Your browser does not support iframes.
All SCM providers currently require the native executable to be installed on the server where the SonarQube analysis will run. For example, for projects hosted on a Subversion repository and analysed on a Jenkins server, svn executable must be available on the Jenkins server (and its slaves if any).
Subversion (1.6+ client)
- tested by users
- not tested
- not implemented
This plugin collects SCM information on each source file to display in the source code viewer the last committer on lines.
- Install the plugin through the Update Center or download it into the SONARQUBE_HOME/extensions/plugins directory
- Restart the SonarQube server
Configuring the SCM Activity Plugin
Set the SCM URL of your project (see SCM URL Format):
sonar.scm.urlproperties. For Git, SVN and Mercurial, the SCM provider is automatically discovered, so what's defined in this property is not taken into account.
- At project level, go to Configuration > Settings > SCM Activity and specify User (
sonar.scm.user.secured) and Password (
sonar.scm.password.secured) if needed; if specified then
developerConnectionwill be used, otherwise
- Launch a new quality analysis and the metrics will be fed.
Security note for SonarQube 3.4+
*.secured properties to be read during the project analysis, it is necessary to set the
sonar.password properties to the credentials of a user that is:
- System administrator
- And project administrator on the project that is being analyzed
sonar-runner -Dsonar.login=admin -Dsonar.password=admin
Forcing the Retrieval of Blame Information
In some cases, it is necessary to retrieve blame information on files that have not been changed (for example when a user has been renamed). To force this retrieval, here are the steps to follow:
- Deactivate the SCM Activity plugin:
sonar.scm.enabled = false
- Run an analysis on your project
- Reactivate the SCM Activity plugin:
sonar.scm.enabled = true
- Run an analysis on your project
Note that a property should be added sooner or later to explicitly force this retrieval or not. See SONARPLUGINS-2359.
Subversion "Server certificate verification failed: issuer is not trusted"
Add following to
CVS anonymous access not working "org.apache.maven.scm.ScmException: password is required."
Try to set empty password for repository in
.cvspass. For example:
I use Git and the annotated sources sometimes display a wrong/old author name
The plugin uses '
git blame' command to find out the author of each line. Because a user can commit with different author name/email, it is advised to have a
.mailmap file at the root of the repository. This file is used by '
git blame' to find out canonical name/email of each user.
I use Git and the annotated sources sometimes display "Not Committed Yet"
In case you have set the parameter autocrlf to "true" or "input" and source file was previously committed with Windows line endings then git blame will report each line as "Not Committed Yet" as an indication that the file will be normalized to Unix line endings in case you do a modification and a commit on the same file.
The simplest workaround is to always set autocrlf to "false" on the box doing the SonarQube analysis.
Additional configuration for Perforce
You have to set an additional parameter to define the Perforce client name while running your analysis: