Secret > Development Software > Application Development Software > Sonarqube Promo Code > Sonarqube Reviews
sonarqube logo
Sonarqube reviews
4.6 (5 reviews)

SonarQube is an open-source platform designed for continuous code quality inspection. It automatically reviews code using static analysis to identify bugs, code smells, and security vulnerabilities across more than 20 programming languages. SonarQube offers comprehensive reports on duplicated code, coding standards, unit tests, code coverage, code complexity, potential bugs, and security risks. This tool aids developers and teams in managing and enhancing their code quality.

  • 01Pros and cons from reviewers
  • 02Main features
  • 03What is Sonarqube?
  • 04How Sonarqube compare to similar software?
  • 05Who is Sonarqube best for according to our reviewers?
  • 06Sonarqube reviews

Pros from reviewers

  • Integration with CI/CD tools: SonarQube can be easily integrated with CI/CD tools like Azure DevOps and Jenkins, making it a valuable tool for continuous integration and deployment workflows

  • Insights into vulnerabilities and threats: SonarQube provides detailed insights into code vulnerabilities and common threats, enabling developers to take necessary actions to ensure security and adhere to good coding practices

  • Customizable Quality Gates and Quality Profiles: SonarQube allows users to use default Quality Gates and Quality Profiles for code scanning, and even modify these to define their own rules, offering flexibility and control over code quality standards

  • Code Analysis and Reporting: SonarQube's Code Analysis feature provides detailed reports on code quality, offering solutions for enhancement and pointing out vulnerabilities and repetitive lines of code

  • PR Decoration and Analysis: SonarQube's PR decoration feature allows results to be visible in CI/CD tools, and commits to the master branch only if these pass, ensuring that only quality code is merged into the main codebase.

Cons from reviewers

  • Report generation can be time-consuming: Despite its many benefits, SonarQube can sometimes take a considerable amount of time to generate reports, which can slow down the development process

  • User interface could be improved: Some users have found the user interface of SonarQube to be less than optimal, suggesting that it could be made more user-friendly

  • Lacks a custom rule set: While SonarQube does offer default Quality Gates and Quality Profiles for code scanning, it does not allow for the creation of a custom rule set, limiting its flexibility

  • Somewhat costly: Some users have found SonarQube to be on the expensive side, which could be a barrier for smaller organizations or projects with limited budgets

  • Generates many false positives: SonarQube has been reported to generate a significant number of false positives, which can lead to unnecessary work and potential confusion.

Main features

Starting Price

N/A

Free Plan

No

Code Quality Management

Continuous Inspection

Integration Capability

Security Analysis

Language Support

What is Sonarqube?

SonarQube is an open-source platform designed for continuous inspection of code quality in over 20 programming languages. It automatically reviews code to identify bugs, code smells, and security vulnerabilities, providing detailed reports and a visual dashboard to highlight issues. SonarQube integrates with popular continuous integration tools and supports a governance model for better management of technical debt. Its primary aim is to assist developers in writing clean, safe code, thereby enhancing the overall software quality. It is an invaluable tool for development teams aiming to uphold high-quality standards in their software projects and implement best coding practices.

Who is Sonarqube best for according to our reviewers?

  • Software Developers: They can use SonarQube to detect code smells, unused lines of code, errors, and issues with third-party libraries. It provides accurate information about the location of these problems and offers solutions, making troubleshooting and fixing straightforward

  • Security Analysts: SonarQube is beneficial for these users as it offers insights into vulnerabilities and common threats, enabling them to take necessary actions to ensure security and adhere to good coding practices

  • DevOps Engineers: These users can integrate SonarQube with their CI/CD tools, such as Azure Devops and Jenkins. Features like PR decoration allow results to be visible in CI/CD tools, and commits to the master branch only if these pass

  • Project Managers: SonarQube's dashboard and reporting features allow these users to track code quality metrics and identify areas for improvement, aiding in effective code quality management and decision-making

  • Quality Assurance Teams: These users can use SonarQube to maintain code quality. They can utilize it to scan code after each JIRA story completion, which can significantly improve code quality and coding standards. The reports it generates are incredibly useful, as it calculates the quality of code and offers solutions for enhancement.

    • Sonarqube reviews

    4.6

    Sonarqube rating

    4.5

    Ease of use

    4.0

    Customer service

    4.5

    Value for money

    4.5

    Likelihood to recommend

    4.4

    Features

    5 Sonarqube reviews

    4.6 (5 reviews)

    • Sophia E

      Intuitive Interface and Comprehensive Dashboard in SonarQube

      The user interface of SonarQube is intuitive and easy to navigate. The dashboard provides a comprehensive overview of our project's health, making it easier to prioritize tasks

      May 6, 2024

    • Raymond M

      Excellent Instrument for Upholding Coding Quality Standards

      I appreciate the PR analysis and Bitbucket integration of SonarQube as it helps prevent new issues. However, I think the tool needs several enhancements. First, the number of rules should be increased. Second, some rules should allow custom exclusions, like permitting organization-specific words to be capitalized in naming conventions. Third, the tool generates many false positives. Fourth, executive reports should be scheduled to ensure all projects are included. Currently, if a report is generated for the first portfolio calculation, the remaining projects for that day are missed, which can lead to misunderstandings with higher management. Lastly, PR analysis reports should be generated faster. I value the vendor's response and their invitation to join the SonarSource Community Forum for further discussion and transparency.

      April 27, 2024

    • Bobby G

      Seamless Integration of SonarQube in CI/CD Pipeline.

      SonarQube's integration with our CI/CD pipeline has been seamless. It has helped us catch potential issues early in the development cycle, saving us valuable time and resources

      April 23, 2024

    • Jason Martinez

      SonarQube: Enhancing Code Quality for Developers

      As a software developer, I find SonarQube to be an invaluable tool for maintaining code quality. Its ability to detect bugs, vulnerabilities, and code smells in real-time has significantly improved my productivity

      April 16, 2024

    • Paul

      Top-notch Tool for Enhancing Code Quality

      I am finding great value in using SonarQube for maintaining code quality. I utilize it to scan code after each JIRA story completion, which has significantly improved my code quality and coding standards. The reports it generates are incredibly useful, as it calculates the quality of code and offers solutions for enhancement. It points out vulnerabilities and repetitive lines of code, making it a very developer-friendly tool. It also provides recommendations on lines of code that need improvement and can generate scan reports on demand. There's even an option to add exceptions in code. However, I have noticed that report generation can sometimes be time-consuming and the user interface could be improved. It also lacks a custom rule set and is somewhat costly. I switched to SonarQube because it offers a better quality percentage and provides more insights.

      April 13, 2024

    1 to 5 of 5 results

    Save on the best SaaS with Secret.

    Secret has already helped tens of thousands of startups save millions of dollars on the best SasS like Sonarqube and 391 more. Join Secret now to buy SaaS the smart way.

    Join Now