Developers care about code. They care about code a lot. They care about writing it, reviewing it, and maintaining it. They want Clean Code, and the eight million .NET developers are no different. They have been enjoying the power of Roslyn analyzers delivered by Microsoft for a long time, and we are here to take that power to 11!
Today, we expanded our support for the Microsoft ASP.NET Core Blazor framework by adding new rules targeting Razor components.
We’ve been helping .NET developers create Clean Code for over a decade with our SonarQube, SonarCloud, and SonarLint products. In 2015, we partnered with Microsoft to improve the integration of Sonar analyzers for the .NET ecosystem. Since then, we’ve been continually improving our analysis. We now provide over 450 rules and cover specific cases such as Microsoft Azure Functions, Cognitive Complexity, Async-Await usage, Multi-Threading, or DateTime usage. We bring taint analysis, complex bug detection, secrets detection, and more right to your fingertips. And yes, we do support Microsoft Visual Basic .NET! We cover code in Azure DevOps, GitHub, GitLab, and Bitbucket, allowing developers to take a Clean as You Code approach to building great applications, whatever their tools and processes.
What is Blazor?
Blazor is the latest part of Microsoft ASP.NET Core technology, which allows you to code your UI with a mix of C# code and HTML presentation. It can run on the server or in the client and can also be used on the desktop in .NET MAUI applications. You can find much more information on Microsoft’s Blazor website.
Blazor's robust component model allows you to separate your user interface into smaller elements and then combine those elements to create larger functionalities. The Blazor framework is a game changer for companies, allowing C# developers to use their skills to build front-end UI without using JavaScript. The same CLR you are used to, with its same base class library, is available to you in the browser, thanks to the power of WebAssembly (WASM), an open standard supported by all 4 major browsers.
With Blazor, it becomes possible to modernize applications by moving pieces of it to the client, where it can give you the power of dynamic UI you have become accustomed to without learning new languages, frameworks, and toolchains.
Why Blazor applications?
Our goal is to analyze all .NET code, wherever it lives, and Blazor has seen a fantastic uptake from the community, with open-source projects like the Oqtane CMS framework going all-in on Blazor as the UI piece of the puzzle, the MudBlazor UI component library, or the ABP web application framework. We believe the same type of component ecosystem we have enjoyed over the years with Windows Forms or WPF will grow around Blazor.
Allowing C# developers to take their long-honed skills up to the web client has been a long sought-after feature, and it is finally here! And it is here to stay.
Sonar listened to the growing call of the .NET developer community to support them as they build front-end apps in the same way we currently support them in building backend or desktop applications. More and more C# code will live in .cshtml or .razor files, and it is our mission to ensure we give .NET developers the tools they need to keep that code as clean as the rest of their code.
We are excited to announce that Sonar now supports the analysis of Razor templates, which are at the core of the Blazor front-end web framework. Because SonarCloud and SonarQube can now analyze the C# code inside .cshtml and .razor files, you can extend clean coding practices across your full-stack web applications developed with ASP.NET Core MVC, Razor Pages, and Blazor. We also released an update to support .NET 8 and C# 12 before the official release so you can adopt our favorite framework's newest LTS release on day one.
We have been, and continue to be, hard at work with Microsoft to bring all this to you. For this, we extend our thanks to their teams.
We analyzed a roster of Blazor-based open-source projects. Here is a sample of the issues we found in the C# code present in Razor files that you could not see before. These reflect common code maintenance challenges, often encountered as a codebase evolves, reaffirming the need for comprehensive code analysis regardless of experience level:
- Unused variables or members
- Unused methods
- High cognitive complexity in methods
- Possible null dereferencing
- Members that should be read-only
- Cascading if statements
What’s next in Blazor analysis?
We continue investing in Blazor and have, in fact, released the first set of rules explicitly targeted to discover issues in your Blazor web app. You can detect such problems as unsupported parameter types, misuse of JSInterop, or mismatched parameter types with their route constraints.
If you are a Sonar user, you can now use Razor files and Blazor components in your application, confident that we will bring you the same insights here as what you are used to on the rest of your code!
If you are yet to become a Sonar user, check out everything our tools and the Clean As You Code approach can bring to your development process. Whether your tools run in the cloud or on-premises, whether you use .NET or .NET Framework, we have you covered!
And if you are an open-source developer, this power is available to you for free because Sonar believes in a strong open-source community.
“.NET web developers utilizing ASP.NET Core Blazor, MVC, and Razor Pages now have the added option of integrating SonarSource code analysis into their Razor-based applications. Many .NET developers have shared their positive experiences with SonarSource code analysis, and say it is helping them maintain Clean Code and promote best coding practices. SonarSource code analysis is a valuable tool for .NET developers who want to deliver clean and secure code consistently and reliably.”
Check out this webinar with Microsoft Blazor Product Manager, Daniel Roth, to learn how you can leverage SonarQube and SonarCloud to maintain Clean Code in your Blazor applications.
Download SonarLint and either install SonarQube or start a SonarCloud trial and give it a try!
Ready, Set, Clean!