We are pleased to announce the SonarQube C++ Community Plugin version 2.3.0. See lists below for features added and bugs fixed in this release. The version 2.3 of the cxx plugin is a minor update. Essentially, adjustments to the new SonarQube Server 2026 LTA version.
Make sure to read the Upgrade Instructions before you get started.
SonarQube compability
- tested and released with Sonar Plugin API 13.4.3.4290 and SonarQube Community Build 26.1.0.118079 with Java 21 (other versions are not tested but the plugin should also be compatible with SonarQube Server 2026.1 LTA)
- see also SonarQube compatibility matrix
- tested and released with Sonar Plugin API 13.4.3.4290 and SonarQube Community Build 25.8.0.111898 with Java 21 (other versions are not tested but the plugin should also be compatible with SonarQube Server 2025.4 LTA)
- see also SonarQube compatibility matrix
- The plugin requires Java 21 on server and scanner side: install a Java version (e.g http://jdk.java.net/archive/) and update
JAVA_HOMEto point to the installation directory. - make sure to read the Upgrade Instructions before you get started
Enhancements
- ensure SonarQube Server 2026.1 LTA compatibility #3018
- test plugin with Community 26.1.0.118079 (Server 2026.1 LTA) and CLI scanner 8.0.1.6346 #3025
- test plugin with Community 25.8.0.112029 (Server 2025.4 LTA) and CLI scanner 7.2.0.5079
- build and test with Java 21 #3019 #3021
- removed support for Java 17
- sonar-cryptography plugin support #3013 #3032
- add symbol table and AST extension APIs for semantic analysis
- client certificate support #3033
- rename sslcontext-kicktart to ayza #3036
- update of copyright information to 2026 #3058
Bugfixes
Known Issues
For an up to date list of known issues see the issue tracker.
- Only tested with Java 21: SonarQube
nohup.logfile item:Error: LinkageError occurred while loading main class org.sonar.application.App java.lang.UnsupportedClassVersionError: org/sonar/application/App has been compiled by a more recent version of the Java Runtime (class file version 61.0), this version of the Java Runtime only recognizes class file versions up to 55.0. To solve this download OpenJDK 21 and unzip it (http://jdk.java.net/archive/). Point with the JAVA_HOME environment variable to the Java 21 location. - In SonarQube, each file extension must be uniquely assigned to one programming language. When operating several C/C++ plugins in parallel, this must be taken into account during configuration. To avoid problems on a server with multiple C++ plugins, the CXX programming language sensor is disabled by default.
- Ensure that a rule is enabled if you get no results. In new SQ versions the default profile is read-only. The cxx plugin does not enable rules for external tools per default.
- Message: "C++ cannot be analyzed with current SonarQube edition. Please consider upgrading...". SonarQube issues this message when an input file with the file extension .c, .cc, .cpp, .cxx or .c++ is read in the Community Edition. Select "Dismiss permanently" to continue without the message.
- The cxx plugin supports the Standard Experience Mode only but can also be used in Multi-Quality Rule (MQR) Mode, for mapping see #2855
- sonar.cxx.other.rules: Starting with SonarQube 9.x LTS, a plugin cache mechanism was introduced that only reloads a plugin and thus the rules of a repository if a change to at least one plugin is detected. A “change” can be if there is a plugin with a new PluginKey in the plugin directory. It also checks whether the hash value of a plugin package has changed. If a change is detected, the plugin and thus the repositories it contains are updated.
- cxx-sslr-toolkit-x.y.z.jar is not a plugin. Do not copy it to the plugins folder. If the JAR file does not contain a SonarQube plugin, the following error message appears in the LOG file when the server is started:
ERROR Web server startup failed java.lang.NullPointerException: Plugin key is missing from manifest.
Thanks ....
Thanks to @chmodshubham @jenspopp @Hakky54 @mobashir-sadiquee-tfs @guwirth for their input and support.