SonarQube for Visual Studio 2022 - Visual Studio Marketplace

SonarQube for IDE: Your first line of defense for quality and secure code

SonarQube for IDE (formerly SonarLint) helps you detect and fix Bugs, Code Smells, and Security Vulnerabilities in-IDE.

It supports C#, VB.NET, C, C++, JS, TS, CSS, HTML and T-SQL. The extension highlights coding flaws on the fly and provides clear guidance to fix issues before code is committed.

What is SonarQube for IDE

SonarQube for IDE is a Free and Open Source IDE extension that identifies and helps you fix Code Quality and Code Security issues as you code. Analogous to a spell checker, SonarQube for IDE squiggles flaws and provides real-time feedback and clear remediation guidance so you can deliver clean code from the get-go.

SonarQube for IDE: Visual Studio is more than your average linting tool.

Scans code written in C#, VB.NET, C, C++, Javascript, TypeScript, CSS, HTML, T-SQL.
Open source JavaScript, TypeScript, CSS, HTML, C# & VB.NET code analyzers.
C and C++ support for Application, Dynamic Library and Static Library types of MSBuild (.vcxproj) projects
Deep code analysis algorithms using pattern matching and dataflow analysis
Hundreds of language-specific static code analysis rules, and growing
In-context help and remediation guidance with detailed examples

Highlights issues in your code, tells you why they are harmful, and how they should be fixed

SonarQube for IDE provides Visual Studio developers a comprehensive in-IDE solution for improving the quality and security of the code they deliver.

Learn More

sonarlint-warnings

Get Started with SonarQube for IDE

After you download SonarQube for IDE, simply open a project, start coding and SonarQube for IDE will start analyzing your issues.

You can also check out the SonarQube for IDE documentation here.

Why SonarQube for IDE

With unparalleled support for C#, VB.NET, C, C++, JavaScript, and TypeScript, SonarQube for IDE performs on-the-fly smart analysis to ensure that the code you deliver is always high quality and secure.

Instant feedback on coding issues

SonarQube for IDE provides immediate feedback on Bugs, Code Smells, and Security Vulnerabilities as you code.
Hundreds of language-specific rules with clear guidance

SonarQube for IDE provides you with all the information on why the highlighted issue is problematic and how to fix it. With clear remediation guidance and plenty of detailed examples, addressing issues is simple and intuitive.

Check out the language specific rules:

C#	View Rules
VB.NET	View Rules
JavaScript	View Rules
TypeScript	View Rules
CSS	View Rules
HTML	View Rules
T-SQL	View Rules
C++	View Rules
C	View Rules

Fast and Precise Analysis

High precision analysis means fewer false positives and false negatives, providing consistent, reliable results.
Helps you grow in your development journey

Aside from detecting issues and providing useful cues to fix the issues, the insights provided by SonarQube for IDE support better code ownership so that as a developer you will begin to recognize those mistakes and remember to prevent them in the future.

SonarQube for IDE for Teams

SonarQube for IDE works great as a standalone tool but you can take it to the next level by connecting it with SonarQube Server or SonarQube Cloud. SonarQube (Server, Cloud) analyze Pull Requests and branches in your DevOps platform (BitBucket, GitHub, Microsoft Azure, GitLab) and perform non-disruptive code quality and security checks to reliably track your codebase health.

The 'connected mode' configuration ties SonarQube for IDE's continuous Code Quality and Code Security analysis from IDE to the entire CI/CD workflow and back again to your IDE.

Common expectations for Code Quality and Code Security

Applied rules and analysis settings from SonarQube (Server, Cloud) are extended to SonarQube for IDE so that teams can coalesce on a shared definition of code health.
More rule coverage

When paired with SonarQube (Server, Cloud), you can benefit from additional rules for security vulnerabilities and security hotspots in IDE to identify issues earlier.
Smart notifications for improved quality and delivery

'Connected mode' sends smart alerts to individuals/teams when new issues are discovered. With everyone in the loop, issues can be addressed promptly, improving the overall software quality and delivery.

Connect with our Community

Have questions or need to report issues or provide suggestions? Stay connected with us on the SonarSource Community Forum.

Our strong open source commitment

Since 2007 to present, SonarSource has invested in working closely with our community to provide code quality and security tooling that directly empower developers to deliver better software.

Check out the source code on GitHub or view our issue tracker. If you are interested in contributing, visit our contributing page.

License

Licensed under the GNU Lesser General Public License, Version 3.0

This extension is distributed with SonarQube analyzers that are subject to specific license terms (Sonar Source-Available License Version 1 or proprietary license).