SonarSource Rules

Products
In-IDE
IDE extension that lets you fix coding issues before they exist!
Discover SonarQube for IDE
SaaS
Setup is effortless and analysis is automatic for most languages
Discover SonarQube Cloud
Self-Hosted
Fast, accurate analysis; enterprise scalability
Discover SonarQube Server

YAML static code analysis

Unique rules to find Secrets in your YAML files

Security Hotspot2

Tags

Impact

Clean code attribute

YAML parsing failure

Code Smell

When the YAML parser fails, it is possible to record the failure as a violation on the file. This way, not only is it possible to track the number of files that do not parse but also to easily find out why they do not parse.

Available In:

Catch issues on the fly,
in your IDE

Detect issues in your GitHub, Azure DevOps Services, Bitbucket Cloud, GitLab repositories

Analyze code in your
on-premise CI