SonarQube review by a Hybris Developer
Updated May 08, 2022

SonarQube review by a Hybris Developer

shaurya jain | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source

Overall Satisfaction with SonarQube

We use SonarQube in our project to basically calculate the code quality report mostly, in that report we test for the bugs, vulnerabilities, code smells, code issues, criticals, blockers, major & minor issues, and also calculate the code coverage of junits. We also set the quality profile which contains the rules which we set according to the rules we follow in our project and on that basis, we generate the junit coverage report.

One business problem I mostly faced was that if we had run the server once, and tried to run it again if we closed it, then it does not run and closes automatically. To run the server again we have to restart the system, then only it works, so those issues can be resolved.

The scope of my case is to generate the code quality report for the codebase in our project according to the custom quality profile we add in SonarQube.
  • Generating code quality report
  • Calculates junit coverage of the codebase very efficiently and precisely
  • Highlights the bugs and vulnerabilities in our codebase
  • Informs the user of the improvements which can be done to the code to make it cleaner
  • SonarQube also suggests remediation and resolution of the problems it highlights
  • Importing a new custom quality profile on SonarQube is a bit tricky, it can be made easier
  • Every second time when we want to rerun the server, we have to restart the whole system, otherwise, the server stops and closes automatically
  • When we generate a new report a second time and try to access the report, it shows details of the old report only and takes a lot of time to get updated with the details of the new and fresh report generated
  • For our organisation, the most important feature is to generate the code quality report
  • We also use it for calculating the junit coverage of the total code base along with the new codebase added
  • It also helps in highlighting the faults and errors like bugs, vulnerabilities, code smells, etc
  • SonarQube made our code clean and efficient
  • SonarQube make our code short and avoid bad code practices
  • SonarQube restricts all the loopholes and vulnerabilities which can be used by hackers and for phishing attacks
  • SonarQube makes the code more secured
I have used other tools like SoapUI and Postman, but their working and use case are totally different from the SonarQube, so basically cannot compare SonarQube with them. We use SonarQube in our project to basically calculate the code quality report mostly. In that report, we test for the bugs, vulnerabilities, code smells, code issues, criticals, blockers, and major & minor issues and also calculate the code coverage of junits. But with the help of Postman, we send the API request to the server, and with SoapUI, we create the mock data in our local the create the server calls in our local.

Do you think SonarQube delivers good value for the price?

Yes

Are you happy with SonarQube's feature set?

Yes

Did SonarQube live up to sales and marketing promises?

Yes

Did implementation of SonarQube go as expected?

Yes

Would you buy SonarQube again?

Yes