We are hosting our next monthly webinar on Wednesday, October 18th; please find below the details!
Benefits of Clean Code and hints for Java, you’ll find all of this during our next session.
Title: Clean Code in Java: a story of monsters, heroes, and victories Date and time: Wednesday, October 18th, 5pm CEST / 10am CDT Speaker: Jonathan Vila Lopez, Developer Advocate for Java
Thanks to everyone who attended our webinar! Here you can find the Q&A of the session:
Q: Is SonarLint able to use the quality gate settings, so that the results that it produces locally are in sync with the results that will be obtained from the Quality Gate?
A: Yes! Sonarlint can be used “offline” which means that it will use its internal set of rules. However, if you connect SonarLint to your SQ instance, then Quality Profiles will sync and you will have the same set of rules between SonarLint and SQ. And you will get the result of the Quality Gate directly in your IDE.
Q: Do we have a GitHub repo with default rules or more advanced rules which we can add to the IDE?
A: We encourage you to move to Java 17 (LTS) as Java 8 was released 9 years ago (18 Mar 2014).
Java 8 is supported, you just need to pass the good parameters to the analysis. You can see more information here: Java
Q: Did you manage to overcome the “tech debt will be dealt with next sprint” ad vitam æternam issue? And if so, how?
A: No, in a few cases a whole rewrite was implemented, but that was a critical decision. Better to focus on new code, and if needed use the strangler pattern to rewrite some parts.
Q: Do you provide free educational licenses for institutions?
A: SonarLint is always free and can be installed for the IDE from https://www.sonarsource.com/products/sonarlint/ide-login/. SonarQube Community Edition is always free for use. The SonarQube commercial versions offer a trial. SonarCloud also has a free trial. If you need to use a product beyond the trial duration, please use the Contact Us (Contact) button on our website and we can work directly with you.
Q: Does SonaLint detect duplicated code across my project?
A: Code duplication requires the analysis of the full project whereas SonarLint focuses on a file-by-file basis. The best wat to go is to use the metrics computed by SonarQube or SonarCloud at the end of the analysis
Q: Does SonarQube support Java 21?
A: Full support for Java 21 should be available in Q1 2024 but you can always give a try to scanning your Java 21 project already
Q: Can we host SonarQube internally on our own infra?
A: Indeed SonarQube is on-premise software that you can host on your own infrastructure
Q: How do I integrate SonarCube with a cloud-based code repo?
A: You just need to connect your SQ from the administration > DevOpsPlateform Integration, and set the DevOps of your choice
Q: How can I convince my team that we need to upgrade to Java 17?
A: One thing you can check is the EOL and End of Support Date for Java 8 to stay secure as vulnerabilities in older versions that are not fixed can cause harm.
Here are all the resources mentioned during the session:
