What is coming up for Sonar in 2013 ?

by freddy mallet|

    I recently wrote a post to list what was accomplished on the platform last year. Today, I am doing the continuation with even more exciting stuff: what we are going to do this year! What will be the main innovations? How the ecosystem will evolve? Which technical challenges are we going to face?


    This is our most ambitious project for the year and I should start by explaining what it is about. Behind this word, we group many features based on the dependencies between methods, attributes, classes, files, modules, projects, teams, departments... Here are the first use cases that we'll cover:

    • Cross-sources navigation: ability to click in the UI on a method call to see its declaration, on an identifier to see its declaration, to click on a COBOL COPY preprocessing directive to see its content, to click on a C function declaration to know where this function is used...
    • Ability to find out which files include a C library file, a COBOL Copybook...

    From there, we aim to provide the tooling to define and manage the architecture of an overall application portfolio. But I am talking about 2014 already...

    Lines covered by one unit test

    This is something we started to work on in January and that will be available with upcoming version 3.5. Here are the questions Sonar will be able to answer to:

    • How many and which unit tests are covering this line of code?
    • How many and which lines of code are covered by this unit test ?

    Having this in place will also enable to create some new metrics on unit tests to better understand how "UNIT" they are. Indeed a test that covers a great number of lines of code should surely be considered more like an integration than an unit test. This feature will be first available on Java projects and of course with help of the JaCoCo coverage engine to which we actively contribute.


    We currently hold 2 concepts in Sonar: Violations and Reviews. Those are going to be merged to become Issues. We will also add bulk change ability on issues. Last but not least, past and closed Issues won't be purged anymore to track past activity.

    C and C++ plugin take off

    You might know that we already invested a lot of energy in those two C and C++ plugins and that we are going to merge them. From the beginning we really have had a long term vision on C/C++ and that's why we started from the ground instead of "just" relying on external tools. But that means building a state-of-the-art C/C++ front-end (including a full preprocessor). We're currently solving C++ ambiguities and from there we hope to be unstoppable on providing some new advanced C/C++ rules.


    To cover the Java language, we still rely a lot on Checkstyle and PMD. We want to migrate a substantial number of those rules onto our own technical stack (see SSLR). The objective for 2014 is to not rely anymore on Checkstyle and PMD to get full control of the stack and so to increase significantly the level of support we can provide: reduce the noise, ease migration on new java versions, ...

    Ability to track and review new code

    With Sonar, it's already possible to track the code coverage on new code and to track all new incoming violations, so what's the missing puzzle piece ? The ability to track new code in order to manually review it. With this feature, Sonar is also becoming a standard code review tool (post-commit approach). From a release to another it will become possible with Sonar to make sure that 100% of the updated code has been reviewed/validated.

    Sonar Eclipse, support of incremental local analysis

    Last year, the Sonar Eclipse plugin was refactored to fully support local analysis. This year the goal is to make this local mode usable even with big projects by supporting incremental and differential analysis. In fact most of this logic is now centralized in the Sonar platform so we might imagine one day to do the same in Intellij IDEA...

    SSLR, year of maturity ?

    Last year we open sourced our code analysis technology to be able to reuse it in most of Sonar language plugins whether open source or commercial: Javascript, Python, Java, Erlang, Cobol, C, C++, Flex, C#, PL/I, PL/SQL... By the end of this year, SSLR should provide out-of-the-box the APIs to build a strongly typed AST, to support incremental parsing (required for instance to solve ambiguities in C/C++) and to enrich the AST with semantic information (symbolic table).
    But the SonarSource Language team is also working hard on the API to make it really easy and fun to use and embed SSLR in any kind of java application outside of the Sonar ecosystem.

    Did I forget anything? Hmm, maybe that we will develop an Objective-C and a RPG plugin.

    See you in 1 year for the "Looking Back at 2013 Sonar Platform Accomplishments"!