Skip to main content
TrustRadius
SonarLint

SonarLint

Overview

What is SonarLint?

SonarLint is a free IDE plugin that helps developers by detecting and highlighting issues in their code in real time. Like a spell checker, SonarLint detects Bugs, code smells, and Security Vulnerabilities as code is written, and offers guidance.

Read more
Recent Reviews

TrustRadius Insights

SonarLint has proven to be a valuable tool for code analysis and improvement during development and deployment, according to users. It …
Continue reading
TrustRadius Insights
TrustRadius Insights
Read all reviews
Return to navigation

Pricing

View all pricing
SonarLint

SonarLint

Free

What is SonarLint?

SonarLint is a free IDE plugin that helps developers by detecting and highlighting issues in their code in real time. Like a spell checker, SonarLint detects Bugs, code smells, and Security Vulnerabilities as code is written, and offers guidance.

Entry-level set up fee?

  • No setup fee
For the latest information on pricing, visithttps://www.sonarsource.com/products/so…

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services

Would you like us to let the vendor know that you want pricing?

5 people also want pricing

Alternatives Pricing

ReSharper

ReSharper

$13.90
per month per user
What is ReSharper?

ReSharper is a code analysis and debugging tool available as an extender to Visual Studio. Its features are also present in JetBrain's .NET IDE, Rider.

dbForge SQL Tools

dbForge SQL Tools

$399.95
What is dbForge SQL Tools?

SQL Complete is an advanced solution for SQL database development, management, and administration. Available as an add-in for Visual Studio and SSMS, the tool offers autocompletion capabilities. The solution helps users to write, beautify, and refactor SQL code with features that are included in…

Return to navigation

Product Demos

SonarLint demo

YouTube
Return to navigation

Product Details

What is SonarLint?

SonarLint, a core component of the Sonar solution, is a free and open-source IDE plugin, that is a developer's first line of defense to find and fix coding issues in real time. SonarLint resolves issues in code and provides rich contextual guidance to help developers improve their skills while enhancing their productivity.

Supporting over 25 languages and the most popular IDEs, SonarLint leverages over 5,000 language-specific Clean Code rules to instantly highlight common coding issues that may lead to, bugs, and vulnerabilities.

SonarLint Features

  • Supported: Issue detection - thousands of rules find Bugs, Vulnerabilities, and Code Smells
  • Supported: Instant feedback - issues are detected ‘on-the-fly’ while coding, just like a spell-checker
  • Supported: Shows what to do - issue examples and remediation guidance
  • Supported: With its ability to detect secrets in the IDE, SonarLint ensures source code is secure by design, preventing sensitive data from reaching an unintended audience

SonarLint Screenshots

Screenshot of SonarLint is available for VS Code, Visual Studio, Eclipse and JetBrains IDEs. Here, SonarLint identifies and highlights issues in a Java project within VS Code. It also explains why this is an issue, how to fix it, and offers more educational content to help developers grow. SonarLint uncovers issues in over 30 languages, frameworks and IaC platforms.Screenshot of When connected to either SonarCloud or SonarQube the developer can leverage SonarLint to identify complex bugs, share code quality expectations with their team, perform deeper issue analysis, enjoy smart notifications, and unlock additional language analysis opportunities. Connecting is easy and guided for a rapid setup, as seen here in the image.

SonarLint Video

What is SonarLint? Watch this 30-second video to learn more.

SonarLint Integrations

SonarLint Competitors

SonarLint Technical Details

Operating SystemsUnspecified
Mobile ApplicationNo
Supported CountriesGlobal
Supported LanguagesEnglish

SonarLint Downloadables

Frequently Asked Questions

SonarLint is a free IDE plugin that helps developers by detecting and highlighting issues in their code in real time. Like a spell checker, SonarLint detects Bugs, code smells, and Security Vulnerabilities as code is written, and offers guidance.

SonarLint starts at $0.

Sentry, Froglogic Squish, and Bloodhound API Microgateway are common alternatives for SonarLint.

The most common users of SonarLint are from Mid-sized Companies (51-1,000 employees).
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(4)

Community Insights

TrustRadius Insights are summaries of user sentiment data from TrustRadius reviews and, when necessary, 3rd-party data sources. Have feedback on this content? Let us know!

SonarLint has proven to be a valuable tool for code analysis and improvement during development and deployment, according to users. It helps track bugs, maintain code modularity, and check for code smells before merging changes. Reviewers have praised SonarLint for its ability to detect real-time syntax errors, preventing errors and making it easier to find and fix bugs. Users appreciate that SonarLint reduces the overall time required for code quality review, enhances code readability, and ensures production-friendly code. It is considered one of the best tools available in the market, with teams enforcing its installation to maintain coding standards. SonarLint's effectiveness in identifying problems in code even before deployment has been recognized by users, reducing the chances of functionality failing at runtime. Additionally, SonarLint integrates well with popular IDEs like VSCode and Eclipse, providing a seamless experience by highlighting issues locally without generating new reports or requiring fresh builds. By maintaining code quality and alerting developers to potential errors while coding, SonarLint enables smoother development and enhances the professionalism of projects.

Bug tracking and issue fixing: Many users have found SonarLint to be the best tool in the industry for tracking bugs and fixing issues in the development environment. Some reviewers have mentioned that using SonarLint has become a daily practice for them, leading to the release of bug-free quality code to the repository.

Integration with popular IDEs: Several users appreciate SonarLint's integration with popular IDEs like Eclipse, Pycharm, and Visual Code. This integration makes it extremely configurable, allowing users to set rules-based settings for their organization or team. The extension of SonarLint for VS Code was specifically praised for improving code quality and maintaining standards throughout.

Code analysis and suggestions: Users highly value SonarLint's ability to identify code smells, security issues, and bugs, as well as provide suggestions on how to fix them. They find it beneficial that SonarLint provides these suggestions and bug detection at development time, eliminating the need to redeploy the code. Additionally, many users appreciate that SonarLint helps developers learn best practices and improve the readability of their code.

Bulky and Opinionated Tool: Some users have found the tool to be bulky and opinionated, mentioning that at times it captures errors that align with their code preferences. They would appreciate having the ability to export their settings from the tool in order to customize its behavior according to their needs.

Slow and Cumbersome in VS Code: Several reviewers have expressed dissatisfaction with SonarLint's performance in VS Code, stating that it is slower and more cumbersome compared to other popular IDEs such as Eclipse or Pycharm.

Time-Consuming Setup Process: Setting up SonarLint can be a time-consuming task for some users, as it requires installation and configuration specific to each project.

Reviews

(1-1 of 1)
Companies can't remove reviews or game the system. Here's why
June 06, 2022

SonarLint review by a Hybris Developer

SJ
shaurya jain
digital tech developer associate
Accenture (Information Technology & Services, 10,001+ employees)
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
We use SonarLint in our project to check all the issues we get in our code quality report in the eclipse itself without having to run our server up again and to do every time a new build when we make any change to fix that. We install SonarLint in our eclipse from Eclipse Marketplace and then when we generate the code quality report and it shows any issues in it, like bugs, vulnerabilities, code refactoring, etc. then we need to fix those issues with the help of SonarLint.

Generally to fix these issues, first we have to do the code changes in our local create a fresh build and generate a new code quality report every time to check if the issue is fixed or still persists. But if we use SonarLint, then we can see all the issues in our local only, the code piece which is having issue is highlighted with blue lining as soon as we load the file, and when we do any fix to resolve the issue, we can just see that in our local if it worked or not just by saving the file, there is even no need to do a fresh build or create a new code quality report, if the blue lining gets removed from the code piece which was having issue after the SonarLint processing as soon as we save the file, then we can confirm if the issue is fixed or not. SonarLint saves a lot of time of doing build and generating fresh code quality report each and every time for the code issues.
Pros and Cons
  • SonarLint highlights all the issues in our codes and also displays the severity of each issue.
  • SonarLint also provides suggestions for how to fix those code issues which are highlighted.
  • SonarLint starts the processing of the file as soon as it is opened and highlights all the issues which it found.
  • When we fix the issue, we don't even need to create a new build or generate fresh code quality report, as soon as we save the file with the changes, it does the processing again and shows the result if the issue is fixed or not.
  • SonarLint saves a lot of time and effort by saving us from doing fresh build every time and generating new code quality report every time, thus increasing the efficiency and output which is in return beneficial for the client.
  • Sometimes, SonarLint does not highlight the issues in the code correctly.
  • The severity of the issues highlighted is according to the default rules set, we should also be given authority to set the severity of the issues.
  • The default fixes which SonarLint provides should be more enhanced and there should be more fixes available.
  • Sometimes it takes a lot of time for processing of the file when any new file is loaded or changes are saved in a file.
Likelihood to Recommend
Return on Investment
  • SonarLint helps in achieving all the business requirements in a more efficient way.
  • It reduces the manual and redundant work which we would have to do else every time if we did not use SonarLint.
  • SonarLint helps in maintaining code quality, and thus also highlights the loopholes for the cyber attacks and phishing attacks.
  • SonarLint makes work easy and helps the developer to invest less time in manual work thereby increasing their capacity to deliver the maximum output to the client.
Alternatives Considered
  • SonarQube
SonarLint works along with SonarQube.
Other Software Used
Return to navigation