Developers care about code. They care about code a lot. They care about writing it, reviewing it, and maintaining it. They want Clean Code, and the eight million .NET developers are no different. They have been enjoying the power of Roslyn analyzers delivered by Microsoft for a long time, and we are here to take that power to 11!
Today, we expanded our support for the Microsoft ASP.NET Core Blazor framework by adding new rules targeting Razor components.
We’ve been helping .NET developers create Clean Code for over a decade with our SonarQube Server, SonarQube Cloud, and SonarQube for IDE products. In 2015, we partnered with Microsoft to improve the integration of Sonar analyzers for the .NET ecosystem. Since then, we’ve been continually improving our analysis. We now provide over 450 rules and cover specific cases such as Microsoft Azure Functions, Cognitive Complexity, Async-Await usage, Multi-Threading, or DateTime usage. We bring taint analysis, complex bug detection, secrets detection, and more right to your fingertips. And yes, we do support Microsoft Visual Basic .NET! We cover code in Azure DevOps, GitHub, GitLab, and Bitbucket, allowing developers to take a Clean as You Code approach to building great applications, whatever their tools and processes.
What is Blazor?
Blazor is the latest part of Microsoft ASP.NET Core technology, which allows you to code your UI with a mix of C# code and HTML presentation. It can run on the server or in the client and can also be used on the desktop in .NET MAUI applications. You can find much more information on Microsoft’s Blazor website.
Blazor's robust component model allows you to separate your user interface into smaller elements and then combine those elements to create larger functionalities. The Blazor framework is a game changer for companies, allowing C# developers to use their skills to build front-end UI without using JavaScript. The same CLR you are used to, with its same base class library, is available to you in the browser, thanks to the power of WebAssembly (WASM), an open standard supported by all 4 major browsers.
With Blazor, it becomes possible to modernize applications by moving pieces of it to the client, where it can give you the power of dynamic UI you have become accustomed to without learning new languages, frameworks, and toolchains.
Why Blazor applications?
Our goal is to analyze all .NET code, wherever it lives, and Blazor has seen a fantastic uptake from the community, with open-source projects like the Oqtane CMS framework going all-in on Blazor as the UI piece of the puzzle, the MudBlazor UI component library, or the ABP web application framework. We believe the same type of component ecosystem we have enjoyed over the years with Windows Forms or WPF will grow around Blazor.
Allowing C# developers to take their long-honed skills up to the web client has been a long sought-after feature, and it is finally here! And it is here to stay.
Sonar listened to the growing call of the .NET developer community to support them as they build front-end apps in the same way we currently support them in building backend or desktop applications. More and more C# code will live in .cshtml or .razor files, and it is our mission to ensure we give .NET developers the tools they need to keep that code as clean as the rest of their code.
We are excited to announce that Sonar now supports the analysis of Razor templates, which are at the core of the Blazor front-end web framework. Because SonarQube Cloud and SonarQube Server can now analyze the C# code inside .cshtml and .razor files, you can extend clean coding practices across your full-stack web applications developed with ASP.NET Core MVC, Razor Pages, and Blazor. We also released an update to support .NET 8 and C# 12 before the official release so you can adopt our favorite framework's newest LTS release on day one.
We have been, and continue to be, hard at work with Microsoft to bring all this to you. For this, we extend our thanks to their teams.
We analyzed a roster of Blazor-based open-source projects. Here is a sample of the issues we found in the C# code present in Razor files that you could not see before. These reflect common code maintenance challenges, often encountered as a codebase evolves, reaffirming the need for comprehensive code analysis regardless of experience level:
- Unused variables or members
- Unused methods
- High cognitive complexity in methods
- Possible null dereferencing
- Members that should be read-only
- Cascading if statements
What’s next in Blazor analysis?
We continue investing in Blazor and have, in fact, released the first set of rules explicitly targeted to discover issues in your Blazor web app. You can detect such problems as unsupported parameter types, misuse of JSInterop, or mismatched parameter types with their route constraints.
If you are a Sonar user, you can now use Razor files and Blazor components in your application, confident that we will bring you the same insights here as what you are used to on the rest of your code!
If you are yet to become a Sonar user, check out everything our tools and the Clean As You Code approach can bring to your development process. Whether your tools run in the cloud or on-premises, whether you use .NET or .NET Framework, we have you covered!
And if you are an open-source developer, this power is available to you for free because Sonar believes in a strong open-source community.
Check out this webinar with Microsoft Blazor Product Manager, Daniel Roth, to learn how you can leverage SonarQube Server and SonarQube Cloud to maintain Clean Code in your Blazor applications.
Download SonarQube for IDE and either install SonarQube Server or start a SonarQube Cloud trial and give it a try!
Ready, Set, Clean!