Does Sonarlint take into consideration the Quality Gates the project code has to go through?

Please provide

  • Operating system: Mac OS
  • SonarLint plugin version: 8.0.0.63273
  • Programming language you’re coding in: Java
  • Is connected mode used:
    • Connected to SonarCloud or SonarQube (and which version): SonarQube

And a thorough description of the problem / question:
I want developers to know before they check in code that their code will trip the Quality Gate meaning they might not have enough coverage on “new code” or have a new security vulnerability. I am trying to avoid them needing to check in code and run it through the pipeline to see if it pasts the quality gate.

Hi,

Welcome to the community!

Sorry, but SonarLint is only concerned with issues, not coverage or duplications, and it doesn’t look at Quality Gate criteria.

 
Ann

Hello @OldManJ ,
to complement what @ganncamp already mentioned, I feel it totally makes sense to know whether your new code will make the Quality Gate fail or not, as soon as possible, ideally in the very moment you are coding in your IDE. Computing a local Quality Gate on your new code is a very interesting opportunity for SonarLint - and one for the long term, as there are many bits of functionality we need to add to SonarLint as a pre-requisite.
For example, we’re in the process of rolling out the support for Security Hotspots, and in the next few months we’ll be looking at ways to provide an option to only display recent issues in the code editor, and a summary of issues you’re going to introduce with your commit. Code coverage in not in our short-term roadmap though.

Has there been any work in this space to get early notifications on gate failures in a developers IDE? I see this as a must to the reduce the time taken to identify an engineers code quality.

1 Like

Hi @CsK1 ,

Sorry for the late answer. Since our last message, we did some of the promised improvements like the analysis of security hotspots when in connected mode and displaying only issues in new code.
We’re still considering the best way to run the analysis on the code change set before the commit to get an early indication of the Quality Gate status. I will update this thread with any update.
Thank you for raising this again.

1 Like