How to get the most out of SonarLint?
Install SonarLint like any other extension, from the Visual Studio marketplace, directly in your IDE or from your Web browser. Once installed, SonarLint is enabled by default.
Opening your IDE, you’ll get a notification and you can choose to install and activate the support of additional languages.
You can also do it at any time in Visual Studio options, in the “SonarLint for Visual Studio” menu item.
Analyze your code
We think the best way to improve the quality of your code is to fix issues as you add / update the code. Nevertheless, you can manually run an analysis of a C# project or a whole solution. For that, full solution analysis needs to be enabled in Visual Studio options. See here for more information. Then, to run the analysis, simply build the solution or launch it from the Visual Studio “Analyze” or “Build” menus.
This operation will make SonarLint use the code analyzers and quality profiles defined for your project on SonarQube and SonarCloud. SonarLint will also hide the issues that are marked as Won’t Fix / False Positive on the server. You can connect SonarLint with SonarQube server >= 5.6.
- First, configure the connection to the SonarQube server:
- In the Visual Studio “Analyze” menu, select “Manage SonarQube Connections…“, or in the Team Explorer view, select “SonarQube”. Click on “Connect…” to open a connection window.
- Enter the server you want to connect to: SonarCloud (https://sonarcloud.io) or a SonarQube instance. And provide your credentials and other connection details.
- Once the connection is defined, you can now bind the Visual Studio project to the corresponding SonarQube project.
- In the Team Explorer “SonarQube” view, select the relevant SonarQube project. You can search for a project by typing in the search bar.
- Double click on the project or select “Bind” in the right click menu to validate.
That’s it, you can now code and see SonarLint issues based on your remote SonarQube configuration.
When you reopen your project / solution, you’ll be notified if the SonarQube configuration has changed. To manually trigger an update of the local configuration, right click on the server and choose “Update”.
SonarLint supports the SonarSource code analyzers (SonarC#, SonarVB…). SonarLint doesn’t support third-party analyzers.
When your project is connected to SonarQube, you can configure rules on the server. When the project is not connected, SonarLint uses the rules in the default quality profiles.
If you feel that a rule isn’t valuable for you, please report it in the SonarLint Google Group. We’d like everyone to have the best out-of-the-box experience, so we might tune such a rule or disable it by default.
At the same time, you can enable/disable rules through the Visual Studio ruleset editor. To do this, locate the project in the Solution Explorer and, in the contextual menu of “References” > “Analyzers”, select “Open Active Rule Set”. It opens a window where you can enable/disable rules. Saving your modifications creates a .ruleset file in the project.
File and issue exclusion
By default, all the files in an open project that are written in recognized languages are analyzed.
SonarLint issues are reported as warnings. You can change the way all warning issues are displayed in Visual Studio options. In “Environment” > “Font and Colors”, show the settings for “Text Editor” and edit the settings for “Warning”.
The SonarLint output can be useful to understand some technical issues. You can open it from the standard Visual Studio “Output” panel. By default, the SonarLint output displays only analysis logs. You can enable verbose logs for the additional languages in Visual Studio options, in the “SonarLint for Visual Studio” menu item.
How to contribute?
SonarLint for Visual Studio is open source under the LGPL v3 license. You can fork us on GitHub, and submit Pull Requests. Feel free to fix bugs or to implement new features.