SONARQUBE SERIES
SonarLint — VS Code Extension for Code Quality
In this article we will learn about the detailed information on the usage of SonarLint extension in Visual Studio Code (VS Code) on Windows that helps developers to deliver quality code.
SonarLint is an extension available in IDEs which helps developers with code quality and security issues as they code. Like a spell checker, SonarLint provides flaws and real-time feedback with clear remediation guidance to deliver clean code as he/she code(s).
The main advantage of SonarLint, I feel is the ease of installing and using. As it doesn’t need any complex configurations while using it in IDEs. As per SonarLint official release, SonarLint can be integrated with IDEs like Visual Studio, VS Code, Eclipse, PyCharm, JetBrains.
Features of SonarLint
- SonarLint helps developers in identifying Code Smells, Security and Vulnerability bugs in the source code easily when they perform Code Analysis,
- Code Validations are done on the fly i.e. as and when they code, SonarLint will let the developers if any issue with the code,
- Allows fine tuning of the language based rulesets which give flexibility to developers to enable/disable rules for the project.
SonarLint in VS Code vs SonarLint in Visual Studio
Languages Supported
VS Code Supports JS,TS,Python,java,html,php,xml,pl/sql. Visual Studio supports C#, VB.NET, C, C++,JS and TS.
Other Software/Runtime Required
- VS Code requires Java(JRE) 11+ installed in your system. Visual Studio no prerequisite,
- VS Code requires Node.js to analyze JavaScript and TypeScript. Visual Studio dont require Node.js
Add SonarLint Extension — VS Code
Steps to add extension
- In VS Code, click Extensions -> Search “SonarLint” and click download(as in screen below)
2. Once Download completes, SonarLint validates JRE Path in System Environment or PATH is specified. If not specified, a warning message will be displayed as below with option to download JRE by VS Code or Set PATH manually in VS Code.
3. If you want to set the path manually at VS Code, open settings windows by clicking Settings icon at bottom left corner of VS Code and Search with sonarlint.ls.javaHome. Once SonarLine > Ls: Java Home is displayed in settings window, add the path of JDK or OpenJDK available in your system and RESTART VS CODE.
4. Once VS Code is reopened, if any of html, js, ts, py or java file is opened SonarLint automatically does the Code Analysis and display the results as below.
What is SonarLint Warning — Understand and Fix
As we saw in the previous section how to install, in this section we will look what the warnings are about and how to fix/suppress it.
SonarLint has set of predefined unique rules on identifying bugs, security issues, code smells and Vulnerabilities in html, JavaScript, typescript, python, php, java languages which can be accessed here
Fix the Problem(s) identified
As I mentioned at beginning of this section once issue is identified we had to either fix the code or deactivate the issue as in few cases it may be falsely identified. In the below code snippet, SonarLint had identified the issue “Add ‘lang’ and/or ‘xml:lang’ attributes to this ‘<html> element”.
We can click on Quick Fix either to find the fix suggested by SonarLint or deactivate the issue.
linuxuserind
Console.WriteLine(“Happy Coding”);
<a href=”linuxuserind.medium.com”>Follow me</a>
