The business problem we had …
Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards
Leaving a video review helps other professionals like you evaluate products. Be the first one in your network to record a review of SonarQube, and make your voice heard!
Starts at $150
Starts at $20,000
Entry-level set up fee?
- No setup fee
- Free Trial
- Free/Freemium Version
- Premium Consulting / Integration Services
SonarQube is a tool for continuously inspecting Code Quality and Code Security, and guiding development teams during code reviews. SonarQube provides remediation guidance for 27 languages so developers can understand and fix issues, and so teams can deliver better and safer software. SonarQube integrates into the user's workflow to provide the right feedback at the right time: in-IDE with SonarLint, in pull requests, and in SonarQube itself. Boasting over 225,000 deployments helping small development teams and global organizations, SonarQube provides a means for teams and companies around the world to own and impact their Code Quality and Code Security.
- Supported: Code Quality and Code Security
- Supported: Developer workflow integration
- Supported: Deep support for the Clean as You Code methodology
|Deployment Types||On-premise, Software as a Service (SaaS), Cloud, or Web-Based|
|Operating Systems||Windows, Linux, Mac, Cloud|
|Supported Languages||Community localization plugins support several languages.|
- For our organisation, the most important feature is to generate the code quality report
- We also use it for calculating the junit coverage of the total code base along with the new codebase added
- It also helps in highlighting the faults and errors like bugs, vulnerabilities, code smells, etc
- Jenkins, Bitbucket, Gradle and Travis CI etc are some of the popular tools that integrate with SonarQube i.e. CI-CD Integrations
- Getting feedback during code review
- Identify Technical Debts
- Identify and fix application vulnerabilities in code
- Automatic Quality Gate
- Static Code Analysis
- Security and Vulnerabilities scan
- Code Quality Checks
- CI / CD Integration
- IDE Integration
- Static code analysis
- Ease of set up
- Ease of integration with SSO
- Easy plugins to integrate with azure devops
- Security Ruleset
- Ease of integration with CI CD tools
- Intelligent Reporting
- Code quality determination.
- Ease of integration with Jenkins CI/CD.
- Integration with Github and code review process.
- Cloud setup
- Run scans on demand
- Integrate scans with builds
- We are currently using its community edition in our internal projects
- Apart from that we use its plugin in our azure devops pipeline to maintain our repository’s code quality
- Its bug spotting feature is also used by our organisation from time to time
- Code coverage metrics.
- Grades for applications.
- Code duplication metrics.
- Security is number one for sure.
- Code duplication.
- Code cleanup.