7 Code Issues – SonarQube can detect

SonarQube is one of the most popular static code analysis tool which is used to identify and report issues in software code. It can be integrated with ci cd tools like Jenkins to automatically check the code during integration and build process.

Here are some of the 7 types of code issues that SonarQube can check:

Code quality

SonarQube can analyze code quality based on various metrics such as code complexity, maintainability, and readability. It can identify issues like code duplication, long methods, and high cyclomatic complexity.

Security vulnerabilities

SonarQube can detect common security vulnerabilities such as SQL injection, cross-site scripting (XSS) and buffer overflow errors.

Code coverage

SonarQube can check the percentage of code that is covered by automated tests and highlight areas of code that are not being tested adequately.

Coding standards

SonarQube can analyze code against coding standards such as the MISRA C/C++ guidelines or the CERT coding standard and report on any violations.

Potential bugs

SonarQube can detect potential bugs such as null pointer exceptions, unused variables and uninitialized variables.


SonarQube can check for the presence and quality of code documentation such as Javadoc comments.

Architecture and design

SonarQube can analyze code for adherence to architectural and design principles such as SOLID principles and the Law of Demeter.


Download SonarQube


SonarQube Documentation

>>setup, DevOps integration and more





This site uses Akismet to reduce spam. Learn how your comment data is processed.