Ctrlk
Start FreeLogin
For the complete documentation index, see llms.txt. This page is also available as Markdown.

Viewing project regulatory reports

Regulatory reports offer insight into a project's quality gate and quality profile information, ratings, and distribution of issues in new and overall code.

Starting in Enterprise, you can download a regulatory report for any long-lived branch of a project, typically the main branch. See Long-lived branch pattern if the long-lived branch is other than main.

Before you can view the Enterprise-level reports, your organization must be added to an enterprise. For more information, see Managing your enterprise.

Downloading regulatory reports

To download a regulatory report:

  1. Retrieve the project. See Retrieving projects for more details.

  2. Go to Summary.

  3. Click Downloadable reports and select Download regulatory report (.zip) from the drop down menu.

Retrieving project regulatory reports

Alternatively:

  1. Go to Project information.

  2. In the Regulatory Report section, choose the project branch from the drop down menu for which you want to download the report.

  3. Click Download report.

SonarQube generates the report for download, which may take a few minutes depending on the size of the project.

Contents of the regulatory report’s ZIP file

The reports are in a ZIP file containing a snapshot of the latest analysis of the selected branch and include TXT, CSV, and PDF files.

The PDF file includes:

  • Project overview:

    • Project details

    • Quality gates information and status

  • Project rating overview for:

    • New code broken down by new issues, accepted issues, coverage, duplication, and security hotspots.

    • Overall code broken down by security, reliability, maintainability, accepted issues, coverage, duplication, and security hotspots.

  • Distribution of issues in new code showing open issues and breakdown by severity, based on security, reliability, maintainability.

  • Distribution of issues in overall code showing open issues and breakdown by severity, based on security, reliability, maintainability.

  • Quality gate and quality profiles information.

  • Files lists all relevant files included in the ZIP file.

  • Definitions lists all the definitions of terms related to the report.

The PDF regulatory report is generated with metrics from software qualities (security, reliability, maintainability). Some CSV files may contain metrics from both software qualities and rule types (vulnerabilities, bugs and code smells) and they are marked accordingly.

If you have SonarQube Advanced Security, the regulatory report ZIP file includes both a risk report and a software bill of materials.

Related pages

PreviousViewing project security reportsNextViewing project PDF reports

Last updated

Was this helpful?