Setting your standards - Overview

In SonarCloud, code quality and code security standards are enforced through two mechanisms: quality profiles and quality gates.

Every project has a quality profile set for each supported language. The profile defines which rules will be applied during analysis.

After analysis, the quality gate takes the resulting metrics and compares them to its defined thresholds to determine if the code meets the requirements for release or merge.

The quality profile and quality gate of every new project are set to built-in defaults, (called Sonar way). The Sonar way quality profile and quality gate represent the optimum combination of rules and thresholds for most projects, guiding developers in using Clean as You Code principles to improve code quality and code security.

Quality gates

Each project has a single quality gate definition activated at any given time. This definition is used for all the quality gates that appear in the project, whether on the main branch, other branches, or pull requests.

When first imported, a project is assigned the default quality gate definition set for its organization. However, a different one can be chosen by a project administrator from among those available within the organization. The quality gate definitions available in your organization are defined and managed at the organization level by an organization administrator. See Managing quality gates.

Quality profiles

Each project has a single quality profile activated, for each language, at any given time. By default, the built-in Sonar way quality profile is activated for every language. However, a different one can be chosen by a project administrator from among those available within the organization. The quality profiles available in your organization can be defined at the organization level by an organization administrator. See Managing quality profiles.