Home / Companies / Sonar / Blog / Post Details
Content Deep Dive

Bugs and Vulnerabilities are 1st Class Citizens in SonarQube Quality Model along with Code Smells

Blog post from Sonar

Post Details
Company
Date Published
Author
G. Ann Campbell
Word Count
460
Company Posts That Month
1
Language
English
Hacker News Points
-
Post removed?
No
Summary

In SonarQube 5.5 we adopted an evolved quality model, the SonarQube Quality Model, that takes the best from SQALE and adds what was missing. The SonarQube Quality Model aims to highlight project risks while retaining technical debt. SQALE is primarily about maintainability, but it lacks a concept of risk, which can lead to ignoring new issues in favor of time-tested ones. The SonarQube team re-evaluated what's important and created a model that prioritizes bugs and security vulnerabilities alongside maintainability issues, making it easier to identify serious problems and provide actionable insights. The updated quality model features three simple categories: code smells, reliability issues, and security issues, each with its own risk-based rating, allowing for easy prioritization and enforcement through the Quality Gate.

Trends Found in this Post

No tracked trend matches for this post yet.

Use This Data

Use this post, company, and trend context to find content marketing opportunities, perform competitive analysis, or address product feature gaps via the Plushcap MCP server or the Plushcap API.