SonarQube

SonarQube

Top Rated
About TrustRadius Scoring
Score 8.2 out of 100
Top Rated
SonarQube

Overview

What is SonarQube?

SonarQube (formerly Sonar) is an open source application security solution.
Read more

Recent Reviews

Read all reviews

Awards

Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards

Reviewer Pros & Cons

View all pros & cons

Video Reviews

Leaving a video review helps other professionals like you evaluate products. Be the first one in your network to record a review of SonarQube, and make your voice heard!

Return to navigation

Pricing

View all pricing

Community

Free

On Premise

Developer EDITION

Starts at $150

On Premise
100,000 Lines of Code

Enterprise EDITION

Starts at $20,000

On Premise
1 Million Lines of Code

Entry-level set up fee?

  • No setup fee
For the latest information on pricing, visithttps://www.sonarsource.com/plans-and…

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting / Integration Services
Return to navigation

Product Details

What is SonarQube?

SonarQube is a tool for continuously inspecting Code Quality and Code Security, and guiding development teams during code reviews. SonarQube provides remediation guidance for 27 languages so developers can understand and fix issues, and so teams can deliver better and safer software. SonarQube integrates into the user's workflow to provide the right feedback at the right time: in-IDE with SonarLint, in pull requests, and in SonarQube itself. Boasting over 225,000 deployments helping small development teams and global organizations, SonarQube provides a means for teams and companies around the world to own and impact their Code Quality and Code Security.

SonarQube Features

  • Supported: Code Quality and Code Security
  • Supported: Developer workflow integration
  • Supported: Deep support for the Clean as You Code methodology

SonarQube Integrations

  • GitLab
  • Bitbucket
  • ALM Integration available for GitHub
  • Azure DevOps - self-managed & in-cloud
  • CI integrations with: Jenkins
  • GitHub Actions
  • GitLab CI
  • Bitbucket Pipelines
  • Azure DevOps Pipelines
  • SCM integrations with: Git
  • Subversion
  • Authentication integrations with: GitHub
  • LDAP
  • SAML
  • HTTP headers

SonarQube Competitors

SonarQube Technical Details

Deployment TypesOn-premise, Software as a Service (SaaS), Cloud, or Web-Based
Operating SystemsWindows, Linux, Mac, Cloud
Mobile ApplicationNo
Supported CountriesGlobal
Supported LanguagesCommunity localization plugins support several languages.

Frequently Asked Questions

SonarQube (formerly Sonar) is an open source application security solution.

Veracode, Checkmarx, and Snyk are common alternatives for SonarQube.

The most common users of SonarQube are Enterprises (1,001+ employees) from the Information Technology & Services industry.
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

 (61)

Ratings

Reviews

(1-11 of 11)
Companies can't remove reviews or game the system. Here's why
Score 8 out of 10
Vetted Review
Verified User
  • For our organisation, the most important feature is to generate the code quality report
  • We also use it for calculating the junit coverage of the total code base along with the new codebase added
  • It also helps in highlighting the faults and errors like bugs, vulnerabilities, code smells, etc
Debobrata Bose | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User
  • Jenkins, Bitbucket, Gradle and Travis CI etc are some of the popular tools that integrate with SonarQube i.e. CI-CD Integrations
  • Getting feedback during code review
  • Identify Technical Debts
  • Identify and fix application vulnerabilities in code
Return to navigation