访问官网
Github
文档
论文| SonarCloud / SonarSource SA (Technical Debt analysis) | ||
| JProfiler / ej-technologies GmbH (when it comes to profiling: Java profiler tool) |  | |
| GitHub Actions (Windows & Linux CI/CD) |  | You can download latest snapshot from here. |
SonarQube C++ Community plugin (cxx plugin)
SonarQube is an open platform to manage code quality. This plugin adds C++ support to SonarQube with the focus on integration of existing C++ tools.
The sensors for reading reports can be used with this cxx plugin or SonarCFamily plugin.
License
This plugin is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version.
Features
- parser supporting
C++03,C++11,C++14,C++17,C++20C89,C99,C11,C17
- compiler specific extensions
- Microsoft extensions:
C++/CLI,Attributed ATL - GNU extensions
CUDAextensions
- Microsoft extensions:
- Microsoft Windows and Linux for runtime environment
Sensors for static and dynamic code analysis:
- Cppcheck warnings support (http://cppcheck.sourceforge.net/)
- GCC/G++ warnings support (https://gcc.gnu.org/)
- Visual Studio and Core Guideline Checker warnings support (https://www.visualstudio.com/)
- Clang Static Analyzer support (https://clang-analyzer.llvm.org/)
- Clang-Tidy warnings support (http://clang.llvm.org/extra/clang-tidy/)
- Infer warnings support (https://fbinfer.com/)
- PC-Lint warnings support (http://www.gimpel.com/)
- RATS (https://github.com/andrew-d/rough-auditing-tool-for-security)
- Valgrind (http://valgrind.org/)
- Vera++ (https://bitbucket.org/verateam/vera/wiki/Home)
- Dr. Memory warnings support (http://drmemory.org/)
- Generic Issue Import Format support
- any other tool can be integrated:
Test framework sensors for:
- XUnit file format
- Google Test (gtest) file format (https://github.com/google/googletest)
- Boost.Test file format (https://www.boost.org/doc/libs/release/libs/test/)
- ctest (cmake) file format (https://cmake.org/cmake/help/latest/manual/ctest.1.html)
- sonar.cxx.xunit.reportPaths with ctest option
--output-junit <file>
- sonar.cxx.xunit.reportPaths with ctest option
- CppTest file format (https://cpptest.sourceforge.io/)
- CppUnit file format (https://sourceforge.net/projects/cppunit/)
- VSTest file format (https://github.com/microsoft/vstest)
- NUnit file format (https://nunit.org/)
- any other tool can be integrated:
- Generic test execution report format support
- adaptations possible via XLST: sonar.cxx.xslt
Coverage sensors for:
- Visual Studio coverage reports (https://www.visualstudio.com/)
- BullseyeCoverage reports (http://www.bullseye.com/)
- Cobertura coverage reports (http://cobertura.github.io/cobertura/)
- gcov / gcovr coverage reports with option
--xmlhttps://gcovr.com/en/stable/guide.html - OpenCppCoverage with option
--export_type=cobertura(https://github.com/OpenCppCoverage/OpenCppCoverage/) - sonar.cxx.cobertura.reportPaths
- gcov / gcovr coverage reports with option
- Testwell CTC++ coverage reports (https://www.verifysoft.com/en_ctcpp.html)
- any other tool can be integrated:
- Generic test coverage report format support
- adaptations possible via XLST: sonar.cxx.xslt
Simple to customize
- custom rules by regular expression template possible
- custom rules by XPath template rule possible
- extend CXX repositories with custom rules
- easy 3rd party tool integration with XML rule definitions and reports possible
- provide the ability to add custom rules
- Writing a SonarQube plugin in Java that uses SonarQube APIs to add new rules
Quickstart
Resources
Contributing
You are welcome to contribute. Help is needed.
Alternatives
That's not the only choice when you are looking for C++ support in SonarQube there is also
- the commercial SonarCFamily plugin from SonarSource
- the commercial C/C++ plugin from CppDepend
- the commercial PVS-Studio plugin
- the Coverity plugin
Choose whatever fits your needs.
