1. Install the SonarLint plugin
Open IntelliJ IDEA—>settings—>plugins, search for SonarLint in the Marketplace, download and install, and restart IntelliJ IDEA.
Two, configure SonarLint
Open IntelliJ IDEA—>settings—>Other Settings—>SonarLint General Settings or IntelliJ IDEA—>settings—>SonarLint General Settings, check Settings—>Automatically trigger analysis, click Apply, and then click OK.
Move the mouse to the root directory of the project, right-click and select Ayalyze, and select Ayalyze with SonarLint.
3. Use SonarLint
Explanation of terms displayed on the page of the SonarLint plugin in IntelliJ IDEA:
- Current file: current file (shows what problems exist in the current file and how to solve them)
- Rule: rules (tell you the specific content of the problem, and tell you how to solve this problem at the end)
- Report: report (move the mouse to the root directory of the project, right-click to select Ayalyze, select Ayalyze with SonarLint, the result after completion will display, including all files of the entire project)
- Locations: location (tell you where there is a problem, the repeated location of the problem)
- Issues: Issues
Each issue has five levels:
- BLOCKER (fatal): defects that affect the application: memory leaks, unclosed JDBC connections... code that must be fixed immediately;
- CRITICAL (critical): defects that may affect the application or security defects: empty catch blocks, sql injection, ... must immediately view the code;
- MAJOR (Major): Quality defects that may affect developer productivity: uncovered code, repeated blocks, unused parameters....
- MINOR (tiny): Quality defects that may affect developer productivity: each line should not be too long, "switch" statements should have at least three conditions, ....
- INFO (unknown): Neither a defect nor a quality issue, just a discovery.
Each issue has three status definitions:
- Bug: bug (reliability), avoid bugs and undefined behavior
- Vulnerability: Vulnerability (security), avoidance of breach or attack
- Code Smell: Code Smell (Maintainability), Simplifies Code Updates, and Increases Developer Velocity
Specific usage:
Locations:
The information on the left is displayed. If this problem occurs multiple times in the current file, there will be a logo behind this problem. After selecting and double-clicking the mouse, the specific location will be displayed on the right, as shown in the figure [Note: the brackets The number indicates the row and column of the question].
Report:
After clicking on SonarLint's settings about the project, the interface that appears:
This setting requires you to start sonarqube on this machine before the specific configuration information and content will be displayed.
Then there is the following picture:
Log: