Using SonarLint, SonarQube, and Alibaba Code Guidelines for Comprehensive Code Quality Analysis

SonarLint is a code‑quality detection plugin that helps identify code smells, duplicated code, potential null‑pointer exceptions, and other issues directly within the IDE. It can be installed via the IDE's plugin marketplace and invoked by right‑clicking a file or project and selecting Analyze → Analyze with SonarLint . Specific rules can be disabled through the plugin settings.

To store and visualize analysis results, SonarQube—a open‑source code‑quality management platform—is introduced. After downloading and extracting SonarQube (e.g., unzip sonarqube-7.7.zip , cd sonarqube-7.7 , bin/[OS]/sonar.sh console ), the server can be accessed at http://localhost:9000 using the default admin credentials (admin/admin).

For Maven projects, the sonar-maven-plugin is added to the <build> section of pom.xml :

<build>
    <plugins>
        <plugin>
            <groupId>org.sonarsource.scanner.maven</groupId>
            <artifactId>sonar-maven-plugin</artifactId>
            <version>3.6.0.1398</version>
        </plugin>
    </plugins>
</build>

Running mvn clean compile sonar:sonar sends the analysis results to the SonarQube server, where they can be viewed in the web UI, showing metrics such as bug density, code duplication, and custom rule violations.

The article also mentions the Alibaba code‑convention plugin, which provides a set of style and quality rules widely used in Chinese development teams. Screenshots illustrate the plugin’s rule set and its integration with SonarQube.

Finally, a collection of useful documentation links for SonarLint, SonarQube, and related resources is provided for further reading.