Here's the list of plugins hosted on the SonarSource plugin forge.
Tempted to write your own plugin and share it? Want to contribute your plugin back to the community? Just follow the instructions on the Hosting on the Forge page.
A language plugins provides the ability to run analysis on a specific language. More than 20 languages are currently supported. Available language plugins are:
- .NET (C# + VB.NET)
- ABAP (Commercial)
- C/C++ (Commercial)
- C++ (Community)
- Cobol (Commercial)
- Delphi / Pascal
- Flex / ActionScript
- Natural (Commercial)
- Pacbase (Commercial
- PL/I (Commercial)
- PL/SQL (Commercial)
- VB.NET (Commercial)
- Visual Basic 6 (Commercial)
Developer Cockpit (Commercial) - Enables each developer to identify their individual contributions to a project, and fosters best practices in code quality self-management.
Issues Report - Run local analyses on your source code. (Compatible with all languages).
Branding - Adds your own logo to the SonarQube UI.
Build Breaker - Makes the build fail if pre-defined alert thresholds are hit.
Cutoff - Excludes files from analysis based on a date threshold, to analyze the work done on an existing code base and measure the quality of new code/changes only.
Fortify - Imports reports from Fortify: Fortify Security Rating, number of issues, and vulnerability issues. Vulnerability issues are recorded as SonarQube issues.
Google Calendar - Posts an event when a project is analysed by SonarQube.
Maven Report - Adds a link to the Maven site to reference the project's SonarQube dashboard.
SCM Activity - Collects and reports information on commits using SCM data.
Switch Off Violations - Excludes some violations in a fine-grained way.
Authentication & Authorization
LDAP - Enables the delegation of SonarQube authentication and authorization to LDAP and Microsoft Active Directory.
OpenID - Enables user authentication and Single Sign-On via an OpenID provider.
PAM - Enables the delegation of SonarQube authentication to the underlying PAM subsystem.
Visualization / Reporting
Doxygen - Generates the documentation of the application using Doxygen and Graphviz.
Motion Chart - Displays projects measures using the super sexy Google Motion Chart Gadget.
PDF Report - Generates a PDF report with the results of projects analysis.
Report (Commercial) - Provides a way to report information by sending a PDF report via email.
SCM Stats - Generates reports based on SCM change log information.
Timeline - Displays the history of multiple metrics using a Google Timeline Chart to replay the past.
Widget Lab - Adds new ways to look at existing data through new widgets.
Quality Index - Calculates a global Quality Index based on coding rules, Style, Complexity and Coverage by unit tests.
SIG Maintainability Model - Adds an implementation of the SIG MM to evaluate the maintainability of an application.
SQALE - Quality Model (Commercial) - Adds an implementation of the SQALE Methodology to compute technical debt, which supports the evaluation of a software application’s source code in the most objective, accurate, reproducible and automated way possible.
Technical Debt - Calculates the technical debt on every component of projects with a breakdown by duplications, documentation, coverage, complexity...
Total Quality - Provides an overall measure of the quality of a project, linking code quality, design, architecture, and unit testing.
Toxicity Chart - Stacks multiple static analysis metrics for classes, methods, or components within an application, providing a combined "toxicity" score for each area of the code base.
Views - Portfolio Management (Commercial) - Enables aggregation of projects. Projects can be grouped into applications, applications into teams, teams into departments...
Abacus - Estimates the complexity of each file in order to help you use the "abacus methodology".
Artifact Size - Reports on the size of the artifact generated by a project.
Build Stability - Reports on stability of project build using data from your Continuous Integration engine.
Clirr - Checks Java libraries for binary and source compatibility with older releases.
fb-contrib - Additional rules from the fb-contrib project associated with the FindBugs plugin.
GreenPepper - Collects and reports tests results of executable specifications provided by GreenPepper.
JMeter - Displays JMeter test results in SonarQube.
Mantis - Retrieves and reports the number of project issues from Mantis.
Security Rules - Allows a more prominent reporting of security-related issues to help you keep them under control.
Sonargraph - Provides architecture governance features accompanied by metrics about cyclic dependencies and other structural aspects using Sonargraph.
Taglist - Generates a report on various tags found in the code, like
Trac - Retrieves and reports the number of project issues from a Trac instance.
Useless Code Tracker Plugin - Reports on the number of lines that can be reduced in an application.
Violation Density - Computes a new metric named violation density. This is kind of "opposite" for rules compliance metric.
Language packs are plugins that change the language of the user interface. They rely on the browser language. Default English pack is embedded in SonarQube. Additional language packs are: Chinese, French, Greek, Italian, Japanese, Portuguese, Spanish
External Tools Integration
- SonarQube OpenSocial Gadgets - A suite of gadgets developed for GateIn that should also work in any other standard gadget container (JIRA4, Shindig)
- SonarQube gadgets in JIRA4 - Developed by Marvelution, it enables the display of several SonarQube gadgets in JIRA, along with a Project tab panel.
- SonarQube gadgets in JIRA4 - Developed by Ross Rowe, a set of gadgets that integrate SonarQube information within a JIRA 4 dashboard.
- SecureCI - An open-source continuous integration solution that is packaged as a virtual machine and can be run with the VMware Player. It integrates many tools like SonarQube, Maven, Nexus, Hudson and Subversion.
- Structure101 - Tracks metrics for software architecture.
- AnthillPro - Supports configuring and launching SonarQube analysis from AnthillPro.
- Bamboo - Supports configuring and launching SonarQube analysis from Bamboo, the Atlassian CI engine.
- Memtracker - Tracks peak memory usage during functional test execution.
- City Model - Displays your source code as a 3D city using SonarQube metrics.
- PMD Model - Provides information about violations detected by PMD, such as the number of violations by category or the level of implication of PMD in your quality profile.
- Findbugs Model - Provides information about violations detected by Findbugs, such as the number of violations by category or the level of implication of Findbugs in your quality profile.
- Checkstyle Model - Provides information about violations detected by Checkstyle, such as the number of violations by category or the level of implication of Checkstyle in your quality profile.
- ABC Metric - Calculates a new size metric based on ABC (Assignment, Branches, Conditions) in Java projects.
- Logo Plugin - Includes a widget to show your project logo or any other image in your dashboard.
- Scertify™ Refactoring Assessment - Detects the portions of an application that can be refactored, gives valuable information on refactoring strategies, and costs.
- Benchmark Plugin - Shows statistical information (average, minimum, maximum, distribution) to compare your project's metrics and retrieve its rank and percentile inside your SonarQube instance.
- Formula Plugin - Shows values of new metrics created by a formula with the combination of others.
- OWASP Plugin - Provides information about the OWASP Top 10 Web Application Security Risks and gives you an overall security risk factor for your project.
- FxCop Model - Provides FxCop information for your C# .NET project, such as number of violations by category (design, naming, performance,...) or the level of implication of FxCop in your quality profile.
- Gendarme Model - Provides Gendarme information for your C# .NET project, such as number of violations by category (correctness, security, exceptions, concurrency, ...) or the level of implication of Gendarme in your quality profile.
- StyleCop Model - Provides StyleCop information for your C# .NET project, such as number of violations by category (maintainability, naming, ordering, readability, ...) or the level of implication of StyleCop in your quality profile.
- Database Metrics - Provides a new language to analyze relational database models, with its own set of rules and metrics. Supports MySQL and Oracle.