How to perform dynamic code analysis using sonarqube?

In Sonarqube’s documentation page, it is mentioned that A dynamic analysis of code can be performed on certain languages. And there is no further documentation on how it can be achieved. Any thoughts on how to perform dynamic code analysis or documentation would be extremely helpful.

Thanks in advance, - Vijay

It depends on which language and IDE you use.
For example for Java/Eclipse there is SonarLint plugin in the marketplace.

Hi Vijay,

Could you point me to the page that says that? SonarQube analysis is static.

 
Ann

Hi Ann,
this is stated in the docs of 7.7:
https://docs.sonarqube.org/latest/analysis/overview/
“A dynamic analysis of code can be performed on certain languages.”
I wanted to ask what dynamic code analysis is sonarqube capable of, and is it plugin extendable for more languages?

Hi Vijay,

Thanks for the reference. That bullet point will be removed from the docs at the next release.

 
Ann

Edit Oops. Thanks @yonatanw!

Hi @ganncamp,

Thanks for your reply. I had forgotten about the query posted here.
So there is no support for dynamic code analysis in sonarqube right?

Thanks,
Vijay V

Hi Vijay,

Correct. No support.

 
Ann

Thank you! @ganncamp.

Vijay

Hello Ann,

Please help me with the information related to how to set up dynamic analysis using sonarqube on a .net application in case if its supported. Could not find any information on documentation.

Regards,
Anil Kumar V.

Hi @anil_kumar2 ,

The answer is quite the same as before, we don’t support dynamic analysis in SonarQube.
If you are talking about “on-the-fly” analysis, then you should use SonarLint and link it to your SonarQube server in Connected Mode.

Carine

1 Like

Thank you Carine.

the marked solution … is not the solution, just sayin’

(i’m seeing myself outta here, y do i even care :grimacing:)

1 Like

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.