<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Sonarqube on Software Factory</title><link>/tags/sonarqube/</link><description>Recent content in Sonarqube on Software Factory</description><generator>Hugo</generator><language>en</language><atom:link href="/tags/sonarqube/index.xml" rel="self" type="application/rss+xml"/><item><title>EcoCode plugin</title><link>/use/howto/code/ecocode-with-sonarqube/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>/use/howto/code/ecocode-with-sonarqube/</guid><description>&lt;h2 id="introduction"&gt;Introduction&lt;a class="td-heading-self-link" href="#introduction" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h2&gt;
&lt;p&gt;Welcome to the EcoCode tutorial, an initiative dedicated to fostering sustainability within
software development at Thales.&lt;/p&gt;
&lt;p&gt;The Software Factory contributes to this initiative by proposing Green Code Initiative&amp;rsquo;s plugins
and adopting innovative and efficient coding practices.&lt;/p&gt;
&lt;p&gt;In today&amp;rsquo;s digital era, software development plays a critical role in shaping our environmental footprint.&lt;/p&gt;

 &lt;link rel="stylesheet" href="/css/vendors/admonitions.css"&gt;
 &lt;div class="admonition note"&gt;
 &lt;div class="admonition-header"&gt;&lt;svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 576 512"&gt;&lt;path d="M0 64C0 28.7 28.7 0 64 0L224 0l0 128c0 17.7 14.3 32 32 32l128 0 0 125.7-86.8 86.8c-10.3 10.3-17.5 23.1-21 37.2l-18.7 74.9c-2.3 9.2-1.8 18.8 1.3 27.5L64 512c-35.3 0-64-28.7-64-64L0 64zm384 64l-128 0L256 0 384 128zM549.8 235.7l14.4 14.4c15.6 15.6 15.6 40.9 0 56.6l-29.4 29.4-71-71 29.4-29.4c15.6-15.6 40.9-15.6 56.6 0zM311.9 417L441.1 287.8l71 71L382.9 487.9c-4.1 4.1-9.2 7-14.9 8.4l-60.1 15c-5.5 1.4-11.2-.2-15.2-4.2s-5.6-9.7-4.2-15.2l15-60.1c1.4-5.6 4.3-10.8 8.4-14.9z"/&gt;&lt;/svg&gt;
 &lt;span&gt;Note&lt;/span&gt;
 &lt;/div&gt;
 &lt;div class="admonition-content"&gt;
 &lt;p&gt;Eco Coding is not just about writing efficient code. Learn more about &lt;a href="/use/practices/code/ecodesign/"&gt;ecodesign practices&lt;/a&gt;
.&lt;/p&gt;</description></item><item><title>Sandboxing Issue Triage</title><link>/use/tools/sonarqube/sandboxing/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>/use/tools/sonarqube/sandboxing/</guid><description>&lt;p&gt;This page explains the &lt;em&gt;Issue Sandboxing&lt;/em&gt; behavior you will see after the upgrade.
This page is designed to help you prepare for the upgrade.&lt;/p&gt;
&lt;h2 id="sonarqube-20261-lta--what-new-to-expect"&gt;SonarQube 2026.1 LTA — What new to expect&lt;a class="td-heading-self-link" href="#sonarqube-20261-lta--what-new-to-expect" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h2&gt;

 &lt;div class="admonition note admonition--headless"&gt;
 &lt;div class="admonition-content"&gt;
 &lt;p&gt;We are upgrading from SonarQube &lt;strong&gt;2025.1 LTA → 2026.1 LTA&lt;/strong&gt;.&lt;/p&gt;
 &lt;/div&gt;
 &lt;/div&gt;&lt;h3 id="tldr"&gt;TL;DR&lt;a class="td-heading-self-link" href="#tldr" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h3&gt;
&lt;p&gt;A major LTA-to-LTA upgrade brings a significant number of new and improved rules across all languages.&lt;/p&gt;
&lt;p&gt;New issues can appear on &lt;strong&gt;code you haven&amp;rsquo;t touched&lt;/strong&gt; — either because &lt;strong&gt;the analyzers got smarter&lt;/strong&gt;
or because &lt;strong&gt;new rules were added&lt;/strong&gt; to the quality profile.&lt;/p&gt;</description></item><item><title>Service Account</title><link>/use/howto/configure/service-account/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>/use/howto/configure/service-account/</guid><description>&lt;h2 id="service-account-creation"&gt;Service Account Creation&lt;a class="td-heading-self-link" href="#service-account-creation" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h2&gt;
&lt;p&gt;A &amp;ldquo;Service Account&amp;rdquo; refers to a dedicated account with specific privileges and permissions designed
for integration with external services or systems during the CI/CD
(Continuous Integration/Continuous Deployment) pipeline.
This account is typically used to authenticate and interact with external services, such as cloud
providers, container registries, or other tools essential for the pipeline workflow.&lt;/p&gt;
&lt;p&gt;To create a Service account, refer to your &lt;a href="/get-started/platforms/"&gt;platform availability&lt;/a&gt;
.&lt;/p&gt;
&lt;h2 id="sonarqube"&gt;SonarQube&lt;a class="td-heading-self-link" href="#sonarqube" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h2&gt;
&lt;p&gt;To be able to push a SonarQube analysis on the server, you need to configure credentials.&lt;/p&gt;</description></item><item><title>SonarQube</title><link>/use/tools/sonarqube/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>/use/tools/sonarqube/</guid><description>&lt;div style="display: flex; align-items: flex-start; gap: 1.5rem; margin-bottom: 1rem; max-width: 80%;"&gt;
 &lt;img src="/logo/sonarqube.svg" alt="SonarQube"
 width="150"
 style="flex-shrink: 0;"&gt;
 &lt;div&gt;&lt;p&gt;SonarQube is a &lt;strong&gt;Static Code Analysis&lt;/strong&gt; tool designed to help you catch and fix code issues early in
the Software Development Life Cycle (SDLC), before they become major production problems.&lt;/p&gt;
&lt;p&gt;Static code analysis (also known as code scanning or linting) is the automated process of examining
source code without executing it.&lt;/p&gt;
&lt;p&gt;This process helps in identifying potential issues and vulnerabilities in the codebase,
such as &lt;strong&gt;unparsable syntax&lt;/strong&gt;, &lt;strong&gt;unreachable and unused code&lt;/strong&gt;, &lt;strong&gt;duplicate code&lt;/strong&gt;,
potentially &lt;strong&gt;vulnerable code&lt;/strong&gt;, &lt;strong&gt;leaked secrets&lt;/strong&gt;, and &lt;strong&gt;violations of coding standards and conventions&lt;/strong&gt;.&lt;/p&gt;</description></item><item><title>SonarQube usage</title><link>/use/howto/ci-cd/sonarqube-usage/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>/use/howto/ci-cd/sonarqube-usage/</guid><description>&lt;p&gt;This guide will assist you in getting started with &lt;a href="/use/tools/sonarqube/"&gt;SonarQube&lt;/a&gt;

and performing various tasks efficiently using the tool.&lt;/p&gt;

 &lt;link rel="stylesheet" href="/css/vendors/admonitions.css"&gt;
 &lt;div class="admonition important"&gt;
 &lt;div class="admonition-header"&gt;&lt;svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"&gt;&lt;path d="M256 512A256 256 0 1 0 256 0a256 256 0 1 0 0 512zm0-384c13.3 0 24 10.7 24 24l0 112c0 13.3-10.7 24-24 24s-24-10.7-24-24l0-112c0-13.3 10.7-24 24-24zM224 352a32 32 0 1 1 64 0 32 32 0 1 1 -64 0z"/&gt;&lt;/svg&gt;
 &lt;span&gt;Important&lt;/span&gt;
 &lt;/div&gt;
 &lt;div class="admonition-content"&gt;
 &lt;p&gt;Some actions cannot be performed directly by users and should be performed by submitting a ticket.&lt;/p&gt;</description></item><item><title>What's new</title><link>/use/tools/sonarqube/what-s-new/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>/use/tools/sonarqube/what-s-new/</guid><description>&lt;p&gt;SonarQube has released a &lt;a href="https://www.sonarsource.com/products/sonarqube/whats-new/sonarqube-server-2025-1-lta-whats-new/" class="external-link" target="_blank" rel="noopener noreferrer"&gt;new version&lt;/a&gt;
 with exciting features and improvements.&lt;/p&gt;
&lt;p&gt;We will discuss some of the key highlights that are activated and available within
the Software Factory.&lt;/p&gt;
&lt;h2 id="features-to-look-for-in-sonarqube-server-20251-lta"&gt;Features to look for in SonarQube Server 2025.1 LTA&lt;a class="td-heading-self-link" href="#features-to-look-for-in-sonarqube-server-20251-lta" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h2&gt;
&lt;p&gt;For this new major SonarQube Server version the following new features will be available:&lt;/p&gt;
&lt;h3 id="project-administration"&gt;Project Administration&lt;a class="td-heading-self-link" href="#project-administration" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h3&gt;
&lt;ul&gt;
&lt;li&gt;Guided configuration of all projects in a &lt;a href="https://docs.sonarsource.com/sonarqube-server/latest/project-administration/monorepos/" class="external-link" target="_blank" rel="noopener noreferrer"&gt;monorepo&lt;/a&gt;
&lt;/li&gt;
&lt;li&gt;&lt;a href="https://docs.sonarsource.com/sonarqube-server/latest/project-administration/maintaining-the-branches-of-your-project/" class="external-link" target="_blank" rel="noopener noreferrer"&gt;Flexible main branch&lt;/a&gt;
 designation&lt;/li&gt;
&lt;li&gt;Guidance on project onboarding related to &lt;a href="https://docs.sonarsource.com/sonarqube-server/2025.1/user-guide/about-new-code/#new-code-definitions" class="external-link" target="_blank" rel="noopener noreferrer"&gt;new code configuration&lt;/a&gt;
.&lt;/li&gt;
&lt;/ul&gt;
&lt;h3 id="analyzers-scanners"&gt;Analyzers, Scanners&lt;a class="td-heading-self-link" href="#analyzers-scanners" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h3&gt;
&lt;ul&gt;
&lt;li&gt;Faster analysis bootstrap&lt;/li&gt;
&lt;li&gt;Faster scan times&lt;/li&gt;
&lt;li&gt;Improved experience for &lt;a href="https://docs.sonarsource.com/sonarqube-server/latest/analyzing-source-code/languages/c-family/analysis-modes/" class="external-link" target="_blank" rel="noopener noreferrer"&gt;C and C++ analysis&lt;/a&gt;
&lt;/li&gt;
&lt;li&gt;&lt;a href="https://docs.sonarsource.com/sonarqube-server/latest/analyzing-source-code/scanners/sonarscanner-for-maven/" class="external-link" target="_blank" rel="noopener noreferrer"&gt;Maven scanner&lt;/a&gt;
 scans all files&lt;/li&gt;
&lt;li&gt;New C, C++, and Objective-C GitHub Action&lt;/li&gt;
&lt;/ul&gt;
&lt;h3 id="quality-gates-and-quality-profiles"&gt;Quality Gates and Quality Profiles&lt;a class="td-heading-self-link" href="#quality-gates-and-quality-profiles" aria-label="Heading self-link"&gt;&lt;/a&gt;&lt;/h3&gt;
&lt;ul&gt;
&lt;li&gt;&lt;a href="https://docs.sonarsource.com/sonarqube-server/latest/instance-administration/analysis-functions/quality-profiles/" class="external-link" target="_blank" rel="noopener noreferrer"&gt;Set rule priority&lt;/a&gt;
 to uphold your coding standards&lt;/li&gt;
&lt;li&gt;Updated &lt;a href="https://docs.sonarsource.com/sonarqube-server/2025.1/instance-administration/analysis-functions/quality-gates/" class="external-link" target="_blank" rel="noopener noreferrer"&gt;Sonar Way quality gate&lt;/a&gt;
 condition&lt;/li&gt;
&lt;li&gt;&lt;a href="https://docs.sonarsource.com/sonarqube-server/latest/instance-administration/analysis-functions/quality-profiles/" class="external-link" target="_blank" rel="noopener noreferrer"&gt;Exclude rule&lt;/a&gt;
 from inherited quality profile&lt;/li&gt;
&lt;li&gt;&lt;a href="https://docs.sonarsource.com/sonarqube-server/latest/instance-administration/analysis-functions/instance-mode/instance-mode-overview/" class="external-link" target="_blank" rel="noopener noreferrer"&gt;Dual operating modes&lt;/a&gt;
 with Standard Experience Mode that preserves familiar rule and issue qualities
and severities for users or Multi Quality Rule (MQR) Mode to more accurately represent
the impact an issue has on all software qualities&lt;/li&gt;
&lt;/ul&gt;

 &lt;link rel="stylesheet" href="/css/vendors/admonitions.css"&gt;
 &lt;div class="admonition info"&gt;
 &lt;div class="admonition-header"&gt;&lt;svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"&gt;&lt;path d="M256 512A256 256 0 1 0 256 0a256 256 0 1 0 0 512zM216 336l24 0 0-64-24 0c-13.3 0-24-10.7-24-24s10.7-24 24-24l48 0c13.3 0 24 10.7 24 24l0 88 8 0c13.3 0 24 10.7 24 24s-10.7 24-24 24l-80 0c-13.3 0-24-10.7-24-24s10.7-24 24-24zm40-208a32 32 0 1 1 0 64 32 32 0 1 1 0-64z"/&gt;&lt;/svg&gt;
 &lt;span&gt;Issues on previous version as 9.9.x&lt;/span&gt;
 &lt;/div&gt;
 &lt;/div&gt;&lt;blockquote&gt;
&lt;p&gt;&lt;strong&gt;Issue&lt;/strong&gt;: Refers to a problem or defect detected in the source code that does not comply with a rule.
It can potentially impact the quality and maintainability of the software.
Here are the 5 common types of issues in SonarQube:&lt;/p&gt;</description></item></channel></rss>