SonarLint for Visual Studio Overview | a free and open source IDE extension

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

[Music] in this video we'll be discussing sonar lint for visual studio we'll cover the installation the coding experience for developers and the advantages that connected mode can bring sonar documentation can be found at docs. sonar source.com here you can find sonarlint docs for each IDE extension that we support as well as getting started guides Concepts and team features that we'll be discussing further today installing sonar lint for visual studio is simple navigate to the extensions tab manage extensions and then search for sonarlint in the search box here you'll be able to download and install sonar Lin after restarting your IDE you'll see that in the extensions tab sonar lint is now installed sonar lint will automatically start analyzing an open file in the IDE you'll see inline syntax highlighting on your code as well as a full list of issues on in a particular file in the error list from the error list you can rightclick and select show error help to get full context into why an issue is raised and how to resolve it by default sonar Cube and sonar Cloud low medium and high Rule severities Do not map back to error level severities within Visual Studio on an issue by- isue basis you can have this defined as an error within Visual Studio by modifying the severity here when you see an issue when sonarlint finds an issue in your code it will of course let you know and it will continue letting you know until it's resolved in this case I'm going to quickly resolve it using a quick fix feature from sonar lint and you can see that the issue is resolved and no longer showing if you're using a commercial edition of sonar Cube or if you're using Sonar Cloud you'll get some additional features with sonar lint for visual studio if you navigate to extensions sonar lint connected mode bind to sonar keer sonar Cloud you can then bind to a specific sonar Cube instance by clicking connect and putting your server address username and password sonar link connected mode with Visual Studio will give you a few core features you'll be able to use the same quality profile locally as defined on the server apply settings such as rule exclusions and analyzer parameters defined on the server to the local analysis and automatically suppress issues that are marked won't fix or false positive on the server to the issues reported locally once connected to a sonar Cube server you'll be able to see the projects associated with it over here you'll rightclick click bind where you'll be able to bind to a specific project and you'll download the specific quality profiles in use for that project to be viewed here in the IDE once bound to a sonar Cube instance you'll be able to see security hotspots and taint vulnerabilities within your IDE from the connections pane on the right you can quick browse to the project within sonar Cube to summarize the connected mode advantages for visual studio you'll be able to synchronize your quality profiles as well as issues marked won't fix or false positive view taint vulnerabilities right within visual studio and of course clean as you code by shifting your issue resolution further left

Info

Channel: Sonar

Views: 10,453

Rating: undefined out of 5

Keywords:

Id: nASTGaxYXOo

Channel Id: undefined

Length: 4min 2sec (242 seconds)

Published: Tue Nov 21 2023