SonarQube: The mandatory tool to elevate your code quality quality
February 06, 2023
SonarQube: The mandatory tool to elevate your code quality quality
Score 10 out of 10
Vetted Review
Verified User
Overall Satisfaction with SonarQube
We use SonarQube to analyze our codebase, the main goals are detection of code smells, security vulnerabilities, and performance issues, also to measure our test coverage. It is part of the continuous integration process. We perform analysis in different languages like Java, JavaScript, Typescript, and Python. We are planning to include new ones, like scala and PHP.
Pros
- Code complexity detection
- Code smell detection
- Provides good default rules
- Huge language support
- Easy setup
- Easy integration with common build tools
- Great fix proposals, and issues description
Cons
- It doesn't provide automatic pull request with fixes
- It doesn't provide insights about the libraries of the projects
- The administration management user interface could be simplified
- It doesn't provide an order to fix issues, like archives with more and frequent commits have top priority
- Code smell detection
- Test coverage measurement
- Security issues detection
- Higher code we quality
- Fewer bugs in production
- Simplify the pull request flow
Do you think SonarQube delivers good value for the price?
Yes
Are you happy with SonarQube's feature set?
Yes
Did SonarQube live up to sales and marketing promises?
I wasn't involved with the selection/purchase process
Did implementation of SonarQube go as expected?
Yes
Would you buy SonarQube again?
Yes
Comments
Please log in to join the conversation