Welcome to the roundup of blog posts and pages that mentioned Sonar last month…

Read the rest of this page »

If you use Sonar already, I am sure that you know already the worse of all 7 developer’s deadly sins:

And if you don’t, I would assume you know about duplicated / cloned / similar code when you talk about quality of code and that you have heard of tools such PMD CPD or Simian.

But why does copy paste matters from a code quality point of view? How can you benefit from Sonar to improve this? Let’s try to figure this out.

Read the rest of this page »

The beginning of a new year always provides a good opportunity to look back at what was achieved the previous year and this is what I am going to do today for the Sonar platform.

Let’s start with a short version of this retrospective. Last year was made of:

• 8 releases of Sonar
• 110+ releases in the ecosystem
• 55,000 downloads of Sonar
• 10,000+ messages on mailing lists

So I suppose we can call this a pretty active year for the community. Now, the longer version:

The Plan

One year ago, we had the following ambitions :

Track changes : The next step is to provide the ability to report on code coverage of new source code. This is to ensure that whatever legacy code is there, teams have the ability to monitor the coverage by unit tests on added code if they wish.

Since Sonar 2.7 and with help of the SCM Activity plugin, this magic feature is available.

Code Review : This is really the next strategic move for the Sonar platform : add a manual dimension to the automated one to provide a complete code review tool.

This was a major change to accomodate into the platform and we therefore decided to adopt a baby step approach. The full functionality was delivered over 5 releases, from 2.8 to 2.12. Here is what the platform now covers:

• Review a violation
• Comment, assign, plan a review
• Flag false-positive violations through the UI
• Create manual violations through the UI
• Change the severity of a violation through the UI

Next step will be to provide the ability to customize the review workflow and its related permissions.

Language consolidation : Provide a Squid-like engine to the C# plugin to make it more robust

It took us 6 month with the great help of Alexandre Victoor to rewrite the C# plugin that embeds its own C# parser and natively supports visual studio projects.

Language consolidation : Improve the C parser to gain robustness, support non ANSI-85 extensions and increase significantly the number of rules available

We haven’t worked as much as we wanted on this C plugin and so the number of rules remains limited. That’s why we’ve already started working to implement the MISRA-C standard.

Language consolidation : Improve the PL/SQL plugin to provide currently missing metrics

A PL/SQL parser has been written to provide all those metrics and to start implementing some new rules outside the Toad CodeXpert tool.

Sonar Eclipse : Now that we have a stable version 1.0 of the plugin, we can start building on it. The objective for this year is to provide capability for running local analysis inside Eclipse

This local mode is now available but in fact the greatest new feature of Sonar Eclipse is certainly the integration of Mylyn to manage reviews directly from the IDE.

Support New Bootstrappers : We have started last year some background work to decouple Sonar from Maven. This work will enable us to support 2 new mechanisms for bootstrapping analysis in Sonar 2.6 : an ANT task and a Java runner. Next step is to also provide Gradle bootstrapper.

DONE, DONE, DONE, Sonar is now fully decoupled from Maven but if you want to use the power of Maven along with Sonar, it is of course still possible.

JaCoCo Integration : We intend to make 2 major integrations of JaCoCo into Sonar this year. The first one is to integrate it into Sonar core. The second one is to provide ANT integration of JaCoCo and therefore provide a simple way of gathering code coverage when you execute unit tests from ANT.

DONE & DONE.

Beyond the Plan

Obviously, we did not plan for all upcoming innovations for the year. Here are three major features of Sonar that weren’t planned and that have been implemented:

• Sonar CPD : this new technology introduced in Sonar 2.10 will fully replace PMD CPD in Sonar 2.14 and allows to track cross-projects duplications
• i18n : Since Sonar 2.10 the Sonar UI can be in spanish, french, greek…
• Email notifications : Since Sonar 2.10 a user can subscribe to some events to be notified by email. For instance when a review is assigned to him.

And this is also true in the ecosystem, here are two examples:

• a great effort made on the PHP plugin to resurrect it
• development of an extension for SAP ABAP

So after all this, what could be an exciting challenge for 2012 ? This is going to be the subject of my next post !

Welcome to the roundup of blog posts and pages that mentioned Sonar last month…

Read the rest of this page »

The Sonar team is proud to announce the release of Sonar 2.13. This new version includes 60 improvements, bug-fixes and also some new features that we believe are worth stopping your daily work for a couple of minutes to check out : ability to create manual reviews / violations anywhere in the code, ability to create action plans and an extended search engine.

Read the rest of this page »

Welcome to the roundup of blog posts and pages that mentioned Sonar last month…

Read the rest of this page »

Most IT people know Thoughtworks and its charismatic technical leader / evangelist Martin Fowler. But probably fewer know the Thoughtworks Technology Radar whose first publication was done in January 2010.

According to their authors :

The ThoughtWorks Technology Advisory Board is a group of senior technology leaders within ThoughtWorks. They produce the ThoughtWorks Technology Radar to help decision makers understand emerging technologies and trends that affect the market today. This group meets regularly to discuss the global technology strategy for ThoughtWorks and the technology trends that significantly impact our industry.

In its last publication (July 2011), Sonar platform made its first appearance in the “Assess” circle : “Worth exploring with the goal of understanding how it will affect your enterprise”

Read the rest of this page »

The Sonar team is proud to announce the release of Sonar 2.12. This new version includes more than 100 improvements, bug-fixes and also some new features that we believe are worth stopping your daily work for a couple of minutes to check out: Support of Java 7, Integration of JaCoCo in the Sonar core, Hotspots 2.0 and Display groups of duplicated blocks.

Read the rest of this page »

Welcome to the roundup of blog posts and pages that mentioned Sonar last month…

Read the rest of this page »

SONAR – manage your code quality
By ShamanOfJava, 10 October 2011
Sonar is an open platform to manage code quality. It covers the 7 axes of code quality. Sonar supports a wide range of programming languages such as Java, C, C# etc. Through this article, we are going to see how to set up a Sonar Server and how to integrate a Java Project with it.

Measure Code Coverage of HtmlUnit Based Tests with Sonar and JaCoCo
By deors, 20 October 2011
This blog post is the third one in a series about Integration Tests with HtmlUnit. Finally, in this post we are going to show how to measure code coverage of HtmlUnit tests using Sonar, the popular Continuous Quality Assurance tool, and JaCoCo, a very interesting code coverage tool based on JVM agents instead of instrumenting bytecodes.

Separating Code Coverage With Maven, Sonar and Jacoco
By John Dobie, 23 October 2011
In this example I will expand upon my previous example of keeping your unit and integration tests in separate packages, and explain how to also produce code coverage statistics. For this I continue to use Maven, whilst adding Sonar and Jacoco to provide the code coverage.You can run the example below, but you will need to read the first article here to understand it.

Testing the new Sonar plugin for Gradle
By Luciano, 28 October 2011
If you were looking to convince your boss that Gradle is worth a try for your next project, look no further. Gradle 1 release candidate 5, released on October 25, brings the long awaited Sonar integration, and it works ridiculously well. How well? How about a one-liner.

A Free EC2 Cloud Server With Ubuntu, Jenkins And Sonar
By John Dobie, 29 October 2011
This example shows you how to create a free Amazon EC2 cloud based continuous integration and testing environment on Ubuntu. This is a low power server but it is useful for infrequent use. I personally tend to recommend Cloudbees, but this is handy when you need a free Sonar instance.

Code Quality Analysis in Deployment Pipeline with Gradle, Jenkins and Sonar
By Eugene Dvorkin, 31 October 2011
Sonar is a tool that integrate a range of quality analysis tools into a single website. It provide one page visibility into quality of project source code. Developers and managers are interested in test coverage, code duplication, adherence to coding standard, cyclomatic complexity of the code and several other parameters. Sonar is an open source product and can keep all your code metrics in database, as a matter of fact, in any relational database.