Dear VSCode users,
One month ago we released a version of SonarLint that introduced a UI to help you set up and manage connections to your SonarQube instance or SonarCloud.
Back then, we promised that we’ll also be working to enhance the UI so that you won’t need any longer to manually specify the project bindings in the settings.json file at the workspace level.
This is now done! With this new release, the SonarLint UI guides you step-by-step through the whole connected mode setup, including the project bindings, so that you can work in sync with your team or company configuration and expectations in terms of Clean Code as they are defined in SonarQube or SonarCloud, which means that SonarLint will:
- Use the same quality profile locally
- Sync any file or directory inclusions/exclusions
- Mute any issues already flagged as Won’t Fix or False Positive
And there’s more: using connected mode you can:
- Open a Security Hotspot detected by SonarQube into your IDE for easier review
- Investigate complex injection vulnerabilities detected by SonarQube or SonarCloud directly in VSCode - SonarLint will help you navigate through the issue’s data flow.
I hope this improvement will help. Don’t hesitate to give it a try at connected mode and leave us your feedback. You can find more information in our documentation page.