SonarLint vs SonarQube: What are the differences?
Developers describe SonarLint as "An IDE extension to detect and fix issues as you write code". It is an IDE extension that helps you detect and fix quality issues as you write code Like a spell checker, it squiggles flaws so that they can be fixed before committing code.. On the other hand, SonarQube is detailed as "Continuous Code Quality". SonarQube provides an overview of the overall health of your source code and even more importantly, it highlights issues found on new code. With a Quality Gate set on your project, you will simply fix the Leak and start mechanically improving.
SonarLint and SonarQube can be primarily classified as "Code Review" tools.
Some of the features offered by SonarLint are:
- Bug detection
- Instant feedback
- Know what to do
On the other hand, SonarQube provides the following key features:
- Detect tricky issues
- Security analysis
SonarQube is an open source tool with 3.88K GitHub stars and 1.09K GitHub forks. Here's a link to SonarQube's open source repository on GitHub.
What is SonarLint?
What is SonarQube?
Need advice about which tool to choose?Ask the StackShare community!
Why do developers choose SonarLint?
What are the cons of using SonarLint?
What are the cons of using SonarQube?
Sign up to get full access to all the companiesMake informed product decisions
Sign up to get full access to all the tool integrationsMake informed product decisions
I'm planning to create a web application and also a mobile application to provide a very good shopping experience to the end customers. Shortly, my application will be aggregate the product details from difference sources and giving a clear picture to the user that when and where to buy that product with best in Quality and cost.
I have planned to develop this in many milestones for adding N number of features and I have picked my first part to complete the core part (aggregate the product details from different sources).
As per my work experience and knowledge, I have chosen the followings stacks to this mission.
Service: I have planned to use Java as the main business layer language as I have 7+ years of experience on this I believe I can do better work using Java than other languages. In addition, I'm thinking to use the stacks Node.js.
Database and ORM: I'm gonna pick MySQL as DB and Hibernate as ORM since I have a piece of good knowledge and also work experience on this combination.
Search Engine: I need to deal with a large amount of product data and it's in-detailed info to provide enough details to end user at the same time I need to focus on the performance area too. so I have decided to use Solr as a search engine for product search and suggestions. In addition, I'm thinking to replace Solr by Elasticsearch once explored/reviewed enough about Elasticsearch.
Host: As of now, my plan to complete the application with decent features first and deploy it in a free hosting environment like Docker and Heroku and then once it is stable then I have planned to use the AWS products Amazon S3, EC2, Amazon RDS and Amazon Route 53. I'm not sure about Microsoft Azure that what is the specialty in it than Heroku and Amazon EC2 Container Service. Anyhow, I will do explore these once again and pick the best suite one for my requirement once I reached this level.
Build and Repositories: I have decided to choose Apache Maven and Git as these are my favorites and also so popular on respectively build and repositories.
Additional Utilities :) - I would like to choose Codacy for code review as their Startup plan will be very helpful to this application. I'm already experienced with Google CheckStyle and SonarQube even I'm looking something on Codacy.
Happy Coding! Suggestions are welcome! :)
It is very important to have clean code. To be sure that the code quality is not really bad I use a few tools. I love SonarQube with many relevant hints and deep analysis of code. codebeat isn't so detailed, but it can find complexity issues and duplications. Codacy cannot find more bugs then your IDE. The winner for me is SonarQube that shows me really relevant bugs in my code.
To increase our code quality and make vulnerabilities visible, we added SonarQube to our Git(lab) workflow, so every commit is analyzed and code flaws are shown directly at the Mergerequest.