The current version of %product% (%product-version%) provides the linters that let you analyze +
The current version of %instance% (%product-version%) provides the linters that let you analyze Java, Kotlin, Groovy, PHP, JavaScript, TypeScript, C#, Visual Basic, C, C++, Python, and Golang projects. You can - also extend the default linter configuration using various features.
+ also extend the default linter configuration using various features. -As an example, this section explains how you can quickly start working with %product% using:
+As an example, this section explains how you can quickly start working with %instance% using:
Depending on your %product% license, you probably need to obtain a trial license and accomplish +
Depending on your %instance% license, you probably need to obtain a trial license and accomplish the onboarding stage at Qodana Cloud.
-To run %product% in the CLI and GitHub, you will be using a project token available after creating a Qodana Cloud - project. To learn more about it, see the section.
+To run %instance% in the CLI and GitHub, you will be using a project token available after creating a Qodana Cloud + project. To learn more about it, see the section.
Starting from version 2023.2, %product% is available in IntelliJ IDEA and PyCharm (both the Professional and +
Starting from version 2023.2, %instance% is available in IntelliJ IDEA and PyCharm (both the Professional and Community editions), PhpStorm, WebStorm, GoLand, and Rider.
-Here is the short video showing how you can run %product% in your IDE.
+Here is the short video showing how you can run %instance% in your IDE.
-
+ 
Here is the description of all steps shown in this video:
Open the configuration wizard for using %product% in CI/CD pipelines.
+Open the configuration wizard for using %instance% in CI/CD pipelines.
- To learn more about %product% and CI/CD pipelines, see the section.
+To learn more about %instance% and CI/CD pipelines, see the section.
Qodana provides two options for local analysis of your code.
Qodana CLI is the easiest option to start.
- Alternatively, you can use the Docker command from the
Install with Homebrew (recommended):
-
+
brew install jetbrains/utils/qodana
-
+
Alternatively, you can install Qodana CLI using our installer:
-
+
curl -fsSL https://jb.gg/qodana-cli/install | bash
-
- You can also install %product% using Go:
-
+
+ You can also install %instance% using Go:
+
go install github.com/JetBrains/qodana-cli@latest
-
+
Install with Scoop:
-
+
scoop bucket add jetbrains https://github.com/JetBrains/scoop-utils
scoop install qodana
-
- You can also install %product% using Go:
-
+
+ You can also install %instance% using Go:
+
go install github.com/JetBrains/qodana-cli@latest
-
+
In the project root directory, declare the QODANA_TOKEN variable containing the project
token described in the prerequisites:
+
QODANA_TOKEN="<cloud-project-token>"
-
- Now you can run %product%:
-
+
+ Now you can run %instance%:
+
qodana scan
-
+
Pull the image from Docker Hub (only necessary to get the latest version):
-
+
docker pull <image>
-
- Here, image denotes the Docker image name of a %product% linter from this table:
Here, image denotes the Docker image name of a %instance% linter from this table:
| Image name | @@ -181,14 +181,14 @@||
| Windows | -%LOCALAPPDATA%\ |
+ %LOCALAPPDATA%\ |
+ 
- 
@@ -25,39 +25,39 @@
existing problems.
+ 
+ 
- 
@@ -39,25 +39,23 @@ used only in Qodana Cloud. In this case, multiple Qodana organizations can be cr
+
+ 
@@ -23,7 +23,7 @@
@@ -42,16 +42,16 @@
diff --git a/topics/cloud-teams.xml b/topics/cloud-teams.topic
similarity index 59%
rename from topics/cloud-teams.xml
rename to topics/cloud-teams.topic
index 8c9692dc..9957a303 100644
--- a/topics/cloud-teams.xml
+++ b/topics/cloud-teams.topic
@@ -1,13 +1,13 @@
-
-
+
+
-
- 
- 
diff --git a/topics/cloud-use-cases.xml b/topics/cloud-use-cases.topic
similarity index 81%
rename from topics/cloud-use-cases.xml
rename to topics/cloud-use-cases.topic
index feb09fdd..15df804c 100644
--- a/topics/cloud-use-cases.xml
+++ b/topics/cloud-use-cases.topic
@@ -1,12 +1,12 @@
-
-
+
+
-
@@ -338,15 +338,15 @@ Coverage Agent and JaCoCo, and LCOV-formatted reports generated by coverlet.msbu
-In the 
diff --git a/topics/code-inspections.xml b/topics/code-inspections.topic
similarity index 72%
rename from topics/code-inspections.xml
rename to topics/code-inspections.topic
index 8c99fa48..bc3e49df 100644
--- a/topics/code-inspections.xml
+++ b/topics/code-inspections.topic
@@ -1,17 +1,17 @@
-
-
+
+
-/data/results/opt/ideaBy default, %product% employs the qodana.starter profile, but you can
+
By default, %instance% employs the qodana.starter profile, but you can
bind and use your own profile instead:
+
docker run \
-v $(pwd):/data/project/ \
-v $(pwd)/<profile-file>:/data/profile.xml \
-e QODANA_TOKEN="<cloud-project-token>" \
jetbrains/qodana-<linter>
-
+
+
qodana scan \
-v $(pwd)/<profile-file>:/data/profile.xml \
-e QODANA_TOKEN="<cloud-project-token>"
-
+
+
docker run \
-v $(pwd):/data/project/ \
-v $(pwd)/gradle.properties:/data/cache/gradle/gradle.properties \
-e QODANA_TOKEN="<cloud-project-token>" \
jetbrains/qodana-<linter>
-
+
+
qodana scan \
-v $(pwd)/gradle.properties:/data/cache/gradle/gradle.properties \
-e QODANA_TOKEN="<cloud-project-token>"
-
+
+
IDE_CODE=PS
PLUGIN_ID="com.jetbrains.twig"
BUILD_ID="231.7515"
curl -L -o "$PLUGIN_ID".zip "https://plugins.jetbrains.com/pluginManager?action=download&id=$PLUGIN_ID&build=$IDE_CODE-$BUILD_ID" && unzip "$PLUGIN_ID".zip
-
+
This script contains several variables explained in the table below.
@@ -217,30 +217,30 @@BUILD_IDStarting up Qodana for PHP 2023.2 EAP (build QDPHP-231.7515)You can run %product% with the plugin file mounted to the +
You can run %instance% with the plugin file mounted to the plugin directory:
+
docker run \
-v $(pwd):/data/project/ \
-v <path-to-plugin>/<plugin-name>:/opt/idea/plugins/<plugin-name> \
-e QODANA_TOKEN="<cloud-project-token>" \
jetbrains/qodana-<linter>
-
+
+
qodana scan \
-v <path-to-plugin>/<plugin-name>:/opt/idea/plugins/<plugin-name> \
-e QODANA_TOKEN="<cloud-project-token>"
-
+
You can mount the $(pwd)/.qodana/results/ directory to the /data/results
directory of the Docker image:
+
docker run \
-v $(pwd):/data/project/ \
-v $(pwd)/.qodana/results/:/data/results \
-e QODANA_TOKEN="<cloud-project-token>" \
jetbrains/qodana-<linter>
-
+
Once the Qodana run is complete, you can view log files in the
$(pwd)/.qodana/results/ directory.
=) between the option name and its argument=) between the option name and its argument--property=idea.log.config.file=info.xml ) between the option name and its argument--baseline /path/to/sarif/file ) between the option name and its argument--baseline /path/to/sarif/file
+
docker run \
-p 8080:8080 \
-v $(pwd):/data/project/ \
@@ -316,16 +316,16 @@
--property=idea.log.config.file=info.xml \
--baseline <baseline-path> \
--show-report
-
+
+
qodana scan \
-e QODANA_TOKEN="<cloud-project-token>" \
--property=idea.log.config.file=info.xml \
--baseline <baseline-path> \
--show-report
-
+
+
docker run jetbrains/qodana-<linter> -h
-
+
+
qodana scan -h
-
+
| Option | -+ | Default setting | |||
-i, --project-dir |
Root directory of the inspected project. -Files and directories contained in the outside directory are not used while running %product% +Files and directories contained in the outside directory are not used while running %instance% |
/data/project |
|||
-o, --results-dir |
- Directory to save %product% inspection results to | +Directory to save %instance% inspection results to | /data/results |
||
|
Directory inside Files and directories contained in the outside directory like build.gradle are used by %instance% while inspecting code
|
None |
-n, --profile-name |
- The profile name taken either from the list of predefined %product% profiles, or a custom profile name
- stored in XML-formatted profile files as | The profile name taken either from the list of predefined %instance% profiles, or a custom profile name
+ stored in XML-formatted profile files as You can also configure this option using the |
@@ -518,63 +518,63 @@
Run promo inspections as a part of the |
- Enabled only if %product% is configured for the qodana.starter profile, and the --run-promo true option is invoked |
+ Enabled only if %instance% is configured for the qodana.starter profile, and the --run-promo true option is invoked |
The --profile-name option lets you run %product% using either
+
The --profile-name option lets you run %instance% using either
the default profiles or
the profile name from the custom profile.
qodana.yaml file.This command lets you override the default profile und run %product% using the +
This command lets you override the default profile und run %instance% using the
qodana.recommended profile:
+
docker run \
-v $(pwd):/data/project/ \
-e QODANA_TOKEN="<cloud-project-token>" \
jetbrains/qodana-<linter> \
--profile-name qodana.recommended
-
+
+
qodana scan \
-e QODANA_TOKEN="<cloud-project-token>" \
--profile-name qodana.recommended
-
+
If you need to run %product% with a custom profile, you can use its actual +
If you need to run %instance% with a custom profile, you can use its actual profile name.
This command lets you bind a custom profile:
+
docker run \
-v $(pwd):/data/project/ \
-v <path-to-profile-file>/<file-name>:/data/project/.idea/inspectionProfiles/<file-name> \
-e QODANA_TOKEN="<cloud-project-token>" \
jetbrains/qodana-<linter> \
--profile-name <profile-name-from-file>
-
+
+
qodana scan \
-v <path-to-profile-file>/<file-name>:/data/project/.idea/inspectionProfiles/<file-name> \
-e QODANA_TOKEN="<cloud-project-token>" \
--profile-name <profile-name-from-file>
-
+
qodana.yaml file.This command lets you bind the file to the profile directory,
- and the --profile-path option tells %product% which profile file to read:
--profile-path option tells %instance% which profile file to read:
+
docker run \
-v $(pwd):/data/project/ \
-v <path-to-profile-file>/<file-name>:/data/project/myprofiles/<file-name> \
-e QODANA_TOKEN="<cloud-project-token>" \
jetbrains/qodana-<linter> \
--profile-path /data/project/myprofiles/<file-name>
-
+
+
qodana scan \
-v <path-to-profile-file>/<file-name>:/data/project/myprofiles/<file-name> \
-e QODANA_TOKEN="<cloud-project-token>" \
--profile-path /data/project/myprofiles/<file-name>
-
+
In the baseline run mode, each new %product% run is compared to some initial run. This can help in +
In the baseline run mode, each new %instance% run is compared to some initial run. This can help in situations when you have no possibility to fix old problems and rather want to prevent the appearance of new ones.
-To use the baseline feature, first run %product%, and in the report UI select the problems that will be considered as baseline. +
To use the baseline feature, first run %instance%, and in the report UI select the problems that will be considered as baseline. Finally, save the SARIF-formatted file containing the baseline problems.
This is the list of baseline-related options:
@@ -632,7 +632,7 @@-b, --baseline--baseline-include-absent
+
docker run \
-v $(pwd):/data/project/ \
-e QODANA_TOKEN="<cloud-project-token>" \
jetbrains/qodana-<linter> \
--baseline <path-to-the-SARIF-file> \
--baseline-include-absent
-
+
+
qodana scan \
-e QODANA_TOKEN="<cloud-project-token>" \
--baseline <path-to-the-SARIF-file> \
--baseline-include-absent
-
+
Here, the <path-to-the-SARIF-file> is the path to a qodana.sarif.json file relative
- to the project root and taken from a previous %product% run. If --baseline-include-absent
+ to the project root and taken from a previous %instance% run. If --baseline-include-absent
is invoked, the inspection results will include absent problems or the problems detected only in the
baseline run but not in the current run.
You can run the code coverage by mapping the directory containing code coverage files to
- the /data/coverage directory of a %product% linter image:
/data/coverage directory of a %instance% linter image:
+
docker run \
-v /my/dir/with/coverage:/data/coverage \
-e QODANA_TOKEN="<cloud-project-token>" \
jetbrains/qodana-<linter>
-
+
+
qodana scan \
-v /my/dir/with/coverage:/data/coverage \
-e QODANA_TOKEN="<cloud-project-token>"
-
+
The --save-report option in the Docker command lets you save the generated HTML report to your
local filesystem:
+
docker run \
-v $(pwd):/data/project/ \
-v <directory-to-save-report-to>:/data/results/report \
-e QODANA_TOKEN="<cloud-project-token>" \
jetbrains/qodana-<linter> \
--save-report
-
+
@@ -749,22 +749,22 @@
+
docker run \
-p 4040:8080 \
-v $(pwd):/data/project/ \
-e QODANA_TOKEN="<cloud-project-token>" \
jetbrains/qodana-<linter> \
--show-report
-
+
+
qodana scan \
-e QODANA_TOKEN="<cloud-project-token>" \
--port 4040 \
--show-report
-
+
Alternatively, in the project root you can run the qodana show command.
%product% lets you configure a quality gate or the number of problems that +
%instance% lets you configure a quality gate or the number of problems that will act as a threshold. Once the threshold is exceeded, the inspection run is terminated.
Here is the command that tells %product% to fail the build in case the number of problems exceeds 10:
+Here is the command that tells %instance% to fail the build in case the number of problems exceeds 10:
+
docker run \
-v $(pwd):/data/project/ \
-e QODANA_TOKEN="<cloud-project-token>" \
jetbrains/qodana-<linter> \
--fail-threshold 10
-
+
+
qodana scan \
-e QODANA_TOKEN="<cloud-project-token>" \
--fail-threshold 10
-
+
If you run %product% with the baseline mode enabled, a +
If you run %instance% with the baseline mode enabled, a threshold is calculated as the sum of new and absent problems. The unchanged results are ignored.
@@ -824,20 +824,20 @@To apply quick-fix strategies to your codebase, you can invoke the --fixes-strategy option.
+
docker run \
-v <source-directory>/:/data/project/ \
-e QODANA_TOKEN="<cloud-project-token>" \
jetbrains/qodana-<linter> \
--fixes-strategy <cleanup/apply>
-
+
+
qodana scan \
-e QODANA_TOKEN="<cloud-project-token>" \
<--apply-fixes/--cleanup>
-
+
Using the --property= option, you can override various %product% parameters:
Using the --property= option, you can override various %instance% parameters:
--property=Set a JVM property using this notation:
---property=property.name=value1,...,valueN
+ This option can be repeated multiple times for setting multiple JVM properties.
+
docker run \
-v $(pwd):/data/project/ \
-e QODANA_TOKEN="<cloud-project-token>" \
jetbrains/qodana-<linter> \
--property=idea.log.config.file=info.xml
-
+
+
qodana scan \
-e QODANA_TOKEN="<cloud-project-token>" \
--property=idea.log.config.file=info.xml
-
+
+
docker run \
-v $(pwd):/data/project/ \
-e QODANA_TOKEN="<cloud-project-token>" \
jetbrains/qodana-<linter> \
--property=idea.headless.enable.statistics=false
-
+
+
qodana scan \
-e QODANA_TOKEN="<cloud-project-token>" \
--property=idea.headless.enable.statistics=false
-
+
+
docker run \
-v $(pwd):/data/project/ \
-e QODANA_TOKEN="<cloud-project-token>" \
jetbrains/qodana-<linter> \
--property=idea.required.plugins.id=JavaScript,org.intellij.grails \
--property=idea.suppressed.plugins.id=com.intellij.spring.security
-
+
+
qodana scan \
-e QODANA_TOKEN="<cloud-project-token>" \
--property=idea.required.plugins.id=JavaScript,org.intellij.grails \
--property=idea.suppressed.plugins.id=com.intellij.spring.security
-
+
%product% lets you check only locally-modified files using this command:
+%instance% lets you check only locally-modified files using this command:
+
docker run \
-v $(pwd):/data/project/ \
-e QODANA_TOKEN="<cloud-project-token>" \
jetbrains/qodana-<linter> \
--changes
-
+
+
qodana scan \
-e QODANA_TOKEN="<cloud-project-token>" \
--changes
-
+
qodana.yaml file.Currently, %product% supports several run scenarios.
+Currently, %instance% supports several run scenarios.
Application of the default run scenario is equivalent to running this command:
+
docker run \
-v $(pwd):/data/project/ \
-e QODANA_TOKEN="<cloud-project-token>" \
jetbrains/qodana-<linter> \
--script default
-
+
+
qodana scan \
-e QODANA_TOKEN="<cloud-project-token>" \
--script default
-
+
To inspect local uncommitted changes, you can use local-changes value:
+
docker run \
-v $(pwd):/data/project/ \
-e QODANA_TOKEN="<cloud-project-token>" \
jetbrains/qodana-<linter> \
--script local-changes
-
+
- To run the PHP version migration scenario, you can run this command:
+To run the PHP version migration scenario, you can run this command:
+
docker run \
-v $(pwd):/data/project/ \
-e QODANA_TOKEN="<cloud-project-token>" \
jetbrains/qodana-<linter> \
--script php-migration:<old-php-version>−to−<upgraded-php-version>
-
+
+
qodana scan \
-e QODANA_TOKEN="<cloud-project-token>" \
--script php-migration:<old-php-version>−to−<upgraded-php-version>
-
+
To forward reports to Qodana Cloud, you can set the list of Docker environments as explained in the - section.
+ section.idea.properties file
+
docker run \
-v $(pwd):/data/project/ \
-e _JAVA_OPTIONS=-Xmx6g \
-e QODANA_TOKEN="<cloud-project-token>" \
jetbrains/qodana-<linter>
-
+
+
qodana scan \
-e _JAVA_OPTIONS=-Xmx6g \
-e QODANA_TOKEN="<cloud-project-token>"
-
+
+
docker run \
-v $(pwd):/data/project/ \
-e IDEA_PROPERTIES=/data/project/idea.properties \
-e QODANA_TOKEN="<cloud-project-token>" \
jetbrains/qodana-<linter>
-
+
+
qodana scan \
-e IDEA_PROPERTIES=/data/project/idea.properties \
-e QODANA_TOKEN="<cloud-project-token>"
-
+
By default, a container runs under the root user so that %product% can read project information
+
By default, a container runs under the root user so that %instance% can read project information
and write inspection results. Therefore, all files in the results/ directory are owned by
the root user after the run.
To overcome this, you can run the container as a regular user:
-
+
docker run \
-u $(id -u):$(id -g) \
-v $(pwd):/data/project/ \
-v <results-directory>:/data/results/ \
-e QODANA_TOKEN="<cloud-project-token>" \
jetbrains/qodana-<linter>
-
+
In this case, the results/ directory on host should already be created and owned by you.
- Otherwise, Docker will create it as the root user, and %product% will not be able to write
+ Otherwise, Docker will create it as the root user, and %instance% will not be able to write
to it.
You can forward %product% reports to Qodana Cloud by specifying the QODANA_TOKEN variable
- that will contain the Qodana Cloud project token.
You can forward %instance% reports to Qodana Cloud by specifying the QODANA_TOKEN variable
+ that will contain the Qodana Cloud project token.
Using Docker also requires a bunch of variables described in the - Forward reports section.
-
+ Forward reports section.
+
docker run \
-v $(pwd):/data/project/ \
-e QODANA_TOKEN="<qodana-cloud-token>" \
@@ -1195,13 +1195,13 @@
-e QODANA_REVISION="<commit-hash>" \
-e QODANA_JOB_URL="<job-url>" \
jetbrains/qodana-<linter>
-
+
+
qodana scan \
-e QODANA_TOKEN="<qodana-cloud-token>"
-
+
%product% checks the configuration parameters for resolving the inspection profile in this order:
+%instance% checks the configuration parameters for resolving the inspection profile in this order:
%\name% from the command-line option --profile-name %\name%You can extend %product% using either existing plugins from repositories, or by developing +
You can extend %instance% using either existing plugins from repositories, or by developing your own plugins.
plugin option
of the qodana.yaml file:
-
+
plugins:
- id: <plugin.id>
-
+
Here, <plugin-id> denotes the Plugin ID from
JetBrains Marketplace. For example,
for Grazie Professional the
Plugin ID value will be com.intellij.grazie.pro. To find the ID of a specific plugin,
on the plugin page of JetBrains Marketplace click the
-
Alternatively, you need to prepare the following files:
@@ -56,7 +56,7 @@Here is how you can obtain these files:
-Install the plugin using any of the
installation method available. For any installation
method chosen, you need to know the path to the plugin file after it has been installed. If you
@@ -65,34 +65,34 @@
Plugins directory section for reference. If you download the
PhpInspectionsEA.jar plugin file from
JetBrains Marketplace, save it to a directory accessible
- by %product%.
ea_extended.xml plugin configuration file is located in the options
subdirectory of the IDE config directory. You can save this file to
- any directory accessible by %product%.
+ any directory accessible by %instance%.
Navigate to the Inspections dialog of your IDE, expand
- the qodana-inspection-profile.xml filename.
In the project root directory, create the qodana.yaml file and specify the path to the
profile location in it:
+
profile:
path: ./qodana-inspection-profile.xml
-
+
Use this snippet for running %product% locally:
-
+
+ Use this snippet for running %instance% locally:
+
docker run \
-p 8080:8080 \
-v <project-directory>:/data/project/ \
@@ -101,7 +101,7 @@
-v <path-to-plugin-file>/PhpInspectionsEA.jar:/opt/idea/plugins/PhpInspectionsEA.jar \
-v <path-to-plugin-config>/ea_extended.xml:/root/.config/idea/options/ea_extended.xml \
jetbrains/qodana-php --show-report
-
+
As an example, consider this search template:
-$Instance$.$MethodCall$($Parameter$)
+ It lets you detect the System.out.println() Java statement. To make it detect the
statements with hardcoded text like System.out.println("Hardcoded text!"), the
@@ -30,12 +30,12 @@
This procedure explains how to use this search template for inspecting your codebase using %product%.
+This procedure explains how to use this search template for inspecting your codebase using %instance%.
Using the
-
Convert the template to inspection as described on the
Work with structural search and replace page of the
IntelliJ IDEA documentation portal. For example, it can be saved as
- Hardcoded-print.
Hardcoded-print.
Use
Use
In the
In the
In the project root directory, create the qodana.yaml file and specify the path to the
profile location in it:
+
profile:
path: path/to/the/profile/file
-
+
Inspect your code using %product%:
-
+ Inspect your code using %instance%:
+
docker run --rm -p 8080:8080 \
-v <project-directory>:/data/project/ \
-v <report-directory>:/data/results/ \
jetbrains/qodana-jvm --show-report
-
+
You can observe the problems detected by the structural search inspection under the
-
Basically, %instance% provides several linters supporting a variety of + technologies, and inspection profiles let you additionally customize each linter to + fit your needs using the default inspection base. Still, it may be useful to analyze your codebase using + third-party inspection tools that are not covered by standard %instance% packages, and you can do it in several + ways:
+ + +Basically, %product% provides several linters supporting a variety of - technologies, and inspection profiles let you additionally customize each linter to - fit your needs using the default inspection base. Still, it may be useful to analyze your codebase using - third-party inspection tools that are not covered by standard %product% packages, and you can do it in several - ways:
- - -Here is a collection of answers to questions that will help you better understand basic Qodana concepts.
Depending on your needs, you can run %product% using:
+Depending on your needs, you can run %instance% using:
Any %product% linter is a Linux Docker image, so any CI/CD platform that supports Docker should be able to run
+ Any %instance% linter is a Linux Docker image, so any CI/CD platform that supports Docker should be able to run
it. We’re working on extending our documentation to provide the best examples of how to
- integrate %product% with different CI/CD platforms. If you are experiencing any difficulties, please contact our
+ integrate %instance% with different CI/CD platforms. If you are experiencing any difficulties, please contact our
support at The on-premises version of %product% is currently under development, and we plan to release it in 2024. To
- register your interest in this solution, you can contact the %product% team. You can also run %product% under the Community license, which doesn’t require you to create a %product%
+ The on-premises version of %instance% is currently under development, and we plan to release it in 2024. To
+ register your interest in this solution, you can contact the %instance% team. You can also run %instance% under the Community license, which doesn’t require you to create a %instance%
Cloud account. However, this option provides limited functionalities. The list of technologies already supported by %product% is available on the page. The list of technologies already supported by %instance% is available on the page. Qodana will eventually cover all technologies supported by JetBrains IDEs. You can create an issue on our
tracker or vote for an existing one to let us know what technology we should focus on, for example: In a JetBrains Account (JBA), you can create several Companies. Each created JBA Company can possess several %product% licenses. In Qodana Cloud, you need to create at least one organization that
+ Each created JBA Company can possess several %instance% licenses. In Qodana Cloud, you need to create at least one organization that
will correspond to a specific license within a specific JBA Company. In Qodana Cloud, you can also create a JBA Company during the onboarding stage.
In this case, the JBA Company and the Qodana Cloud organization will share the same name. %product% does not use JetBrains Account teams. %instance% does not use JetBrains Account teams. %product% can be run in various ways, as described on the page. We’ve tried to
- make it as easy as possible to configure %product%, so all of these methods require the minimum number of
+ %instance% can be run in various ways, as described on the page. We’ve tried to
+ make it as easy as possible to configure %instance%, so all of these methods require the minimum number of
preparation steps.
A linter is a Qodana component representing a specific technology. For example, the
linter lets you inspect the codebase containing the Java, Kotlin, and Groovy code, while the
linter lets you check on the JavaScript and TypeScript code. On the
@@ -76,23 +76,23 @@
Yes, you can use multiple linters in a single project, as described in the
section.
You can configure your inspection profile as described on the page. If the existing inspections do not fit your needs, you can develop your own
- structural search inspections and add them to the
- inspection profile or use plugins that will extend the inspection
- capabilities of %product%. Alternatively, you can develop
+ structural search inspections and add them to the
+ inspection profile or use plugins that will extend the inspection
+ capabilities of %instance%. Alternatively, you can develop
your own plugin and use its
inspections with Qodana. The SSH key lets Qodana connect to the repository of the inspected project and calculate the number of
contributors, which is a requirement for all types of licenses.
A %product% inspection profile is a set of pre-configured inspections, including their state, configuration
- options, and the path to which they are applied. %product% inspection profiles are the same as IntelliJ IDEA
+ A %instance% inspection profile is a set of pre-configured inspections, including their state, configuration
+ options, and the path to which they are applied. %instance% inspection profiles are the same as IntelliJ IDEA
inspection profiles and can be reused.
You can find the list of the default Qodana inspection profiles on the
page, where you can also find out how to set
up the default profiles.
We recommend using the
Currently, it is not possible to display the results of external analysis tools in Qodana UI, though we are working on it. Yes, but the minimum billing option is for 3 (three) contributors. The contributor counting mechanism is described in the section of this documentation. Yes, you can use this command to check the number of contributors: In the %product% CLI application, you can use the
+
+ In the %instance% CLI application, you can use the
You can navigate to the
@@ -214,7 +214,7 @@
During the onboarding stage on the Qodana Cloud website, we’ll generate a public key for you to add
- to your repository so that %product% can connect to it, as well as a
+ to your repository so that %instance% can connect to it, as well as a
project token for uploading Qodana reports to your first project.
Yes, you can choose either the Ultimate or Ultimate Plus trial license and start using Qodana for free with
a 60-day trial period. During this period, you can switch between these licenses one time. After 60 days,
you’ll need to buy either the Ultimate or Ultimate Plus license to continue using Qodana in your projects.
@@ -237,48 +237,48 @@
Both Qodana linters and Qodana Cloud are essential parts of the product named Qodana. You can inspect
your codebase using Qodana linters, and you can use Qodana Cloud for managing your projects and
licenses, as well as collecting Qodana reports in a single place. For more details, see the
- page of the Qodana Cloud documentation.
+ page of the Qodana Cloud documentation.
All licenses require that you create an account at Qodana Cloud and complete the
onboarding stage (see
this question for further details). Besides that, Qodana
Cloud lets you view Qodana reports in a single place and provides access to all of the
- features offered by %product%
- linters. Finally, for the purposes of opening %product% reports from within your
+ features offered by %instance%
+ linters. Finally, for the purposes of opening %instance% reports from within your
IDE, you need a Qodana Cloud account.
- To exclude Qodana Cloud, you can download and run the Community linters of %product%, like
+ To exclude Qodana Cloud, you can download and run the Community linters of %instance%, like
, , and ,
locally without a license.
All of the required steps are described in the section of the Qodana Cloud
documentation.
A trial license is a time-limited version of either the Ultimate or the Ultimate Plus license. Each trial
license duration is limited to 60 days, and you can change it from Ultimate to Ultimate Plus and vice versa
just once. After the trial period ends, this type of license is no longer valid and can no longer be used.
- To continue using %product%, you’ll have to purchase a full version of your license.
+ To continue using %instance%, you’ll have to purchase a full version of your license.
Yes, you’ll be notified when your trial period expires.
After its expiry, you’ll need to buy either the Ultimate or Ultimate Plus license. Expired trial licenses
@@ -286,14 +286,14 @@
No, you don’t have to provide any payment details until you decide to buy a license for either the Ultimate
or Ultimate Plus version of Qodana, which you can do after the trial period ends.
Yes, you can switch between trial versions of the Ultimate and Ultimate Plus licenses using your JetBrains
@@ -314,12 +314,12 @@
The total license cost is based on the number of active contributors. An active contributor is a person/bot
who has committed to any number of Qodana Cloud projects at any point in the last 90 days, within the same
organization, and under a single license. During the onboarding stage
- and while creating a new project,
+ and while creating a new project,
Qodana Cloud requests your repository URL to calculate contributors. The minimal number of contributors
used for licensing is 3 (three).
For more details, see the For more details, see the
For more details, see the Fees and Payments section of the
- %product% Terms of Service.
+ %instance% Terms of Service.
Here is the billing description taken from the
- %product% Terms of Service:
+ %instance% Terms of Service:
-
-
-
-
Qodana Cloud stores all information about your licenses. This explains why you must create a Qodana Cloud
account before running Qodana. Aside from this functionality, Qodana Cloud provides other
- features.
+ features.
We recommend running Qodana linters under
appropriate licenses, based on your tasks.
@@ -428,44 +425,44 @@
You can have up to 5 (five) Community licenses under your JetBrains account.
Compared to the Ultimate license, the Ultimate Plus license provides the following additional features:
No, you can use a Qodana Community license in your work on any open-source or proprietary projects.
All Qodana subscriptions support integration with the CI/CD solutions described in the section.
Yes, you can run the Community Qodana linters under the Community license. See the
page for more details.
First and foremost, Qodana Cloud collects information about active contributors of your repository, as well
as the project token. This information is then used for calculating license
@@ -476,22 +473,22 @@
Qodana Cloud, which lets you view inspection results using the Qodana Cloud UI.
Use the If the If the problem persists, please create an issue in our tracker or contact us at
Yes, you can use
- caching,
+ caching,
and this is available by default in the Qodana Scan GitHub action. If this does
not help, create an issue in our tracker or contact us at
Try to set more memory in Docker Desktop preferences, as some projects and build tools inside them, like
Gradle, could require more memory than the default 2 GB.
- Before starting %product%, please run the
If your project was created on Windows, make sure to run qodana-support@jetbrains.com.
@@ -47,27 +47,27 @@
qodana.recommended profile
because it already provides the most usable inspections invoked by the default JetBrains IDEs profiles, so
@@ -126,7 +126,7 @@
+
- contributors command
for counting active contributors, for example:
+
+
-
+
-
+
+
- qodana.recommended inspection profile.qodana.recommended profile does not help, try to run another linter.qodana-support@jetbrains.com and
attach logs from the /data/results directory that you can get access to by mounting your directory to the path.qodana-support@jetbrains.com and
attach logs from the /data/results directory. To access logs, mount your directory. If you are
@@ -499,17 +496,17 @@
./gradlew command in the root folder. This will let
- %product% use this downloaded version of Gradle.
+ Before starting %instance%, please run the ./gradlew command in the root folder. This will let
+ %instance% use this downloaded version of Gradle.
git update-index --chmod=+x gradlew to
@@ -520,10 +517,3 @@
Using %product%, you can significantly enhance your code inspection workflow. To better achieve your +
Using %instance%, you can significantly enhance your code inspection workflow. To better achieve your goals, you may want to start using several features that are available out of the box:
| + | Group the existing code problems into several categories to efficiently monitor your code evolution | @@ -52,7 +52,7 @@ | ||
| + | Verify your project license for compatibility with the licenses of its dependencies | Ultimate Plus | @@ -65,7 +65,7 @@ | |
| + | Monitor problems specific to a specific PHP version that may arise when you decide to migrate between versions |
Ultimate @@ -76,7 +76,7 @@ |
||
| + | Ensure that your code contains the minimum number of problems or is completely free of them. If combined with the baseline, this feature will make your code quality monitoring even more flexible | diff --git a/topics/getting-started.topic b/topics/getting-started.topic new file mode 100644 index 00000000..44abd88a --- /dev/null +++ b/topics/getting-started.topic @@ -0,0 +1,45 @@ + + + +Available under the license | ||
| + | Community | |||
| + | Community |
2. Available actions for a given exposed Qodana artifact
+
## Quality gate and baseline
You can use the `--fail-threshold 
@@ -431,71 +423,71 @@
QODANA_TOKEN
+ QODANA_TOKEN
encrypted secret
- and save the project token as its value.
+ and save the project token as its value.
.github/workflows/code_quality.yml file.main branch, release branches, and the pull requests coming
to your repository, save this workflow configuration to the .github/workflows/code_quality.yml file:
-
+
name: Qodana
on:
workflow_dispatch:
@@ -789,12 +781,12 @@
uses: JetBrains/qodana-action@v2023.3
env:
QODANA_TOKEN: ${{ secrets.QODANA_TOKEN }}
-
+
| Info |
Here is the basic configuration snippet for the Here is the basic configuration snippet for the Here, the The The The bitbucket-pipelines.yml file that lets you run %product%
+ bitbucket-pipelines.yml file that lets you run %instance%
in Bitbucket Cloud pipelines:
+
+
branches block specifies which branches to inspect.image block specifies the %product% linter that will be invoked in the pipeline.image block specifies the %instance% linter that will be invoked in the pipeline.script block contains the - export QODANA_TOKEN=$QODANA_TOKEN line that specifies the
project token required by Qodana Cloud and saved as the $QODANA_TOKEN
variable.
- The - qodana ... line in this block tells Bitbucket which directories to use while running
- the pipeline, and it can also contain %product% options.
- qodana ... line in this block tells Bitbucket which directories to use while running
+ the pipeline, and it can also contain %instance% options.
+
- -
-
Making sure that your project license is compatible with the licenses of its dependencies is never an easy task, but this is required for legal purposes. To automate this process and avoid mistakes, you can use %feature% - currently supported by several %product% linters:
+ currently supported by several %instance% linters:| - | + |
For all linters except , you also need to have project
dependencies installed using the bootstrap option of
- the qodana.yaml file.
qodana.yaml file.
- After %product% has finished analyzing your project, the results become available in the +
After %instance% has finished analyzing your project, the results become available in the report.
CheckDependencyLicenses
inspection.
- Below are the qodana.yaml configuration samples that tell %product% to install project
+
Below are the qodana.yaml configuration samples that tell %instance% to install project
dependencies and enable %feature%:
+
include:
- name: CheckDependencyLicenses
-
+
+
bootstrap: |+
# Install dependencies
php composer.phar update
include:
- name: CheckDependencyLicenses
-
+
+
bootstrap: |+
# Use npm to install dependencies
npm install
@@ -165,27 +165,27 @@
include:
- name: CheckDependencyLicenses
-
+
+
bootstrap: |+
# Install dependencies
pip install -r requirements.txt
include:
- name: CheckDependencyLicenses
-
+
+
bootstrap: |+
# Install dependencies
go mod tidy
include:
- name: CheckDependencyLicenses
-
+
You can use the dependencyIgnores option to ignore a license of a specific dependency in your project:
+
dependencyIgnores:
- name: "aapt2-proto"
- name: "dexlib2"
-
+
prohibited keys accept the lists of allowed and prohibited dependency licenses respectively.
As a result, the AGPL-3.0-only becomes compatible with the AFL-2.0 project
license, while the Apache-1.0 dependency license becomes incompatible.
-
+
licenseRules:
- keys:
- "AFL-2.0"
@@ -215,16 +215,16 @@
- "AGPL-3.0-only"
prohibited:
- "Apache-1.0"
-
+
All keys from this sample can accept several values:
-
+
licenseRules:
- keys:
- "PROPRIETARY-LICENSE"
allowed: ["CC0-1.0", "CPL-1.0", "CC-BY-4.0", "EPL-1.0", "CDDL-1.0"]
-
+
You can override a dependency license identifier. This can be useful when a dependency is dual-licensed, and you want to omit some license, or when the license name cannot be detected from the dependency sources correctly.
-Using this sample, you can tell %product% to detect only the CDDL-1.1 and
+
Using this sample, you can tell %instance% to detect only the CDDL-1.1 and
GPL-2.0-with-classpath-exception licenses for jaxb-runtime version 2.3.1.
In this sample, url is optional.
+
dependencyOverrides:
- name: "jaxb-runtime"
version: "2.3.1"
@@ -248,27 +248,27 @@
url: "https://github.com/javaee/jaxb-v2/blob/master/LICENSE"
- key: "GPL-2.0-with-classpath-exception"
url: "https://github.com/javaee/jaxb-v2/blob/master/LICENSE"
-
+
If you want to include the dependency that should be mentioned in the report but is impossible to detect
from the project sources, you can use the customDependencies key to specify it:
+
customDependencies:
- name: ".babelrc JSON Schema (.babelrc-schema.json)"
version: "JSON schema for Babel 6+ configuration files"
licenses:
- key: "Apache-2.0"
url: "https://github.com/SchemaStore/schemastore/blob/master/LICENSE"
-
+
+
docker run --rm \
-v "$PWD":/data/project/ \
jetbrains/qodana-jvm:latest-eap \
--source-directory backend \
--baseline qodana-backend.sarif.json
-
-
+
+
docker run --rm \
-v "$PWD":/data/project/ \
jetbrains/qodana-js:latest-eap \
--source-directory frontend \
--baseline qodana-frontend.sarif.json
-
+
+
qodana scan \
--linter jetbrains/qodana-jvm:latest-eap \
--source-directory backend \
--baseline qodana-backend.sarif.json
-
-
+
+
qodana scan \
--linter jetbrains/qodana-js:latest-eap \
--source-directory frontend \
--baseline qodana-frontend.sarif.json
-
+
+
qodana scan \
--ide QDNET
-
- This command will download the required JetBrains IDE binary file and start %product%.
+ +This command will download the required JetBrains IDE binary file and start %instance%.
If you have already specified ide: QDNET in the qodana.yaml file, you do not have
to use it in this command, so this command is already sufficient:
qodana scan
+ In the qodana.yaml file, save the ide: QDNET configuration. Run %product% using this
+
In the qodana.yaml file, save the ide: QDNET configuration. Run %instance% using this
command:
qodana scan
+ If you need to see how migration from one PHP version to another will affect your code quality, you can
- use the php-migration %product% scenario. If you run this scenario, you will be able
+ use the php-migration %instance% scenario. If you run this scenario, you will be able
to see the codebase problems that will arise after you upgrade to a newer PHP version.
This feature is supported by the linter and available under the Ultimate and Ultimate Plus
@@ -15,73 +15,73 @@
-
You can configure this scenario either in the qodana.yaml file or invoke it
+
You can configure this scenario either in the qodana.yaml file or invoke it
using the CLI.
qodana.yaml file.
+ The CLI options override the settings of the qodana.yaml file.
+
script:
name: php-migration
parameters:
fromLevel: <old-php-version>
toLevel: <upgraded-php-version>
-
- This snippet specifies the php-migration scenario using the
- name parameter. The fromLevel and
- toLevel parameters denote the old and upgraded PHP versions respectively.
This snippet specifies the php-migration scenario using the
+ name parameter. The fromLevel and
+ toLevel parameters denote the old and upgraded PHP versions respectively.
This is the example of the qodana.yaml configuration:
This is the example of the qodana.yaml configuration:
+
script:
name: php-migration
parameters:
fromLevel: 7.1
toLevel: 8.0
-
+
Here, you have two options for running this feature:
+
qodana scan \
--script php-migration:<old-php-version>-to-<upgraded-php-version>
-
+
+
docker run \
-v <source-directory>/:/data/project/ \
jetbrains/qodana-<linter> \
--script php-migration:<old-php-version>-to-<upgraded-php-version>
-
+
This snippet specifies the php-migration scenario for the
- --script option followed by the colon :
- character, and PHP versions separated by the -to- character combination.
+
This snippet specifies the php-migration scenario for the
+ --script option followed by the colon :
+ character, and PHP versions separated by the -to- character combination.
This is the example of the CLI command:
+
qodana scan \
--script php-migration:7.1-to-8.0
-
+
+
docker run \
-v <source-directory>/:/data/project/ \
jetbrains/qodana-<linter> \
--script php-migration:7.1-to-8.0
-
+
To show how the language migration feature works, the following PHP code snippet will be inspected:
-
+
function f($a) {
switch ($a) {
@@ -103,11 +103,11 @@
return 3;
}
}
-
+
- If you run %product% with version 7.1 of the PHP runtime, the report will contain the following problems:
+If you run %instance% with version 7.1 of the PHP runtime, the report will contain the following problems:
-
+
Analysis results: 2 problems detected
@@ -116,11 +116,11 @@
Missing return type declaration Info 1
Unused declaration Info 1
-
+
- Running %product% with version 8.0 of the PHP runtime will produce the following output:
+Running %instance% with version 8.0 of the PHP runtime will produce the following output:
-
+
Analysis results: 3 problems detected
@@ -130,18 +130,18 @@
Unused declaration Info 1
'switch' can be replaced with 'match' expression Info 1
-
+
- Running %product% with the migration feature enabled will produce the following report:
+Running %instance% with the migration feature enabled will produce the following report:
-
+
Analysis results: 1 problems detected
Grouping problems by severity: Info: 1
Name Severity Count problems
'switch' can be replaced with 'match' expression Info 1
-
+
As you can see, the migration report contains only the problem contained in the version 8.0 report and missing from the version 7.1 report.
diff --git a/topics/pricing.md b/topics/pricing.md index 0b5bcac2..03a1d01f 100644 --- a/topics/pricing.md +++ b/topics/pricing.md @@ -6,9 +6,9 @@ Depending on your needs, you can choose a suitable license described in this tab |---------------|-------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | Community | Free | Best suited to solving isolated problems | | Ultimate | See [Subscription Options and Pricing](https://www.jetbrains.com/qodana/buy/) for details | Designed for solving various business tasks. A trial version is available. | -| Ultimate Plus | See [Subscription Options and Pricing](https://www.jetbrains.com/qodana/buy/) for details | Comes with all the same functionality as the Ultimate license, but also includes additional [features](features.xml) and unlimited historical data storage. A trial version is available. | +| Ultimate Plus | See [Subscription Options and Pricing](https://www.jetbrains.com/qodana/buy/) for details | Comes with all the same functionality as the Ultimate license, but also includes additional [features](features.topic) and unlimited historical data storage. A trial version is available. | -Here are the links to essential %product% documents: +Here are the links to essential %instance% documents: * [Subscription Options and Pricing](https://www.jetbrains.com/qodana/buy/) * [Terms of Service](https://www.jetbrains.com/legal/docs/agreements/qodana/license/) related to the linters licensed under the Ultimate and Ultimate Plus licenses @@ -20,7 +20,7 @@ Here are the links to essential %product% documents: This section enumerates the technologies and features that are available for each license. All technologies and features mentioned in the Ultimate and Ultimate Plus columns are available for both the trial and -full versions of the respective %product% license type. +full versions of the respective %instance% license type. ### Programming languages @@ -121,14 +121,14 @@ Here, C and C++ inspections are applicable for projects containing `.sln` files. |-------------------------------------------------------|-----------|-----------|---------------| | [Monorepo support](monorepo-project.md) | ✔ | ✔ | ✔ | | [CI/CD integrations](ci.md) | ✔ | ✔ | ✔ | -| [Custom plugin support](extending-qodana-plugins.xml) | ✔ | ✔ | ✔ | -| [](baseline.xml) | ✔ | ✔ | ✔ | -| [](quality-gate.xml) | ✔ | ✔ | ✔ | +| [Custom plugin support](extending-qodana-plugins.topic) | ✔ | ✔ | ✔ | +| [](baseline.topic) | ✔ | ✔ | ✔ | +| [](quality-gate.topic) | ✔ | ✔ | ✔ | | Docker and Kubernetes support | ❌ | ✔ | ✔ | | [](code-coverage.md) | ❌ | ✔ | ✔ | | [](quick-fix.md) | ❌ | ✔ | ✔ | -| [](php-language-upgrade.xml) | ❌ | ✔ | ✔ | -| [](license-audit.xml) | ❌ | ❌ | ✔ | +| [](php-language-upgrade.topic) | ❌ | ✔ | ✔ | +| [](license-audit.topic) | ❌ | ❌ | ✔ | | [](taint-analysis.md) | ❌ | ❌ | ✔ | | [](vulnerability-checker.md) | ❌ | ❌ | ✔ | @@ -164,13 +164,13 @@ This is the list of linters that require either the Ultimate or the Ultimate Plu ## Qodana licensing: an overview The Community license is free to use, though its functionality is limited only to the Community versions of Qodana -linters. Furthermore, it lacks numerous helpful [features](features.xml) that are available in the paid versions and +linters. Furthermore, it lacks numerous helpful [features](features.topic) that are available in the paid versions and only offers a limited period for [data storage](#pricing-data-storage) in Qodana Cloud. The trial versions of the Ultimate or Ultimate Plus licenses are limited by a 60-day trial period. After the trial license expires, you'll have to purchase either the Ultimate or the Ultimate Plus license to continue using Qodana. -You can study the [%product% Terms of Service](https://www.jetbrains.com/legal/docs/agreements/qodana/license/) on the JetBrains website. +You can study the [%instance% Terms of Service](https://www.jetbrains.com/legal/docs/agreements/qodana/license/) on the JetBrains website. ## Frequently asked questions @@ -190,7 +190,7 @@ page for payment details. After the payment, you will be redirected to the [onbo Qodana Cloud. 2. During the onboarding stage on the Qodana Cloud website, you’ll generate a public key that will be -identified by %product%, as well as a project token for uploading %product% reports to your first project. +identified by %instance%, as well as a project token for uploading %instance% reports to your first project. Although the Community license does not require a Qodana Cloud account, it will be more convenient to use Qodana Cloud in this case too. @@ -215,22 +215,22 @@ licenses will expire, which means users will have to switch to a trial license. A trial license is a time-limited version of either the Ultimate or the Ultimate Plus license. Each trial license duration is limited to 60 days, after which this type of license is no longer valid and cannot be used further. To -continue using %product%, you’ll have to buy a full version of your license. +continue using %instance%, you’ll have to buy a full version of your license. -### What are %product% linters and Qodana Cloud designed for? +### What are %instance% linters and Qodana Cloud designed for? -Both %product% linters and Qodana Cloud are essential parts of the product named %product%. You can inspect your codebase -using %product% linters, and you can use Qodana Cloud for managing your projects and licenses, as well as collecting -%product% reports in a single place. For more details, see the [](cloud-use-cases.xml) page of the Qodana Cloud +Both %instance% linters and Qodana Cloud are essential parts of the product named %instance%. You can inspect your codebase +using %instance% linters, and you can use Qodana Cloud for managing your projects and licenses, as well as collecting +%instance% reports in a single place. For more details, see the [](cloud-use-cases.topic) page of the Qodana Cloud documentation. -### Can I use %product% linters without creating a Qodana Cloud account? +### Can I use %instance% linters without creating a Qodana Cloud account? If you plan to use the Ultimate or Ultimate Plus licenses, you have to create an account at Qodana Cloud and accomplish the [onboarding](cloud-onboarding.md) stage. For more details, see [the first question](#faq-start-using-qodana) in this section. -You can run %product% linters available under the Community license without using Qodana Cloud, but there are no obstacles +You can run %instance% linters available under the Community license without using Qodana Cloud, but there are no obstacles to using Qodana Cloud in this case. ### Do I need to provide payment details for a trial license? @@ -257,7 +257,7 @@ the unlimited number of times. In this case, however, all purchased subscription The total license cost is based on the number of active contributors. An active contributor is a person who commits to any number of Qodana Cloud projects during the latest 90 days, within the same organization, and under a single -license. During the [onboarding](cloud-onboarding.md) stage and while creating a new [project](cloud-projects.xml), Qodana +license. During the [onboarding](cloud-onboarding.md) stage and while creating a new [project](cloud-projects.topic), Qodana Cloud requests your repository URL to calculate contributors. The minimal number of contributors used for licensing is 3 (three). The number of actual contributors is calculated based on the subscription plan. For example, using the monthly @@ -267,16 +267,16 @@ be recalculated for 20 (twenty) contributors. At the end of the second month, th again based on the actual number of active contributors found within that month. For more details, see the **Fees and Payments** section of the -[%product% Terms of Service](https://www.jetbrains.com/legal/docs/agreements/qodana/license/). +[%instance% Terms of Service](https://www.jetbrains.com/legal/docs/agreements/qodana/license/). ### What is the minimum number of contributors I can buy the license for? -You can buy a %product% license for 3 (three) or more contributors. +You can buy a %instance% license for 3 (three) or more contributors. ### What do I need to know about subscription billing? Here is the billing description taken from the -[%product% Terms of Service](https://www.jetbrains.com/legal/docs/agreements/qodana/license/): +[%instance% Terms of Service](https://www.jetbrains.com/legal/docs/agreements/qodana/license/): **Monthly Subscriptions** – At the beginning of each Subscription Period, You will specify the expected number of Active Contributors (3 or more). At the end of the Subscription Period, You will be charged Subscription fees according @@ -305,7 +305,7 @@ the number of prepaid Active Contributors, We will not refund or otherwise credi Qodana Cloud stores all information about your Ultimate and Ultimate Plus licenses. This explains why you need to create a Qodana Cloud account before running Qodana. Apart from this functionality, Qodana Cloud provides several other -[helpful features](cloud-use-cases.xml). +[helpful features](cloud-use-cases.topic). ### Which minimum steps do I need to perform in Qodana Cloud? @@ -319,14 +319,12 @@ No, you can use the Community version of Qodana in any open-source or proprietar Compared to the Ultimate license, the Ultimate Plus license provides the following additional features: - +* [](license-audit.topic) +* [](taint-analysis.md) +* [](vulnerability-checker.md) ### Which licenses are integrated into CI/CD pipelines? -All %product% licenses support integration with the CI/CD solutions described in the [](ci.md) section. +All %instance% licenses support integration with the CI/CD solutions described in the [](ci.md) section. diff --git a/topics/project-token.md b/topics/project-token.md index a92e99ce..89520252 100644 --- a/topics/project-token.md +++ b/topics/project-token.md @@ -1,48 +1,48 @@ [//]: # (title: Project tokens) Generally available [paid linters](pricing.md#pricing-linters-licenses) require that you use the -`QODANA_TOKEN` variable to provide a [project token](cloud-projects.xml#cloud-manage-projects) while running %product%, +`QODANA_TOKEN` variable to provide a [project token](cloud-projects.topic#cloud-manage-projects) while running %instance%, for example:
+
qodana scan \
-e QODANA_TOKEN="<qodana-cloud-token>"
-
+
+
docker run \
-v $(pwd):/data/project/ \
-e QODANA_TOKEN="<qodana-cloud-token>" \
jetbrains/qodana-<linter>
-
+
- 
+
+
The Docker image for the %linter% linter is provided to support different usage scenarios:
@@ -34,7 +32,7 @@You can run the %linter% linter using two methods.
Qodana CLI is the easiest method. If necessary,
check the installation page to install
- Qodana CLI. Alternatively, you can use the Docker commands from the
.DotSettings files)
By default, InspectCode also runs Roslyn analyzers on the target solution. If you want to disable
Roslyn analyzers, you can do it in the solution's .DotSettings file, for example:
- <wpf:ResourceDictionary xml:space="preserve"
- xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml"
- xmlns:s="clr-namespace:System;assembly=mscorlib"
- xmlns:ss="urn:shemas-jetbrains-com:settings-storage-xaml"
- xmlns:wpf="http://schemas.microsoft.com/winfx/2006/xaml/presentation">
+
+ <wpf:ResourceDictionary xml:space="preserve"
+ xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml"
+ xmlns:s="clr-namespace:System;assembly=mscorlib"
+ xmlns:ss="urn:shemas-jetbrains-com:settings-storage-xaml"
+ xmlns:wpf="http://schemas.microsoft.com/winfx/2006/xaml/presentation">
<!-- Enable/disable Roslyn analyzers and Source Generators -->
- <s:Boolean x:Key="/Default/CodeInspection/Roslyn/RoslynEnabled/@EntryValue">False</s:Boolean>
+ <s:Boolean x:Key="/Default/CodeInspection/Roslyn/RoslynEnabled/@EntryValue">False</s:Boolean>
<!-- Include/exclude Roslyn analyzers in Solution-Wide Analysis -->
- <s:Boolean x:Key="/Default/CodeInspection/Roslyn/UseRoslynInSwea/@EntryValue">False</s:Boolean>
+ <s:Boolean x:Key="/Default/CodeInspection/Roslyn/UseRoslynInSwea/@EntryValue">False</s:Boolean>
</wpf:ResourceDictionary>
-
+
@@ -114,27 +112,27 @@
Inspection settings in .editorconfig files are configured similarly to other properties —
by adding the corresponding lines:
+
[inspection_property]=[error | warning | suggestion | hint | none]
-
+
For example, you can change the
severity level
of the Possible 'System.NullReferenceException' inspection to Error with the
following line:
+
resharper_possible_null_reference_exception_highlighting=error
-
+
or you can disable the Redundant argument with default value inspection with the following line:
+
resharper_redundant_argument_default_value_highlighting=none
-
+
.editorconfig files have higher priority than the settings
- configured on the You can find EditorConfig property for each inspection on pages in the
Code inspection index
@@ -148,7 +146,7 @@
-
Pull the image from Docker Hub (only necessary to update to the latest version):
docker pull jetbrains/%linter-shell%
-
+ Run the following command to start inspecting your source code:
-
+
docker run \
-v <source-directory>/:/data/project/ \
-v <output-directory>/:/data/results/ \
-e QODANA_TOKEN="<cloud-project-token>" \
jetbrains/%linter-shell%
-
+
where source-directory and output-directory are full local paths to,
respectively, the project source code directory and the analysis results directory. The
@@ -183,13 +181,13 @@
If you don't need the user interface and prefer to study raw data, use the following command:
-
+
docker run \
-v <source-directory>/:/data/project/ \
-v <output-directory>/:/data/results/ \
-e QODANA_TOKEN="<cloud-project-token>" \
jetbrains/%linter-shell%
-
+
The output-directory will contain the inspection report.
If you run the analysis several times in a row, make sure you've cleaned the results directory before
@@ -199,19 +197,19 @@
In the project root directory, run this command to inspect your code and view the inspection
report locally: If you don't need the user interface and prefer to study raw data, use the following command: The Use the following command as a task in a generic Shell executor: where Consider using the feature to make the build fail when a certain number
- of problems is reached and the feature to compare each new linter
+ Consider using the feature to make the build fail when a certain number
+ of problems is reached and the feature to compare each new linter
run to some initial run selected as a Run this command in the project root directory: This will save inspection results to the directory specified by You can also apply the feature to make the build fail when a certain number
+ You can also apply the feature to make the build fail when a certain number
of problems is reached by using the The feature compares each new %linter% run to some initial run using
+ The feature compares each new %linter% run to some initial run using
the This feature requires that you specify the %linter% name either in the In GitHub, %product% is implemented as the In GitHub, %instance% is implemented as the To authorize in Qodana Cloud and forward reports to it, follow these steps: To authorize in Qodana Cloud and forward reports to it, follow these steps: In the GitHub UI, create the In a GitHub workflow,
add this snippet to invoke the
+
+
+
+
output-directory specifies the directory where the SARIF-formatted report will be
saved. The QODANA_TOKEN variable refers to the project token
required by the
@@ -226,21 +224,21 @@
+
+
source-directory and output-directory are full paths to, respectively,
the project source code directory and the analysis
results directory. The QODANA_TOKEN variable refers to the project token
required by the
Ultimate and Ultimate Plus linters.
+
+
output-directory.--fail-threshold
option.--baseline and
--baseline-include-absent options.
qodana.yaml file,
- or using the args configuration option of GitHub, for example: args: --linter,%linter-shell% Qodana Scan GitHub Action.To configure the
+ or using the args configuration option of GitHub, for example: Qodana Scan GitHub Action.To configure the
Qodana Scan GitHub Action, save the .github/workflows/code_quality.yml file
containing the workflow configuration:
+
+
- QODANA_TOKEN encrypted secret and
- save the project token as its value.Qodana Scan action:
+
+
Release
configuration:
+
--configuration=Release
-
+
Alternatively, you can specify the configuration in qodana.yaml:
+
dotnet:
configuration: Release
-
+
By default, the solution platform is set to Any CPU.You can override this using the
--platform option:
+
--platform=x86
-
+
Alternatively, you can specify the platform in qodana.yaml:
+
dotnet:
platform: x86
-
+
diff --git a/topics/qodana-dotnet-community.md b/topics/qodana-dotnet-community.md
index 1b5ced99..02a89bee 100644
--- a/topics/qodana-dotnet-community.md
+++ b/topics/qodana-dotnet-community.md
@@ -4,7 +4,7 @@
-
+
-
+
-
+
qodana scan \
--ide QDNET
-
+
Here, the --ide option downloads and uses the JetBrains IDE binary file.
Alternatively, in the qodana.yaml file you can save the ide: QDNET configuration,
- and then run %product% using this command:
+ and then run %instance% using this command:
+
qodana scan
-
+
This is how you can run the Dockerized version of the %linter% linter:
-In GitHub, %product% is implemented as the Qodana Scan GitHub Action.To configure the
+
In GitHub, %instance% is implemented as the Qodana Scan GitHub Action.To configure the
Qodana Scan GitHub Action, save the .github/workflows/code_quality.yml file
containing the workflow configuration:
+
name: Qodana
on:
workflow_dispatch:
@@ -84,7 +82,7 @@
fetch-depth: 0
- name: 'Qodana Scan'
uses: JetBrains/qodana-action@v2022.3.3
-
+
Using this workflow, Qodana will run on the main branch, release branches, and on the pull requests coming to your repository.
@@ -101,24 +99,24 @@ -
+
pr-mode: false
-
+
- To authorize in Qodana Cloud and forward reports to it, follow these steps:
+To authorize in Qodana Cloud and forward reports to it, follow these steps:
In the GitHub UI, create the QODANA_TOKEN encrypted secret and
- save the project token as its value.
In a GitHub workflow,
add this snippet to invoke the Qodana Scan action:
+
- name: 'Qodana Scan'
uses: JetBrains/qodana-action@v2022.3.3
env:
QODANA_TOKEN: ${{ secrets.QODANA_TOKEN }}
-
+
- This section is intended for users familiar with configuring code analysis via %ide% inspection profiles. + This section is intended for users familiar with configuring code analysis via %ide% inspection profiles.
/data/profile.xml inside the container:
-
+
docker run \
-p 8080:8080 \
-v <source-directory>/:/data/project/ \
@@ -147,19 +144,19 @@
-v <inspection-profile.xml>:/data/profile.xml \
%docker-image% \
--show-report
-
+
You can pass the reference to the existing profile by mapping the profile inside the container:
-
+
qodana scan \
-l %docker-image% \
--results-dir <output-directory> \
--profile-path <path-to-profile> \
--show-report
-
+
%linter% does not support authentication for private NuGet repositories using, for example, - Windows Authentication. To overcome this limitation, you can place all required packages within the %product% + Windows Authentication. To overcome this limitation, you can place all required packages within the %instance% cache as shown below:
C:/Temp/QodanaCache.--cache-dir C:/Temp/QodanaCache option.%userprofile%\.nuget\packages
+ %userprofile%\.nuget\packages
folder to C:/Temp/QodanaCache/nuget. If you have a custom package folder, copy packages
- from that folder instead of %userprofile%\.nuget\packages.--cache-dir C:/Temp/QodanaCache once more.%userprofile%\.nuget\packages.--cache-dir C:/Temp/QodanaCache once more.
-
| Programming languages |
@@ -103,7 +103,7 @@ Here, C and C++ inspections are applicable for projects containing `.sln` files.
## Supported features
-
+
+
### Build the project
-Build the project before inspecting it using %product%. You can do it by using the [`bootstrap`](before-running-qodana.md)
+Build the project before inspecting it using %instance%. You can do it by using the [`bootstrap`](before-running-qodana.md)
option of the [`qodana.yaml`](qodana-yaml.md) file contained in your project directory.
-### Configure %product%
+### Configure %instance%
-Starting from version 2023.3 of %product%, the native mode is the recommended method for running the %linter% linter.
+Starting from version 2023.3 of %instance%, the native mode is the recommended method for running the %linter% linter.
We recommend running the native mode on the same machine where you build a project because this can guarantee
-that %product% has access to private NuGet feeds.
+that %instance% has access to private NuGet feeds.
#### Specify a solution
-EditorConfig files. To disable them, you can [configure the %product% profile](custom-profiles.md) using
+EditorConfig files. To disable them, you can [configure the %instance% profile](custom-profiles.md) using
the `qodana.yaml` file, for example:
```yaml
@@ -168,7 +168,7 @@ Another configuration example is available [on GitHub](https://github.com/hybloi
### Run Qodana
You can run Qodana CLI in the native mode, which is the recommended method
-for the %linter% linter. Alternatively, you can use the Docker command from the
+
+
Here, the Alternatively, in the
+ and then run %instance% using this command:
+
+
To start, pull the image from Docker Hub (only necessary to get the latest version): @@ -195,14 +195,14 @@ for the %linter% linter. Alternatively, you can use the Docker command from theStart local analysis with
+
+
Open
-
-
-
-
-
-
|
-You can also have access to %product% using the **Problems | Server-Side Analysis** tool window of your IDE.
+You can also have access to %instance% using the **Problems | Server-Side Analysis** tool window of your IDE.
-## Run %product% locally
+## Run %instance% locally
{id="ide-plugin-run-qodana"}
-You can run %product% locally and then forward inspection reports to [Qodana Cloud](cloud-about.xml) for storage and analysis purposes.
+You can run %instance% locally and then forward inspection reports to [Qodana Cloud](cloud-about.topic) for storage and analysis purposes.
- 
@@ -138,47 +138,47 @@ This table describes each button from top to bottom:
2. On the build configuration page, select **Build Steps** from the **Edit configuration** list.
+
3. On the **Build steps** page, click the **Add build step** button.
+
4. From the **Runner type** list, select **Qodana** as a runner. On the **New Build Step** page, you can configure the `Qodana` runner
using the basic options. Otherwise, click **Show advanced options** to expand the list of configuration options.
+
5. Fill in the fields using this description.
@@ -40,7 +44,7 @@ using the basic options. Otherwise, click **Show advanced options** to expand th
**Report ID** uniquely identifies the report to let you distinguish between multiple reports when several inspection steps are configured within a single build.
- The **Forward reports to TeamCity tests** checkbox configures %product% report availability in
+ The **Forward reports to TeamCity tests** checkbox configures %instance% report availability in
the [Test](https://www.jetbrains.com/help/teamcity/build-results-page.html#Tests+Tab) tab of TeamCity UI. Using this
option, you can view codebase problems along with other problems detected.
@@ -56,24 +60,24 @@ using the basic options. Otherwise, click **Show advanced options** to expand th
You can disable certain inspections later using the [`qodana.yaml`](qodana-yaml.md#exclude-paths) file or [Profile settings](ui-overview.md#Adjust+your+inspection+profile) in your HTML report.
- **Additional arguments for 'docker run'** configures the arguments accepted by a Docker image, see the [](docker-image-configuration.xml#docker-config-reference-docker-environment) section for details.
+ **Additional arguments for 'docker run'** configures the arguments accepted by a Docker image, see the [](docker-image-configuration.topic#docker-config-reference-docker-environment) section for details.
- **Additional Qodana arguments** lets you extend the default Qodana functionality, see the [Docker image configuration](docker-image-configuration.xml) page for details.
+ **Additional Qodana arguments** lets you extend the default Qodana functionality, see the [Docker image configuration](docker-image-configuration.topic) page for details.
7. Click **Save**. Now you can run Qodana in the build.
### Configure the project token
-The [project token](project-token.md) is required by the paid %product% [linters](pricing.md#pricing-linters-licenses),
+The [project token](project-token.md) is required by the paid %instance% [linters](pricing.md#pricing-linters-licenses),
and is optional for using with the Community linters. You can see these sections to learn how to generate the project token:
* The [](cloud-onboarding.md) section explains how to get the project token generated while first working with Qodana Cloud
-* The [](cloud-projects.xml#cloud-manage-projects) section explains how to create a project in the existing Qodana Cloud organization
+* The [](cloud-projects.topic#cloud-manage-projects) section explains how to create a project in the existing Qodana Cloud organization
To apply the generated project token, follow these steps:
-1. In the TeamCity UI, open the build step that will run %product%.
-2. In the **Cloud Token** field, insert the [Qodana Cloud token](cloud-projects.xml#cloud-manage-projects) value.
+1. In the TeamCity UI, open the build step that will run %instance%.
+2. In the **Cloud Token** field, insert the [Qodana Cloud token](cloud-projects.topic#cloud-manage-projects) value.
5. Fill in the fields using the [Command Line](https://www.jetbrains.com/help/teamcity/command-line.html#General+Settings)
@@ -124,10 +132,12 @@ this file to the working directory manually. Alternatively, you can write a scri
Now that you have configured and run the build, you can observe inspection results in the TeamCity UI.
1. Navigate to the project build page. In the **Overview** tab, click the build entry.
+
2. On the build page, navigate to the **Qodana** tab to find the inspection report. To learn more about Qodana
reports, see the 
diff --git a/topics/troubleshooting.xml b/topics/troubleshooting.topic
similarity index 81%
rename from topics/troubleshooting.xml
rename to topics/troubleshooting.topic
index 70de2c99..2eaf4b68 100644
--- a/topics/troubleshooting.xml
+++ b/topics/troubleshooting.topic
@@ -1,10 +1,10 @@
-
-
+
+
-
Each report contains the following tabs:
* **[Actual problems](#ui-overview-actual-problems)** exposes the problems that Qodana detected during the latest inspection
-* **[Baseline](#ui-overview-baseline)** lists the problems that were marked as [baseline](baseline.xml) and were not fixed since then
-* **[Configuration](#ui-overview-configuration)** lets you configure %product% for future use
-* **[License audit](#ui-overview-project-audit)** reveals the [license audit](license-audit.xml) results and shows the dependency licenses that are incompatible with the project license
+* **[Baseline](#ui-overview-baseline)** lists the problems that were marked as [baseline](baseline.topic) and were not fixed since then
+* **[Configuration](#ui-overview-configuration)** lets you configure %instance% for future use
+* **[License audit](#ui-overview-project-audit)** reveals the [license audit](license-audit.topic) results and shows the dependency licenses that are incompatible with the project license
The upper-right corner of the report shows [code coverage](code-coverage.md) inspection results.
@@ -55,7 +55,7 @@ problems move to this tab.
This tab is similar to the **Actual problems** tab. To enable the baseline feature for future
inspections, follow the instructions that appear in the report UI. For more information, explore the
-[](baseline.xml) section.
+[](baseline.topic) section.
## Configuration
{id="ui-overview-configuration"}
@@ -76,7 +76,7 @@ See the [Adjust your inspection profile](#Adjust+your+inspection+profile) sectio
## License audit
{id="ui-overview-project-audit"}
-
+
## Troubleshooting
{id="vs-code-troubleshooting"}
@@ -105,7 +105,7 @@ On this tab, you can click problem items and navigate to code fragments where %p
You can use the **Qodana: Reset authentication** command to switch between Qodana Cloud accounts without clearing settings.
This can be useful in case you have several organizations under different Qodana Cloud accounts.
-### I cannot get %product% reports using current settings
+### I cannot get %instance% reports using current settings
You can use the **Qodana: Reset all settings** command to reset all settings and credentials and try to configure
the extension again, or use other settings.
diff --git a/topics/vulnerability-checker.md b/topics/vulnerability-checker.md
index c4954305..73cf5c93 100644
--- a/topics/vulnerability-checker.md
+++ b/topics/vulnerability-checker.md
@@ -14,7 +14,7 @@ It sends only hashed names of packages. We never log or process hashes we don't
analyze your proprietary or confidential packages.
This feature is available under the Ultimate Plus [license](pricing.md) and its trial version and provides the following
-%product% inspections:
+%instance% inspections: