SonarLint Documentation

A free and open-source IDE plugin, SonarLint is the first line of defense to find and fix coding issues in real time, ensuring the quality of the code and enhancing productivity.

Supporting over 25 languages and the most popular IDEs, SonarLint leverages over 5,000 language-specific Clean Code rules to instantly highlight common coding mistakes, bugs, and vulnerabilities. Much like a spellchecker, SonarLint highlights problems in your code using error squiggles, provides quick fixes, and gives you rich contextual educational guidance to help you improve your skills while resolving the issue.

Sonar’s IDE extensions are available for IntelliJ (and other JetBrains IDEs), Visual Studio, VS Code, and Eclipse, and can be installed directly from your IDE's plugin marketplace.

In Connected Mode, SonarLint for IntelliJ becomes part of the full Sonar solution that integrates code analysis throughout your development process from IDE to CI pipeline to DevOps platform. Together, SonarLint and SonarQube 8.9+ or SonarCloud analyses help to make sure that only clean code makes it into your project.

Clean Code is the standard for all code that results in secure, reliable, and maintainable software therefore, writing clean code is essential to maintaining a healthy codebase. This applies to all code: source code, test code, infrastructure as code, glue code, scripts, and more.

Sonar's Clean as You Code approach eliminates many of the pitfalls that arise from reviewing code at a late stage in the development process. The Clean as You Code approach uses your quality gate to alert/inform you when there’s something to fix or review in your new code (code that has been added or changed), helping you to maintain high standards and focus on code quality.

The Sonar solution performs checks at every stage of the development process:

• SonarLint provides immediate feedback in your IDE as you write code so you can find and fix issues before a commit.
• Then, SonarQube and SonarCloud analyze your pull requests before you merge them, providing another layer of protection against code issues.
• Finally, SonarQube and SonarCloud analyze your code on each build, as part of your CI/CD workflow and together with Sonar Quality Gates, keep code with issues from being released to production.

The Sonar solution helps you incorporate the Clean as You Code methodology, enabling you to focus on submitting new, clean code for production, knowing that your existing code will be improved over time.

Have a look at the types of issues that SonarLint detects and browse a full list of Sonar Rules and Rule Descriptions available for static code analysis.

Check out the entire suite of Sonar products: SonarQube, SonarCloud, and SonarLint.

And if you need help, visit our online community to search for answers and reach out with questions!