• Identical expressions should not be used on both sides of a binary operator

    Identical expressions should not be used on both sides of a binary operator

    • Detect Bugs Bug
  • Null pointers should not be dereferenced

    Null pointers should not be dereferenced

    • Detect Bugs Bug
  • Recursion should not be used

    Recursion should not be used

    • Detect Code Smells Code Smells
  • Collapsible 'if' statements should be merged

    Collapsible 'if' statements should be merged

    • Detect Code Smells Code Smells
  • Cognitive Complexity of functions should not be too high

    Cognitive Complexity of functions should not be too high

    • Detect Code Smells Code Smells

Quickly pinpoint the problem

Issues are raised on the exact symbol or
expression that needs work, with secondary
locations highlighting any additional context
needed to understand the problem.

Find issues on the exact symbol or expression in your C++ code
Detailed rule description help you understand the issue and lean from it

Easily understand the issue

Even seasoned developers don't know
everything. Detailed rule descriptions help
you understand and learn from each issue.

Start writing
better code today

Get started now

In-IDE

SonarLint in your IDE is your first line of defense for keeping the code you write today clean and safe. Issues are raised in-line, with easy access to rule descriptions. Connect to your project in SonarQube or SonarCloud to make sure you’re applying the same rules that will be used during analysis.

Install SonarLint on Visual Studio SonarLint

SonarLint for Visual Studio

Install now arrow
Install SonarLint on Eclipse SonarLint

SonarLint For Eclipse

Install now arrow
  • SonarSource products are compatible with GitHub

    GitHub

  • SonarSource products are compatible with Bitbucket

    Bitbucket

  • SonarSource products are compatible with GitLab

    GitLab

  • SonarSource products are compatible with Azure DevOps

    Azure DevOps

  • Pull request analysis available in GitHub
  • Pull request analysis available in Bitbucket
  • Pull request analysis available in GitLab
  • Pull request analysis available in Azure DevOps

PR analysis

Pull Request analysis makes it easy to maintain a high standard. Handle issues at the PR stage to clean up the easy stuff before peer review even starts, boosting team velocity and saving time to focus on what’s important: the logic.

Get started now

Make sure each release is better
than the one before

Making sure the C++ you write today is safe and clean

We believe only developers can truly
impact Code Quality and Security

As a developer, your priority is making sure the C++ you write
today is clean and safe. The SonarQube project homepage
highlights the Code Quality and Security of your New Code
(changed or added) so you can focus on what’s important:
making sure the code you write today is solid.

Quality Gates show your project Releasability

The quality gate status reflects your project's most important aspects

Out of the box, SonarQube and SonarCloud Quality Gates clearly signal whether your commits are clean, and your
projects are releasable. Quality Gates coalesce the team around a shared vision of quality. Everyone knows the standard
and whether it’s being met.

So you won’t be surprised at the last minute with quality problems.

Continuous growth

We support continuous improvement - for you and your code bases. We expect the same of ourselves. We’ve been
providing static analysis since 2008. Every release comes with a commitment to bringing you valuable new rules and
increasing the value of existing rules by eliminating false negatives and false positives.

Of course we support

Your environment

We gather the information required for
analysis by unobtrusively monitoring your
build, so analysis is compatible with:

  • check

    Windows, Linux, macOS

  • check

    Any build system

  • check

    Incremental code analysis

  • check

    Parallel code analysis

Your compilers

We provide support for many compilers:

  • check

    CLang, GCC, MSVC, ARM

  • check

    Compilers based wholly on GCC including Linaro GCC and WindRiver GCC

  • check

    Intel compilers for Linux, OS X

  • check

    IAR compiler for ARM, Renesas RL78, Renesas RX, Renesas V850, Texas Instruments MSP430 and for 8051

Your standards

We provide more than 400 rules that target
the following standards:

  • check

    Classical and modern C++: C++98, C++03, C++ 11, C++14, C++17

  • check

    CPP Core Guidelines

  • check

    MISRA C++2008

×

Where do you want to analyze C++?

In the Cloud

Setup is effortless and analysis is automatic for C++

Sign up Free for OS projects

On-premise

Fast, accurate Code Quality and Security analysis for C++

In your IDE

IDE extension that lets you fix coding issues before they exist!

Install in
×

Where do you want to analyze C++?

In the Cloud

Setup is effortless.
Every C++ Pull Request is analyzed and the results are automatically reflected in your cloud-based ALM.

Sign up Free for OS projects

On-premise

Analyze your C++ Pull Requests and see the results in the ALM of your choice.

Request a free trial PR analysis in commercial editions