How to get the most out of SonarLint?
You just need Java 8 (JRE). Install SonarLint like any other plugin, directly in your IDE, from the JetBrains plugin repository. Once installed, SonarLint is enabled by default.
Analyze your code
There’s nothing to do! Analysis is automatically triggered when you open a file, or simply when you work on the code. Issues are highlighted in the editor and listed in the SonarLint “Current file” panel.
We think the best way to improve the quality of your code is to fix issues as you add / update the code. Nevertheless, if you need to disable on-the-fly analysis, go to IntelliJ preferences, in “Other Settings” > “SonarLint General Settings”, uncheck “Automatically trigger analysis”.
You can execute a check before commit by selecting “Perform SonarLint Analysis” in IntelliJ “VCS” > “Commit Changes” window.
In the SonarLint panel, you can manually run an analysis on the current file, the files in the VCS changeset, or even all project files in order to get a first impression of the quality of your project. You can also launch the analysis from actions (Ctrl/Cmd+Shift+A) or the IntelliJ “Analyze” menu.
Hint: To quickly analyze the current file, you can use the action “Analyze file with SonarLint” (Ctrl/Cmd+Shift+S by default) or the corresponding option in the right-click menu.
This operation will make SonarLint use the code analyzers, quality profiles and settings defined for your project on SonarQube or SonarCloud. SonarLint will also hide in your IDE the issues that are marked as Won’t Fix / False Positive on the server. You can connect SonarLint with SonarQube server >= 5.6.
- First, configure the connection to the SonarQube server:
- In IntelliJ preferences, in “Other Settings” > “SonarLint General Settings”, click on the add icon in “SonarQube servers” section.
- Choose the server you want to connect to: SonarCloud or a SonarQube instance. Use the wizard to provide your credentials and other connection details.
- Once the connection is defined, you can bind the IntelliJ project to the corresponding SonarQube project.
- In IntelliJ preferences, in “Other Settings” > “SonarLint Project Settings”, select the checkbox to enable the binding.
- Select your server and the relevant SonarQube project. You can search for a project by typing directly in the panel.
That’s it, you can now code and see SonarLint issues based on your remote SonarQube configuration. You will be notified on a daily basis if the SonarQube configuration has changed. To manually trigger an update of the local configuration, right click on a server and choose “Update binding”.
SonarLint supports the SonarSource code analyzers (SonarJava, SonarJS…) as well as custom rules that extend these code analyzers. SonarLint doesn’t support plugins running third-party analyzers.
When your project is connected to SonarQube, you can configure rules on the server. When the project is not connected, SonarLint uses the rules in the default quality profiles.
If you feel that a rule isn’t valuable for you, please report it in the SonarLint Google Group. We’d like everyone to have the best out-of-the-box experience, so we might tune such a rule or disable it by default.
File and issue exclusion
When your project is connected to SonarQube, you can configure file and issue exclusions on the server. By default, all the files in an open project that are written in recognized languages are analyzed.
The way SonarLint issues are displayed can be changed in Intellij preferences, in “Editor” > “Colors Scheme” > “SonarLint”. By default, issues highlighting matches the standard warnings and errors, but it can be customized by severity, including the error stripe in the right bar.
The “Log” tab in the SonarLint window can be useful to understand some technical issues. By default, the SonarLint console displays only analysis logs, but you can enable verbose logs.
How to contribute
SonarLint for IntelliJ is open source under the LGPL v3 license. You can fork us on GitHub, and submit Pull Requests. Feel free to fix bugs or to implement new features.