Connected to SonarCloud or SonarQube (and which version): SonarQube
And a thorough description of the problem / question:
I want developers to know before they check in code that their code will trip the Quality Gate meaning they might not have enough coverage on “new code” or have a new security vulnerability. I am trying to avoid them needing to check in code and run it through the pipeline to see if it pasts the quality gate.
Hello @OldManJ ,
to complement what @ganncamp already mentioned, I feel it totally makes sense to know whether your new code will make the Quality Gate fail or not, as soon as possible, ideally in the very moment you are coding in your IDE. Computing a local Quality Gate on your new code is a very interesting opportunity for SonarLint - and one for the long term, as there are many bits of functionality we need to add to SonarLint as a pre-requisite.
For example, we’re in the process of rolling out the support for Security Hotspots, and in the next few months we’ll be looking at ways to provide an option to only display recent issues in the code editor, and a summary of issues you’re going to introduce with your commit. Code coverage in not in our short-term roadmap though.
Has there been any work in this space to get early notifications on gate failures in a developers IDE? I see this as a must to the reduce the time taken to identify an engineers code quality.