Skip to end of metadata
Go to start of metadata

By SonarSource – GNU LGPL 3 – Issue TrackerSources – Supported by SonarSource
More versions
SonarXML 2.0.1 – Jan 14, 2019 – SonarQube 6.7+ (Compatible with LTS)
SonarLint support, 4 new rules, precise issue locations for all rules, drop of S2322
DownloadRelease notes


Enables the SonarXML analyzer.

Steps to Analyze a XML Project

  1. Install SonarQube Server (see Setup and Upgrade for more details)
  2. Install SonarQube Scanner and be sure your can call sonar-scanner from the directory where you have your source code
  3. Install SonarXML (see Installing a Plugin for more details)
  4. Run your analysis with the SonarQube Scanner by executing the following command from the root directory of the project:

    sonar-scanner -Dsonar.projectKey=xxx -Dsonar.sources=.
  5. Follow the link provided at the end of the analysis to browse your project's quality in SonarQube UI

Further Analyses

Assuming steps 1-3 above have already been completed, you'll want to encapsulate your analysis parameters in a file at the root of your project (see a sample project on GitHub: Then subsequent analyses can simply be run with:



Advanced Usage

With SonarXML, you can also:



Validating Files Against Specific Schemas

Files can be validated against specific schemas thanks to the XML Schema Validation rule.

Within the same project some files can be validated against schema 'S1', others against schema 'S2', others against schemas 'S3' and 'S4', and so on. Therefore, this rule must be copied and configured as many times as you have pairs of files/schemas.


  • Schema validation is performed by the Xerces parser using XML schemas (XSDs).
  • For validation of XHTML files it is recommended to use autodetect, xhtml1-transitional or xhtml1-strict.


  • No labels