Programming language you’re coding in: Java / TypeScript
Is connected mode used:
SonarQube Server Enterprise Edition v10.7 (96327)
And a thorough description of the problem / question:
We are currently accessing or SonarQube Server via SoarQube Plugin for IntelliJ, however this only appears to check against the Quality Rule Set actively set for the project but does not check against any defined Quality Gates.
Would it be possible to add Quality Gate Check inside the plugin as well? Does SonarQube even have an API for this.
I’m happy to help implementing the feature, if you are interessted.
Thank you so much for this detailed feedback and for your kind offer to help, @Bardioc !
You’ve hit on a critical point regarding analysis consistency.
When running SonarQube for IDE in IntelliJ in Connected Mode, the plugin does use the same Quality Profile (ruleset) as your SonarQube server. However, to keep your IDE running fast, SonarLint performs a fast local analysis.
This necessary performance trade-off means resource-intensive checks, like Taint Analysis and SCA(Supply Chain Analysis), that are only executed by the full, deep analysis when you push your code to a branch or create a PR. So after they are found, you will actually see them in the IDE, as we are pulling these issues into SonarQube for IDE.
We recognize the pain point this analysis gap creates! This is valuable feedback, and we will absolutely be checking with the team to find ways to improve the coverage of our local analysis and enhance the visibility of those server-only issues (like Taint and SCA) directly within the IDE to bridge that gap.