Static Code Analysis tools that work well with unity

KHagen95 · May 12, 2020, 12:32pm

Hey!

I’m currently looking into static code analyzers and how to best apply/use them in conjunction with unity. We would like to integrate them into our CI pipeline too.

I see SonarQube popping up again and again but I feel like it might not be the best solution. My main concern here is the issue with them not recognizing Unitys callbacks like Update etc. From what I’ve read it seems like they simply ignore all private methods in classes deriving UnityEngine.Object.

I feel like this renders it virtually useless, if potentially large parts of the project won’t even be analyzed. I’m also a bit concerned about their pricing, which seems to be by line of code. How does this check out with ThirdParty-Plugins, code shared between projects, meta files etc?

I also somehow question the necessity of static code analysis in general, since all our developers are using either rider or the resharper plugin for visual studio, which provides code analysis inside of the IDE anyways.
Is it still useful to have another tool, that does practically the same?

On that note: Both, rider + resharper, work contextually well with unity. Having a static analyser that doesn’t would feel useless to me. So if I could use their reports that might be the best case scenario.

My general question would be: What experience do you have with static code analysis in the unity context and which tools are you using? How do you integrate these into your CI pipelines?

PaulEremeeff · May 18, 2020, 11:43am

Hi,

you can try PVS-Studio static analyzer for C#. Although a general-purpose static analyzer for C# language, PVS-Studio is currently implementing the support for specific Unity types and APIs. It also can be used for free for non-enterprise users.

If you are interested in Rider integration, there is also currently a beta test running.

To answer your question regarding the defaulr Resharper\Rider static analyzers - as I always say - the more the better - if you can afford an additional static analysis tool, it will always find something new, as there are no any two tools that are 100% identical. Subjectively, you can use PVS-Studio for a deeper interprocedural analysis, detection of potential misprints, etc. It will also provide more ways (than default Rider\Resharper solution) for CI\CD integration, and it also even integrates with SonarQube itself. Though, I must admit, that I am affiliated with PVS-Studio, so you should take everything I say with a grain of salt )

vitaly_unity46 · December 13, 2021, 10:44am

KHagen95, what was your choice at the end?
I’m DevOps guy and SonarCloud was my default service for a few years, but there is some issues with Unity - I couldn’t run the scan…

Topic		Replies	Views
Linters and Unity Unity Engine Scripting	4	7222	May 16, 2021
Static Code Analysis on Unity project Unity Engine Scripting , Mono	2	5054	June 16, 2024
Expose .sln and .csproj generation Unity Engine Code-Editors-and-IDEs , Feedback	20	5063	June 10, 2025
Sonarqube And Unity (code Quality) Unity Engine Testing-and-Automation , Question	29	17470	July 28, 2022
Code quality measurment for Unity projects Questions & Answers legacy-topics	1	3801	December 12, 2013

Static Code Analysis tools that work well with unity

Related topics