I am exploring usage of SonarCloud for my team/project as a static code analysis tool of choice for C# and JS.
The functionality that we are looking for is being able to include customized rules/policies. From what I was searching, it is possible in SonarQube using Roslyn Analyzers. Also it’s possible to include those policies in general profile in SonarCloud. Few questions with this:
- What Roslyn Analyzer choose? SonarC# is the best choice when we think about integrating it with sonarCloud? For other- as this doc says ( Importing Issues from Third-Party Roslyn Analyzers (C#, VB.NET) - Plugins - Doc SonarQube) - configuration is more complex as it involes adding NuGet package.
What about JS, which analyzer would you recommend?
- Could someone explain step-by-step what is needed to include custom Roslyn Analyzers in SonarCloud generale profile?