SonarQube is an essential tool for software development because it offers a detailed view of code quality. One of the most outstanding features of SonarQube is its ability to identify and classify problems in the code through issues. In this article, we will explain the different types of issues that SonarQube can detect, highlighting their importance and how to address them to improve software quality.
What types of issues are there in SonarQube?
Bugs are a code error that can produce an unexpected failure during code execution. In the following image we can see an example of a bug. SonarQube classifies it as such, indicates where it is and also why it qualifies as an issue.
A vulnerability is a point in the code that is exposed, vulnerable to external attacks. In the following image we can see an example of a vulnerability that SonarQube has detected when considering that a password may be exposed.
A code smell is a problem that makes the code difficult to understand. In the following image we can see an example of code smell in which SonarQube suggests removing a parameter that is not used.
Remember in the last release of SonarQube 10.3, Sonar announced that these types of issues are obsolete. So in new updates problems will now be enhanced with Clean Code attributes and affected software qualities.
If you need more information, you can contact with us via this form
Helping companies to develop better software