual contributions to a project and fosters best practices in code quality self-management.
Issues Report - Run local analyses on your source code (compatible with all languages).
Branding - Adds your own logo to the SonarQube UI.
Build Breaker - Makes the build fail if pre-defined alert thresholds are hit.
Cutoff - Excludes files from analysis based on a cutoff date threshold, to analyze the work done on an existing code base and measure the quality of new code/changes only.
Fortify - Imports reports from Fortify: Fortify Security Rating, number of issues, vulnerability issues as SonarQube issues.
Google Calendar - Posts an event, when project is analysed by SonarQube.
LDAP - Enables the delegation of SonarQube authentication and authorization to LDAP and Microsoft Active Directory.
Maven Report - Adds a link to the Maven site to reference SonarQube project's dashboard.
OpenID - Enables user authentication and Single Sign-On via an OpenID provider.
PAM - Enables the delegation of SonarQube authentication to underlying PAM subsystem.
SCM Activity - Collects and reports information on commits using SCM data.
Switch Off Violations - Excludes some violations in a fine-grained way.
Quality Index - Calculates a global Quality Index based on coding rules, Style, Complexity and Coverage by unit tests.
SIG Maintainability Model - Adds an implementation of the SIG MM to evaluate the maintainability of an application.
SQALE - Quality Model (Commercial) - Adds an implementation of the SQALE Methodology to compute technical debt, which supports the evaluation of a software application’s source code in the most objective, accurate, reproducible and automated way possible.
Technical Debt - Calculates the technical debt on every component of projects with a breakdown by duplications, documentation, coverage, complexity...
Total Quality - Provides an overall measure of the quality of projects linking code quality, design, architecture, and unit testing.
Toxicity Chart - Stacks multiple static analysis metrics for classes, methods, or components within an application, providing a combined "toxicity" score for each area of the code base.
Views - Portfolio Management (Commercial) - Enables aggregation of projects. Projects can be grouped into applications, applications into teams, teams into departments...
Visualization / Reporting
Doxygen - Generates the documentation of the application using Doxygen and Graphviz.
Motion Chart - Displays projects measures using the super sexy Google Motion Chart Gadget.
PDF Report - Generates a PDF report with the results of projects analysis.
Report (Commercial) - Provides a way to report information by sending PDF report via email.
SCM Stats - Generates reports based on SCM change log information.
Tab Metrics - Adds a new tab containing information about all metrics at file level.
Timeline - Displays measures history using a Google Timeline Chart to replay the past.
Widget Lab - Adds new ways to look at existing data through new widgets.
Abacus - Estimates the complexity of each file in order to help you use the 'abacus methodology'.
Artifact Size - Reports on the size of the artifact generated by projects.
Build Stability - Reports on stability of project build using Continuous Integration engine data.
Clirr - Checks Java libraries for binary and source compatibility with older releases.
fb-contrib - Additional rules from fb-contrib project associated to the FindBugs plugin.
GreenPepper - Collects and reports tests results of executable specifications provided by GreenPepper.
JIRA Issues - Retrieves and reports the number of project issues from JIRA.
JMeter - Displays JMeter test results in SonarQube.
Mantis - Retrieves and reports the number of project issues from Mantis.
Security Rules - Enables to zoom on security rules violations to keep them under control.
Sonargraph - Provides architecture governance features accompanied by metrics about cyclic dependencies and other structural aspects using Sonargraph.
SonarJ - Provides architecture governance features accompanied by metrics about cyclic dependencies and other structural aspects using SonarJ.
Taglist - Generates a report on various tags found in the code, like
Trac - Retrieves and reports the number of project issues from a Trac instance.
Useless Code Tracker Plugin - Reports on the number of lines that can be reduced in an application.
Violation Density - Computes a new metric named violation density. This is kind of "opposite" for rules compliance metric.
Language packs are plugins that change the language of the user interface. They rely on the browser language. Default English pack is embedded in SonarQube. Additional language packs are: Chinese, French, Greek, Italian, Japanese, Portuguese, Spanish
External Tools Integration
- SonarQubeOpenSocial Gadgets - A suite of gadgets developed for GateIn that should also work in any other standard gadget container (JIRA4, Shindig)
- SonarQube gadgets in JIRA4 - Developed by Marvelution, it enables to display several SonarQube gadgets in JIRA, along with a Project tab panel.
- SonarQube gadgets in JIRA4 - Developed by Ross Rowe, a set of gadgets that integrate SonarQube information within a JIRA 4 dashboard.
- SecureCI - An open-source continuous integration solution that is packaged as a virtual machiNE and can be run with the VMware Player. It integrates many tools like SonarQube, Maven, Nexus, Hudson and Subversion.
- Structure101 - Tracks metrics for software architecture.
- AnthillPro - Enables to configure and launch SonarQube analysis from AnthillPro.
- Bamboo - Enables to configure and launch SonarQube analysis from Bamboo, the Atlassian CI engine.
- Memtracker - Tracks peak memory usage during functional test execution.
- City Model - Displays your source code as a 3D city using SonarQube metrics.
- PMD Model - Provides information about violations detected by PMD, such as the number of violations by category or the level of implication of PMD in your quality profile.
- Findbugs Model - Provides information about violations detected by Findbugs, such as the number of violations by category or the level of implication of Findbugs in your quality profile.
- Checkstyle Model - Provides information about violations detected by Checkstyle, such as the number of violations by category or the level of implication of Checkstyle in your quality profile.
- ABC Metric - Calculates a new size metric based on ABC (Assignment, Branches, Conditions) in Java projects.
- Logo Plugin - Includes a widget to show your project logo or any other image in your dashboard.
- Scertify™ Refactoring Assessment - Detects the portions of an application that can be refactored, gives valuable information on refactoring strategies, and costs.
- Benchmark Plugin - Shows statistical information (average, minimum, maximum, distribution) to compare your projects metrics and retrieve your rank and percentile inside your SonarQube instance.
- Formula Plugin - Shows values of new metrics created by a formula with the combination of others.
- OWASP Plugin - Provides information about the OWASP Top 10 Web Application Security Risks and gives you an overall security risk factor for your project.
- FxCop Model - Provides FxCop information for your C# .NET project, such as number of violations by category (design, naming, performance,...) or the level of implication of FxCop in your quality profile.
- Gendarme Model - Provides Gendarme information for your C# .NET project, such as number of violations by category (correctness, security, exceptions, concurrency, ...) or the level of implication of Gendarme in your quality profile.
- StyleCop Model - Provides StyleCop information for your C# .NET project, such as number of violations by category (maintainability, naming, ordering, readability, ...) or the level of implication of StyleCop in your quality profile.
- Database Metrics - Provides a new language to analyze relational database models, with its own set of rules and metrics. Supports MySQL and Oracle.