SonarQube Support Reviews & Ratings 2022

Q: What are SonarQube's top competitors?

Veracode , Checkmarx , and Snyk are common alternatives for SonarQube.

SonarQube

Starting at $150 100,000 Lines of Code

View Pricing

Overview

Recent Reviews

SonarQube review by a Hybris Developer

May 08, 2022

We use SonarQube in our project to basically calculate the code quality report mostly, in that report we test for the bugs, …

SonarQube, the best choice for a Static Code Analysis tool leveraging application security at large

April 26, 2022

SonarQube is being used in my organization as an Static Application Security tool which will detect the security issues in code and will …

Using SonarQube professionally for more than 7 years and fully recommend it to any Software Engineer

November 05, 2021

SonarQube is used as part of the build process (Continuous Integration and Continuous Delivery) in all Java services to ensure a high …

Code Quality Improvements Made Easy

November 04, 2021

We use SonarQube to check and ensure Java code quality as part of our development process. With built in suggestions for coding …

SonarQube wins!

October 14, 2021

Used across the organization for static code analysis.

An important tool to implement Secure SDLC practices

September 22, 2021

SonarQube is the static security code analysis tool used in the organization. It is integrated with Continuous Integration pipelines of …

SonarQube: The go-to tool for code quality

June 20, 2021

SonarQube is currently used in silos in our organizations. One of our departments is using it full-time for all their code repositories …

SAST Tools selection - SonarQube to the rescue

May 20, 2021

We use [SonarQube] for static scans for all custom apps at JLL

Quality archway for projects

May 03, 2021

We are using it currently while building a .NET CI\CD pipeline for an automated analysis of our code quality and all the vulnerabilities …

Code scanning for developers

April 30, 2021

Our organization has a dedicated static security scanning tools we run against our code to check for vulnerabilities. While the security …

Great tool to keep your code clean

April 30, 2021

We use SonarQube to scan our code for vulnerabilities and code "smells." SonarQube is wired into our continuous integration software …

Excellent tool for enforcing good coding practices and conventions

February 26, 2020

Our development team uses SonarQube in our web applications during out continuous integration check-in process.

The business problem we had …

Sonarqube is a worth static analysis tool

June 29, 2019

Excellent static analysis tool for identifying potential issues with your code. Sonarqube is easily integrated with your CI/CD workflow, …

SonarQube is the final solution for all your code quality checkups

June 05, 2019

We use SonarQube for the coding standards we follow within the organization. Whatever be the output executable of the code, the quality of …

SonarQube : perfect SONAR for your code

September 13, 2017

SobarQube is used by the whole department. We use it for code quality analysis and to check code coverage. Also we use it to know the code …

Reviewer Sentiment

N/A

Positive ()

N/A

Negative ()

Learn how we calculate reviewer sentiment

Awards

Reviewer Pros & Cons

View all pros & cons

Informs the user of the improvements which can be done to the code to make it cleaner
Importing a new custom quality profile on SonarQube is a bit tricky, it can be made easier

shaurya jain

digital tech developer associate

Accenture (Information Technology & Services, 10,001+ employees)

Highlight suspicious code snippets that developers should review
The community version have some issues, example Integrating with Azure or Single Sign On

Debobrata Bose

Solution Architect

Danske IT and Support Services India Pvt Ltd (Financial Services, 10,001+ employees)

Video Reviews

Leaving a video review helps other professionals like you evaluate products. Be the first one in your network to record a review of SonarQube, and make your voice heard!

Record

Pricing

View all pricing

Community

Free

On Premise

Developer EDITION

Starts at $150

On Premise

100,000 Lines of Code

Enterprise EDITION

Starts at $20,000

On Premise

1 Million Lines of Code

Entry-level set up fee?

No setup fee

For the latest information on pricing, visithttps://www.sonarsource.com/plans-and…

Offerings

Free Trial
Free/Freemium Version
Premium Consulting / Integration Services

Features Scorecard

No scorecards have been submitted for this product yet..

Product Details

What is SonarQube?

SonarQube is a tool for continuously inspecting Code Quality and Code Security, and guiding development teams during code reviews. SonarQube provides remediation guidance for 27 languages so developers can understand and fix issues, and so teams can deliver better and safer software. SonarQube integrates into the user's workflow to provide the right feedback at the right time: in-IDE with SonarLint, in pull requests, and in SonarQube itself. Boasting over 225,000 deployments helping small development teams and global organizations, SonarQube provides a means for teams and companies around the world to own and impact their Code Quality and Code Security.

SonarQube Features

Supported: Code Quality and Code Security
Supported: Developer workflow integration
Supported: Deep support for the Clean as You Code methodology

SonarQube Integrations

GitLab
Bitbucket
ALM Integration available for GitHub
Azure DevOps - self-managed & in-cloud
CI integrations with: Jenkins
GitHub Actions
GitLab CI
Bitbucket Pipelines
Azure DevOps Pipelines
SCM integrations with: Git
Subversion
Authentication integrations with: GitHub
LDAP
SAML
HTTP headers

SonarQube Competitors

SonarQube Technical Details

Deployment Types	On-premise, SaaS
Operating Systems	Windows, Linux, Mac, Cloud
Mobile Application	No
Supported Countries	Global
Supported Languages	Community localization plugins support several languages.

Comparisons

View all alternatives

Compare with

Veracode

Score 9.0 out of 10

Compare

GitHub

Score 9.0 out of 10

Compare

Micro Focus Fortify on Demand

Score 7.9 out of 10

Compare

Checkmarx

Score 5.4 out of 10

Compare

CAST Highlight

Score 9.0 out of 10

Compare

GitLab

Score 8.9 out of 10

Compare

Black Duck Software Composition Analysis (SCA)

Score 8.9 out of 10

Compare

Codacy

Score 10.0 out of 10

Compare

JFrog Artifactory

Score 8.2 out of 10

Compare

ReSharper

Score 9.4 out of 10

Compare

Frequently Asked Questions

What is SonarQube?

SonarQube (formerly Sonar) is an open source application security solution.

What are SonarQube's top competitors?

Veracode, Checkmarx, and Snyk are common alternatives for SonarQube.

Who uses SonarQube?

The most common users of SonarQube are Enterprises (1,001+ employees) from the Information Technology & Services industry.

Reviews and Ratings

(52)

Ratings

Support Rating (2)

9.0

90%

Reviews

(1-1 of 1)

Sort by

Popular Filters

Companies can't remove reviews or game the system. Here's why

February 26, 2020

Excellent tool for enforcing good coding practices and conventions

Verified User

Professional in Information Technology

Insurance Company, 51-200 employees

Score 9 out of 10

Vetted Review

Verified User

Review Source

Support Rating

We we easily able to integrate the SonarQube steps into our TFS process via the Microsoft Marektplace, we didn't have the need to call SonarQube support. We've used their online documentation and community forum if we ran into any issues.