Skip to content

sagap/sonar-solidity

BranchesTags

Repository files navigation

Sonar-Solidity Build Status Quality Gate Coverage

SonarSolidity: is a SonarQube static code analyzer for Solidity Smart Contracts.

To begin with you should install a SonarQube 7.2 instance (https://www.sonarqube.org/downloads/), please follow the instructions provided. As soon as you installed SonarQube, then download the latest release from here and copy paste it in the folder sonarqube/extensions/plugins/ then start your instance and you are ready to go!

Building

git clone --recursive https://github.com/sagap/sonar-solidity.git
mvn clean install

Features

  • Metrics (cognitive complexity, number of lines, number of contracts etc)
  • 25 Rules

ANTLR4 grammar to build the Parser and the Lexer.

SonarSolidity supports the import of reports from Solium linter version 1.0.0 .

  • 13 Security Rules
  • 32 Style Rules

Documentation

Please read documentation on how to take advantage of this feature.

License

Licensed under the GNU Lesser General Public License, Version 3.0

About

SonarQube Analyzer for Solidity

Topics

static-analysis ethereum smart-contracts solidity dapps

Resources

Readme

License

LGPL-3.0 license
Activity

Stars

24 stars

Watchers

2 watching

Forks

11 forks
Report repository

Releases 5

SonarSolidity 1.0.1 Latest
Aug 21, 2018
4 releases

Packages

No packages published

Contributors 2

Languages