'SonarQube And SonarLint difference

How exactly is sonarQube different from SonarLint ? SonarQube has a server associated with it and Sonar lint works more like a plugin. But what are their specific difference ?

sonarqubesonarlint


Solution 1:[1]

It should be added that SonarQube also performs scans with 3rd party analyzers (findBugs, checkstyle, PMD) whereas SonarLint does not include those. I think the reason is a prioritization on performance and findBugs relying on java byte-code.

Thereby your findings in SonarQube and SonarLint can vary, if the underlying quality profile uses 3rd-party scanners.

Solution 2:[2]

SonarQube is a server where you can host your projects and execute analysis, whereas SonarLint is an agent that allow us to connect with this SonarQube and execute the analysis remotely. SonarLint can be used with IDE or can also be executed via CLI commands.

SonarLint contains its own set of default rules but when connected to SonarQube, users can import rules from SonarQube which are actually more than just standard set of rules. We can integrate PDM, CodeStyle and many other checker on SonarQube and create custom rules.

Two facts I want to mention that I learnt from my experience, SonarLint will not inherit those custom rules from SonarQube, secondly Sonar does not work on Test classes.

Solution 3:[3]

Sonarqube runs the rule valiations on the server We integrated it to our TFS builds. SonarLint runs in the IDE so before I commit my code I know what lines are violating which rules inside the IDE.

Solution 4:[4]

Also, SonarLint does have a "Secrets detection" solution focused on cloud credentials that apply to any config files, ie. are language agnostic, which SonarQube doesn't.

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 guitarlum
Solution 2 Vinit Desai
Solution 3 Jeff Schreib
Solution 4 Jerem

Related Questions

SonnarQube's issue: change code to not construct the URL from user-controlled data

SonarQube 3.7 with maven and Jenkins - Maven session does not declare a top level project

android:exported needs to be explicitly specified after add SonarQube in build.gradle

Directory excluding in sonar-project.properties file doesn't work (for me)

How to disable code coverage in sonarqube since 6.2

Sonarqube authorization - how to authorize with sonar-maven-plugin when sonar.forceAuthentication is enabled

How can I get the value of inheritance class of other inheritance class in .NET Roslyn API?

SonarQube - how to deactivate inherited rule in quality profile?

SonarQube server can not be reached at http://localhost:9000 with Sonarqube-4.5.1

SonarQube: Invoke method(s) only conditionally

Sonarqube gives node.js error while running sonar-scanner

How can I reduce cyclomatic complexity for the code to be acceptable by sonar

How to configure sonar.coverage.jacoco.xmlReportPaths for JaCoCo/SonarQube?

How to Code Quality on EXCEL VBA Code in SonarQube or Alternatives?

SonarQube - how to run the code analysis again for a project after creating that project