Using SonarLint and SonarQube for Java Code Quality Analysis

SonarLint is a code‑quality inspection plugin that detects code smells, bad practices, and potential bugs directly in the IDE. It can be installed via the IDE marketplace, and after installation you can run analysis on a single file or an entire project by right‑clicking and selecting Analyze → Analyze with SonarLint or using the menu bar.

The tool also allows disabling specific rules and can synchronize custom rule sets by binding to a SonarQube server.

SonarQube is an open‑source platform for managing code quality across projects. After downloading and extracting the distribution, start the server with:

unzip sonarqube-7.7.zip
cd sonarqube-7.7
bin/[OS]/sonar.sh console

Once the server is running, access it at http://localhost:9000 and log in with the default credentials (admin/admin). To push analysis results from a project to the server, configure the SonarQube Scanner for Maven by adding the sonar-maven-plugin to the <build> section of the pom.xml :

<build>
  <plugins>
    <plugin>
      <groupId>org.sonarsource.scanner.maven</groupId>
      <artifactId>sonar-maven-plugin</artifactId>
      <version>3.6.0.1398</version>
    </plugin>
  </plugins>
</build>

Run the analysis with the command mvn clean compile sonar:sonar . After a successful run, the console shows the analysis summary, and the SonarQube dashboard updates to display new metrics such as bug density, code duplication, and other quality indicators.

Beyond SonarQube, the article mentions the Alibaba Java coding conventions plugin, which provides additional style checks for Java code, and lists several useful documentation links for SonarQube, SonarLint, and related resources.

All the referenced URLs and images illustrate the installation steps, configuration screens, and analysis results, offering a comprehensive walkthrough for developers seeking to enforce code quality standards.