BestHub
Sign in
Fundamentals 5 min read

Boost Your Code Quality: A Practical Guide to SonarLint and SonarQube

This tutorial walks you through installing and using SonarLint for on‑the‑fly code smell detection, setting up SonarQube as a centralized quality platform, configuring Maven integration, and leveraging Alibaba's coding standards to quantify and improve software quality.

ITFLY8 Architecture Home
ITFLY8 Architecture Home
ITFLY8 Architecture Home
Boost Your Code Quality: A Practical Guide to SonarLint and SonarQube

1. SonarLint

SonarLint is a code‑quality plugin that detects "bad smells" directly in the IDE, helping developers spot issues such as duplicated code, potential null‑pointer exceptions, and improper date‑type usage (e.g., preferring LocalDate, LocalTime, LocalDateTime).

Install the plugin, then right‑click a file or project and choose Analyze → Analyze with SonarLint , or select files/folders and use the same menu path.

You can also disable specific rules as needed.

When custom rules are required, they can be synchronized with SonarQube.

2. SonarQube

SonarQube is an open‑source platform for managing code quality across projects.

Download, unzip, and start the server:

unzip sonarqube-7.7.zip
cd sonarqube-7.7
bin/[OS]/sonar.sh console

After a successful start, open http://localhost:9000 and log in with the default admin credentials (admin/admin).

To send analysis results to the server, configure the SonarQube Scanner for Maven by adding the following plugin to your pom.xml:

<build>
    <plugins>
        <plugin>
            <groupId>org.sonarsource.scanner.maven</groupId>
            <artifactId>sonar-maven-plugin</artifactId>
            <version>3.6.0.1398</version>
        </plugin>
    </plugins>
</build>

Run the analysis with: mvn clean compile sonar:sonar The console will display analysis results, and the SonarQube web UI will show updated metrics such as bug density, code duplication, and custom quality gates.

3. Alibaba Code Convention Plugin

Alibaba’s coding standards are widely used in the Chinese Java community. The plugin integrates these rules into SonarQube, providing additional checks and allowing teams to quantify compliance with the standards.

4. Documentation

For detailed setup, installation, and usage instructions, refer to the official SonarQube documentation and related resources:

https://docs.sonarqube.org/latest/setup/get-started-2-minutes/

https://docs.sonarqube.org/display/SCAN/Analyzing+with+SonarQube+Scanner+for+Maven

https://www.sonarqube.org/

https://www.sonarsource.com/plans-and-pricing/community/

https://www.sonarlint.org/

https://github.com/SonarSource/sonar-scanning-examples/tree/master/sonarqube-scanner-maven

Original Source

Signed-in readers can open the original source through BestHub's protected redirect.

Sign in to view source
Republication Notice

This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactadmin@besthub.devand we will review it promptly.

Javamavencode qualitystatic analysisSonarQubesonarlint
ITFLY8 Architecture Home
Written by

ITFLY8 Architecture Home

ITFLY8 Architecture Home - focused on architecture knowledge sharing and exchange, covering project management and product design. Includes large-scale distributed website architecture (high performance, high availability, caching, message queues...), design patterns, architecture patterns, big data, project management (SCRUM, PMP, Prince2), product design, and more.

0 followers
Reader feedback

How this landed with the community

Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.

Sign in to comment