Code Analyzer for ABL (CABL) is a third‑party plugin that integrates with the SonarQube platform. OpenEdge ships an optional Code Analyzer for ABL installer under install\CABL. Run it to add the plugin to Progress Developer Studio for OpenEdge.

Code Analyzer for ABL continuously analyzes and measures the quality of your code and highlights any problems. Code Analyzer for ABL also provides recommendations on how to fix the problem. This helps to achieve coding best practices and to improve product performance.

You can run Code Analyzer for ABL on a single file, a selection of files, or the entire project.

In Project Explorer, when you right-click a project and point to SonarQube, you can view the following options:
  • Analyze
  • Bind to SonarQube (Server, Cloud)
Similarly, when you right-click a file and point to SonarQube, you can view the following options:
  • Analyze
  • Exclude
You can manage Code Analyzer for ABL properties for a project by right-clicking the project and selecting Properties from the context menu. To view the properties, click the disclosure arrow to the left of SonarQube or double-click SonarQube.
  • Analyzer Properties — This property allows you to configure the analyzer options.
  • File Exclusions — This property allows you to choose the file(s) to be excluded from analysis.

To include the file again, select File Exclusions in your project Properties and then remove the specific file.

Code Analyzer for ABL allows you to review highlighted issues in the editor. To do this, place your cursor on the red circle marker on the left of the line of code.

To view Code Analyzer for ABL properties, open the Code Analyzer for ABL panel by selecting Window > Preferences > SonarQube.

The SonarQube page appears with various preferences. In the SonarQube markers severity list, you can choose the severity of the Code Analyzer for ABL marker.

To view the preferences, click the disclosure arrow to the left of SonarQube or double-click SonarQube.
  • Analyzer Properties — This page allows you to configure the analyzer options.
  • File Exclusions — This page allows you to choose the file(s) to be excluded from analysis.
  • Miscellaneous — This page allows you to provide usage statistics to the software provider anonymously.
  • Release Notes — This page allows you to find the latest Release Notes.
    Note: This page does not provide the Release Notes for all the versions.
  • Rules Configuration — This page allows you to enable the rules for analysis.

After modifying any of the preferences, click Apply or Apply and Close.

Views

In Developer Studio, to open the Code Analyzer for ABL views, select Window > Show View > Other.

The Show View window appears with the following options in the SonarQube view category:

  • SonarQube Bindings — This view connects your environment to a SonarQube server.
  • SonarQube Issue Locations — This view displays the exact location of each identified issue in your code.
  • SonarQube On-The-Fly — This view displays and updates issues in real time as you type.
  • SonarQube Report — This view opens by default when Developer Studio starts and provides a consolidated report of issues detected in the currently open file(s) or the overall project.
  • SonarQube Rule Description — This view displays full details for the selected rule—its purpose, severity, rationale, examples of compliant/non‑compliant code, and guidance to resolve the issue.
  • SonarQube Security Hotspots — This view highlights code areas that may require a security review. These are not confirmed issues; verify safe usage.
  • SonarQube Taint Vulnerabilities — This view shows vulnerabilities detected through taint analysis, indicating how untrusted data can flow to risky code paths.

Rules

Code Analyzer for ABL for OpenEdge and OpenEdgeDB are pre-configured with nine complementary rules. To enable those rules, select Window > Preferences > SonarQube. Open the Rules Configuration page and then expand the OpenEdge and OpenEdgeDB options to view and enable the nine rules for ABL code.

The following are the nine pre-configured rules available in OpenEdge and OpenEdgeDB:
  • OpenEdge
    • Backslash in string — highlight backslash character in strings, as they are compiled differently on UNIX and Windows
    • CAN-DO in WHERE clause — highlight the usage of CAN-DO in a WHERE clause, causing performance issues
    • Large transaction scope — highlight database operations (for example, FIND … EXCLUSIVE-LOCK or any statement that requires a transaction) that unintentionally expand the transaction to a much larger block—often the entire procedure or method—leading to longer lock durations, higher contention, and greater rollback impact
      Note: This rule appears in Progress Developer Studio for OpenEdge because the rules package is shared across Eclipse and VS Code; however, it cannot be executed in Eclipse/SonarLint due to current analysis limitations.
    • Outdated digest algorithm — highlight use of MD5-DIGEST, SHA1-DIGEST, or MESSAGE-DIGEST("SHA-1"), as these weak digests are collision‑prone and no longer considered secure.
    • Unused variables should be removed — highlight variables which are neither read nor written during the flow of execution
    • Valid yet clumsy ABL syntax — highlight unusual but compiler‑accepted syntax forms that reduce readability and may impact future parser support
    • Whole index — on database tables (if XML XREF is activated in PDSOE) 
  • OpenEdgeDB
    • No indexes — highlights table where no index is defined (applies to DF files)

To review the rule descriptions, right-click an issue in the SonarQube Report panel and click Rule description. The Rule Description panel is displayed with the details about the issue.

More customized rules can be created if needed. To know how to create rules, refer to SonarQube rules

For more information on Code Analyzer for ABL, refer to Get started with SonarQube and CABL - Code Analyzer for ABL.