Hi Julius,
CSS is on our radar, but with low priority.
ESLint is a third party analyzer, so no plan to support it in SonarLint. I think there is already an ESLint plugin in most IDEs.
CSharp is already supported in Visual Studio, and there is a way to make it work in VSCode. What is your targeted IDE BTW?
Not sure I understand what you are saying here?
There is an unsolvable equation here. A SonarQube analysis takes time. For example with recent security rules added to Java, PHP and C#, a full tainted analysis could take several minutes. So we haven’t found a way to report instantly in SonarLint issues that will take minutes to detect in SonarQube.
Our approach is to aim at detecting the maximum number of issues as soon as possible, while not sacrificing user experience.
- Level 1: SonarLint helps developers to find as many issues as possible “on the fly”, as they code. Here we are talking about fast rules only, no coverage measurement, no duplication detection, … see the FAQ for more details on things that are not reported by SonarLint.
- Level 2: Pull request analysis. This is where advanced checks like security rules can be executed asynchronously, but before code got merged into master.
- Level 3: master branch analysis. In theory, if all merged PRs are clean, this should not detect anything new. But there are some corner cases, so let say this is an extra safety net. There are also some extra checks only enabled on “regular” branch analysis but not in PRs (like security hotspots).
I hope that make sense.