Item: SonarQube
Rating: 9
Author: Gabriel Freire

Use Cases and Deployment Scope

It's always best to catch bugs and other code issues as soon as possible, especially when people from different teams and time zones touch the same code. While code reviews are obviously still necessary, SonarQube does filter the code seamlessly so that obvious issues are immediately detected and resolved. In some cases, there is customisation required for the general best practice rules and SonarQube accommodates this.

Pros and Cons

Static code analysis
Code best practices

Quality profile selection

Most Important Features

Static Code Analysis
Security Issue detection
Code Smells detection

Return on Investment

Positive Impact: Less bugs

Key Insights

Do you think SonarQube delivers good value for the price?

Yes

Are you happy with SonarQube's feature set?

Yes

Did SonarQube live up to sales and marketing promises?

I wasn't involved with the selection/purchase process

Did implementation of SonarQube go as expected?

Yes

Would you buy SonarQube again?

Yes

Likelihood to Recommend

A scenario that is particularly useful is integrating SonarQube into a Github Actions pipeline so that before any new Pull Request is reviewed and/or merged, you know whether the new code is clean of bugs or major issues.
It is also useful to create custom Quality Profiles to educate new developers that join the company.

Great Code Analysis Tool

Overall Satisfaction with SonarQube