SonarJava

⚠️

Code Climate Quality is being replaced with Qlty Cloud

— New users should sign up directly at qlty.sh.
— To migrate an existing account, please see our Migration Guide.

Language: Java
Checks: 400+
Categories: Bug Risk, Clarity, Compatibility, Complexity, Duplication, Performance, Security, Style
SonarLint Version: 2.1
SonarJava Version: 4.14 (the beta channel is pointing to 5.14.0.18788, also there is a dedicated channel for this version sonar-java5-14)

SonarJava and SonarLint are products developed by SonarSource.

SonarJava is a code analyzer for Java projects. It uses the most advanced techniques (pattern matching, dataflow analysis) to analyze code and find code smells, bugs and security vulnerabilities.

Enable the Plugin

To enable SonarJava analysis, add the following to your .codeclimate.yml configuration file:

plugins:
  sonar-java:
    enabled: true

More information about the CLI is available in the README here: https://github.com/codeclimate/codeclimate

Configure the Plugin

Individual checks and thresholds can not be adjusted for SonarJava. However, it is possible to configure the Java source version.

Java source version

To ensure that SonarJava uses the correct rules for your version of Java, specify the version in the config node:

plugins:
  sonar-java:
    enabled: true
    config:
      sonar.java.source: "7"

Tests

To use specific rules for test classes, you can specify them using the tests_patterns node:

plugins:
  sonar-java:
    enabled: true
    config:
      tests_patterns:
        - src/test/**
        - app/src/test/**

Severity

Setting a minimum severity forces Sonar to not create negligible issues.
Possible values are: info, minor, major (default), critical, blocker

plugins:
  sonar-java:
    enabled: true
    config:
      minimum_severity: critical

Understand the Plugin

For detailed information about SonarJava, please check out the documentation here:
https://www.sonarsource.com/products/codeanalyzers/sonarjava.html