Needs advice
on
ESLintESLintPrettierPrettier
and
SonarQubeSonarQube

We have Ember.js applications also React applications, currently, we are using ESLint + Prettier, What values does the SonarQube provide in addition to this?

READ LESS
4 upvotes·8.3K views
Replies (2)
Software Consultant at CODIUM·
Recommends
SonarQube
at
()

ESLint and Prettier should provide you a clean, beautiful, less-bug code but there are some (as I can think of) that SonarQube could help improving your code more, which are:

  • "Security Hotspot" such as detecting plain credentials in source code, regex validation, and etc, which both can't detect for.
  • finding "Code Smell" (code which might lead into a bug) in your source code
  • finding vulnerability, for example, bad configuration and weak cipher.
  • finding a block of code which might cost you a bad performance, for example, nested loops.
  • a lot more.

Sometimes SonarQube checks might be annoying, but after you adjusted it to fit with your coding style, it should be very useful!

READ MORE
7 upvotes·155 views
Senior Fullstack Developer at QUANTUSflow Software GmbH·

On top of linting and prettifying, sonar cube gives you hints about vulnerabilities and code smells. So it has its value in checking semantics for you as well. The degree of this is easily configurable. It also can give you hints on how much effort fixes might take. The best advice is to try it on your code base and evaluate if the generated reports provide additional value to your team.

READ MORE
6 upvotes·215 views
Avatar of sampada kannurkar