Qodana
The code quality platform for teams
“I tried out JetBrains’ code analysis tool Qodana”
This is the English version of the Japanese article first published by Jan Maki on Qiita. This post was not commissioned by Qodana and was written independently. For more information please reach out to them in the comments or via their link tree.
Qodana is JetBrains’ code analysis platform for quality and aspects of code security. It can be used to run static code analysis and other audits and supports a wide range of languages and frameworks. It can be run:
- from the command line
- inside JetBrains IDEs or VS Code
- in CI/CD environments such as GitHub Actions
It also comes with a web interface: Qodana Cloud, which makes it easy to review results online as a team, and navigate to where issues are in the IDE (in my case IntelliJ-IDEA).
Why I tried it
In modern workflows, it’s common to pair AI-assisted coding with linters. However, this can introduce issues:
- AI-generated code might include patterns that trigger IDE warnings
- If you commit and push automatically, those warnings slip past without being caught locally
- By the time you review on GitHub, those warnings may already be merged
I needed to find a solution for these potential problems. I tried bridging the gap with other linters like Prettier, but my IDE still complained about issues those tools didn’t cover. That’s where Qodana came in.
Qodana’s linter
According to JetBrains: “Qodana relies on the linters in JetBrains IDEs to bring that intelligence to the CI side.”
This means the criteria for warnings in your IDE and in Qodana are the same. If your IDE flags it, Qodana will too, and vice versa. That being said, Qodana has additional functionality that can’t be found in the IDEs, as well as a recently released organization dashboard for viewing overall project health in your business.
Using it in a project
I first tested Qodana on a small web service project called VRChat Group Search, which actively uses both AI-generated code and Qodana.
- Code scans run automatically in GitHub Actions
- Results are pushed to Qodana Cloud
- And you can see warnings like unused variable directly in the dashboard
This ensures nothing slips through between AI commits, IDE checks, and GitHub reviews.
Convenient features
Qodana has a range of convenient features, like those in JetBrains’ IDEs and more. Some of the features I’ve used most regularly are:
Quick Fix
Qodana can automatically fix issues it detects and allows users to choose which option they want to use to apply them:
- CLEANUP: Safe, small fixes.
- APPLY: Larger changes (review recommended).
You can configure these to run automatically if desired.
You can find out more about quick fixes here.
License Audit
Qodana checks whether your project’s license is compatible with the licenses of its dependencies. It works with Maven, Gradle, Composer, npm, Yarn, pip, Go Modules, NuGet, and more.
You can find out more about License Audit here.
IDE Integration
You can view Qodana results directly in JetBrains IDEs, as well as VS Code and Visual Studio – and even set up GitHub Actions workflows from inside the IDE. Over and above this functionality, you can also opt for vulnerability and bug checks, and so much more.
In closing…
Qodana offers a range of features for checking AI-generated code and increasing confidence in the quality of your codebase. Scan and audit your codebase in the CI pipeline (it’s CICD agnostic), make changes right in your IDE, apply quick fixes with a level of control you want, and keep seeing your products improve.
Check the official Qodana page or X (Twitter) account for more Qodana updates in general or view the documentation for technical answers.
Subscribe to Qodana Blog updates
