Install Free
IntelliJ | Using SonarQube for IDE | Investigating issues

Investigating issues

On this page

SonarLint can help developers by letting them perform local analyses to check their code before pushing it back to the SCM. While running an analysis, SonarLint raises an issue every time a piece of code breaks a coding rule.

Usually, a first analysis is performed as soon as one of the supported files is opened. Then, regular analyses are triggered when the editor content changes and/or when the file is saved. 

This page describes how to find and investigate issues in your IDE.

Defining issues

An Issue is a problem in your code that prevents it from being Clean Code. Issues found in code are linked to Clean Code attributes, and these attributes signify how your code will impact one or more software qualities. Software qualities determine the overall severity of an issue that feeds back into the overall status of your code when implementing a Clean as You Code methodology; please see the SonarQube or SonarCloud documentation for more about Clean as You Code.

Each issue is linked to one Clean Code attribute which is associated with one or more software qualities; each software quality has a level of severity. Please check the Clean Code benefits page on software qualities for more information.

To communicate the code attributes, software qualities, and severity of issues found in your code, SonarQube for IDE displays them in the Rule tab as described below.

Finding issues

For most issues, SonarQube for IDE provides information about why there is an issue and offers one or more actions to Fix your issue. Information is displayed in 4 places:

  1. In the IntelliJ Text Editor, identifiable by the classic squiggles underlining issues in the code.
  2. In the SonarQube for IDE view window under the Current file tab for issues found in the active file.
  3. In the Tooltip, you will find a recommended action(s) found by clicking on the light bulb in the left margin of the code explorer.
  4. In the SonarQube for IDE view window, Report tab. In the Report tab, open the collapsable file menu to view the file’s issues.

Opening issues in the IDE

Understanding issues in context is a helpful way to address problems more effectively. Beginning in SonarQube 10.3 and on SonarCloud, it is possible to open all issues in your IDE, including taint vulnerabilities. Using the Open in IDE feature includes an automated Connected Mode setup to help with the process.

In your instance of SonarQube or on SonarCloud, navigate to your Project > Issues page, pull up an issue’s detail view and select the Open in IDE button as an authenticated user to edit the issue in your IDE. 

From SonarQube 10.3+ and on SonarCloud, select Open in IDE to open the issue in SonarLint.

It’s best if your project is already open in the appropriate IDE and bound to the server using Connected mode; if not, you will be prompted to set up a new connection and/or bind your project using the automatic Connected Mode setup feature. 

If you’ve already fixed the issue in your code, SonarLint will not be able to find it; only the matching code will be highlighted. In this case, check that recent changes have been analyzed by SonarQube or SonarCloud, then check the documentation on the SonarQube or SonarCloud Issues page for details about managing your issues on the server.

Please see the Connected Mode documentation to bind your project to an instance of SonarQube (Server, Cloud). And if you have troubles with the automatic Connected Mode setup, we identified the most common errors for Troubleshooting Connected Mode setup.

Viewing AI-generated fix suggestions in the IDE

SonarQube and SonarCloud can create AI-generated fix suggestions for issues detected in your code. You can view the suggestions directly in your IDE by clicking View Fix in IDE from the Issues page in SonarQube or SonarCloud. 

The process is similar to clicking the Open in IDE button: it’s best to set up connected mode beforehand. Otherwise, you’ll be prompted to set up a new connection and/or bind your project using the automatic Connected Mode setup feature. 

Focusing on new code

Focusing on new code is an important part of the Clean as You Code approach, where you apply your effort and attention on submitting clean code to avoid introducing new issues. SonarQube for IntelliJ allows you to focus on new code by filtering issues shown in the IDE, as determined by your SonarQube (Server, Cloud) new code definition

The Focus on new code feature highlights only new code and works when SonarQube for IDE is running in either Connected Mode or standalone mode and must be enabled manually. Please see the New code page to understand your options when using a New Code Definition.

Setting your focus on new code has these prerequisites running in Connected Mode.

  • Your local project must be bound to a SonarQube (Server, Cloud) project.
  • The new code definition must be defined in SonarQube (Server, Cloud) using a Previous version, Number of days, or Specific analysis.
  • The Reference branch new code definition is not supported. Please check the documentation in SonarQube Server or on SonarQube Cloud to properly set your new code definition. 

Focusing on new code is easy. After setting up Connected Mode and binding your folder to a project, use one of these 3 methods to activate the Set focus on new code feature:

  • Select the target icon found in the left sidebar of the SonarQube for IDE > Current File tab. 
  • Select the SonarQube for IDE icon found in the upper-right corner of the IntelliJ > Editor.
  • Navigate to IntelliJ > Settings > Tools > SonarQube for IDE and select Set focus on new code.

With the SonarQube for IDE focus mode deactivated, all issues found in your project will be shown in the same list. 

The SonarLint tabs

The Current File tab

From the SonarQube for IDE view window, click the green arrow to analyze the active file; you will get a notice if Automatic analysis is enabled. Once the analysis is complete, select an issue from the list and review the Rule description in the right panel; a noncompliant and compliant code example will be presented for most rule violations. Some rule descriptions provide external links for more information. 

The Locations tab gives you a list of locations where this issue is repeated within the current file; a list of corresponding numbers will appear next to your code in the Explorer to correlate the location report with the location in the current file. Double-clicking on the issue in this tab highlights the applicable code line in the explorer. 

Hover over the highlighted code in the explorer to reveal one or more recommended actions.

The Report tab

Issues listed in the Report tab are displayed in a collapsable tree menu and present information regarding the Rule and the issue’s Locations in the same way as in the Current file tab. Information found in the Report > Locations tab about secondary locations are locations found within the selected file, not between all files.

The Rule tab

Simply select an issue in the SonarQube for IDE view or choose SonarQube for IDE: Show rule description from the tooltip to open the Rule tab. Here, you will find a brief explanation of the rule as well as Noncompliant and Compliant code samples.

The SonarLint rule description will give you compliant rule sample, show here in green, when available.

SonarQube for IntelliJ supports syntax highlighting. In addition, users are able to visualize a diff view for the non & compliant code samples which should help you fix your issue. Note that diff highlighting is only available for rules descriptions migrated to the new format, and we're progressively migrating all existing rules to the new format.

An issue’s Clean Code attribute, software qualities, and severity are presented to you when opening the SonarQube for IDE > Rule tab. Below the rule title, you will find the Clean Code issue badges that highlight an Issue’s Clean Code classification. 

Clean Code attributes and software qualities as they appear in the SonarLint Rule view tab.

Check the Clean Code definition page for details about Clean Code attributes, and the Clean Code benefits page to better understand software qualities for more details about how they help classify your issue. 

Be sure to check out the Clean Code definition page for more details about Clean Code attributes and how they help classify your issue. 

At the tooltip

When an issue is selected in the Current File or Report tabs and visible in the Explorer window, you can click the light bulb or hover over the highlighted code to reveal a tooltip description with one or more recommended actions. 

SonarLint will sometimes give you tooltips to help reveal more information about your issue.

As a rule of thumb, most actions provided by SonarQube for IDE are prefixed with the tag "SonarQube for IDE" to distinguish them from actions offered by the IDE. 

SonarLint's quick fix actions are highlighted as something different than an IDE action.

Was this page helpful?

© 2008-2024 SonarSource SA. All rights reserved. SONAR, SONARSOURCE, SONARQUBE, and CLEAN AS YOU CODE are trademarks of SonarSource SA.

Creative Commons License