Qodana integrates with CI/CD pipelines and JetBrains IDEs, and it uses static code analysis to detect issues with code quality, security, and performance.
JetBrains has just announced the public launch of its Qodana code quality monitoring platform, which plugs into CI/CD pipelines, integrates with JetBrains IDEs, and uses static code analysis to enforce code quality guidelines.
Launched July 19 after a preview period that began in 2021, Qodana offers an additional quality control layer at the CI/CD level and provides results directly to IDEs, reducing the need to switch between multiple tools, JetBrains said. Since the preview, JetBrains has added a number of improvements to streamline development and help developers deliver more secure and efficient code:
- A vulnerability checker identifies vulnerable external packages and offers actional insights for remediation.
- An experimental Quick Fixes feature allows for automatic application of fixes for certain issues.
Qodana finds performance issues, probable bugs, unused declarations, confusing code constructs, and violations of naming and style conventions, JetBrains said.
A snapshot of the codebase is taken during a specific Qodana run. Developers can compare current code with the baseline state and see issues and resolutions. Developers can sign up for a free trial at jetbrains.com.
Qodana reports can be left in Qodana Cloud. Developers can explore project trends via interactive dashboards. Also, Qodana linters can read and write reports in SARIF format, for static code analysis tool output.
Qodana can be integrated with third-party inspection tools or plug-ins to scan for problems not yet covered by the platform, JetBrains said.