Sign in
Categories
Your Saved List Partners Sell in AWS Marketplace Amazon Web Services Home Help

SonarQube Server Ready with Support from Linnovate

Linnovate - Open Source Innovation | 1.3.1

Linux/Unix, Ubuntu 20.04 - 64-bit Amazon Machine Image (AMI)

Reviews from AWS Marketplace

0 AWS reviews
  • 5 star
    0
  • 4 star
    0
  • 3 star
    0
  • 2 star
    0
  • 1 star
    0

External reviews

31 reviews
from G2

External reviews are not included in the AWS star rating for the product.


    Debnita G.

One of the most helpful tool to get the Perfect code coverage and improving coding standards

  • September 09, 2021
  • Review provided by G2

What do you like best?
The best thing is the code smell detected by the sonarqube and it also indicates if there is any code vulnerability.
What do you dislike?
It would be good if there is any way to download the report and share it with teams.
What problems are you solving with the product? What benefits have you realized?
We look at the test case coverage and try to increase the coding standard with the help of Sonarqube.
Recommendations to others considering the product:
This is the best tool to check the Test case coverage and detect any security hole/ code smell in the application. The suggestions given by the sonarqube highly help to increase the coding standard.


    Banking

Code Analysis by Sonar

  • September 08, 2021
  • Review provided by G2

What do you like best?
Scanning the source code is a basic requirement to identify the gaps. Sonar does it very efficiently and also you can create your own custom rules and quality gates. It provides you all the info about code coverage, bugs, reliability , vulnerability, code smells etc that you can fix and make sure a issue free code delivery. It has good ui for the reports to analyze and can send automated notifications to subscribers on each scans. It also can be easily integrated with CI pipeline to make it more effective and improve the over code quality
What do you dislike?
Setup of project to scan the codes and cost issues due to branching - it used to consider each branch code as a separate repo which was fixed in one of the recent release so the only issue is cost
What problems are you solving with the product? What benefits have you realized?
Scanning code as part of CI pipeline in an automated way and send notification to stakeholders. Since we use multiple technologies we needed something that can support across tech stack and in an automated manner


    Medical Devices

Really about the Cloud.

  • November 11, 2020
  • Review verified by G2

What do you like best?
It's super easy to connect to your organization and get started.
Allows for the flexibility of authentication to use GitHub or other authentication mechanisms.
You can choose to do all of your repos or just select ones.
Has more advanced features that you can integrate with as you gain experience with (and clean up your house) such as using it as a pass/fail during pull or merges, checking for code coverage etc.
What do you dislike?
Some of the navigation is a bit confusing and they could still improve how branches are handled and make it simpler to use in that regard.
What problems are you solving with the product? What benefits have you realized?
Showing security compliance with OWAP top 25, Code coverage, Code complexity. Allows us to focus in on trouble spots in our code.


    Human Resources

Great solution, lousy licensing

  • September 20, 2020
  • Review verified by G2

What do you like best?
Continuous code inspection has a great deal of benefits, from increasing team velocity through first pass code reviews, to reduced maintenance costs. My favorite feature of SonarQube, however, is the IDE integration between SonarQube (server-side) and SonarLint (client-side). By allowing rules / qualify profiles to be centralized, we are able to essentially have a spell-checker for our code, while it is in active development, helping to shift feedback about as far left as it can get.
What do you dislike?
The pricing model is prohibitive as many critical features are found only in higher tiered versions of the application. One in particular is high-availability. Any corporation making SonarQube a part of their delivery pipeline essentially is required to get the highest tiered version of the application to have HA capabilities and boy will it cost you.
What problems are you solving with the product? What benefits have you realized?
Reduced code review times. Improved readability and maintainability. Helps to educate junior developers with explanation of the violations and examples for how to be in compliance.


    Prathamesh S.

SonarQube - The go to static code analysis tool

  • September 18, 2020
  • Review verified by G2

What do you like best?
The ability to run my scans against a default set of code rules (in the free version) or to run it against an organisation wide set of rules (paid versions).

Sonarqube also provides a plugin for IntelliJ which makes it very easy for me to run the static code analysis straight out of my IDE as soon as I make the changes.

The integration with Jenkins also is one of the biggest benefits. Makes the whole process smooth and the ability to add the concept of tollgate makes it a great feature for enterprise applications.
What do you dislike?
Setup can be a bit challenging, considering the latest version requires Java 11 and we had a challenging time setting up the system due to various issues faced with other components not being compatible with Java 11.
What problems are you solving with the product? What benefits have you realized?
Code Quality Metrics, Static code analysis and bad coding practice detection.


    Information Technology and Services

Nice tool for static code analysis

  • August 31, 2020
  • Review provided by G2

What do you like best?
It is really time saving to complete the development by using Sonar Qube as it will do the static code analysis at initial development phase itself
What do you dislike?
I've used it along with VS Code editor and it seems to be working fine.
What problems are you solving with the product? What benefits have you realized?
Mainly the problems related to static code analysis.


    Cha Y.

My opinion about SonarQube

  • August 12, 2020
  • Review verified by G2

What do you like best?
What I like the most about this program is that it performs a very high-quality analysis of the source code, and this makes the code much more reliable, and also reduces potential errors in the projects that are carried out.
Another thing that I really like is the ability to support different languages, and to that is added the use of characters such as C, C ++, Python and many others.
It is quite adaptable to the needs that are required in terms of quality adjustments, and allows to generate checks and projects that respond effectively to what is required.
What do you dislike?
One of the things I dislike about this tool is that it takes a great deal of effort to get everything up and running. Additionally, you need to balance quantity and quality in order to produce low-quality code that is functional.
Likewise, a mechanism that evidences the real quality in the mutation tests is not shown, although numbers appear, these can be modified.
What problems are you solving with the product? What benefits have you realized?
With the help of this program I identify technical problems in the codes I generate, in this way I avoid or reduce vulnerability factors, and in turn reduce errors in the codes.
One of the benefits that seem most outstanding to me is the ability of the tool to track the origin of errors in the codes. Also, the ability to adapt to user specifications, which allows greater customization in projects.
With the help of this program I identify technical problems in the codes that it generated, in this way I avoid or reduce vulnerability factors, and in turn reduce errors in the codes.
One of the benefits that seem most outstanding to me is the ability of the tool to track the origin of errors in the codes. Also, the ability to adapt to user specifications, which allows greater customization in projects.
Recommendations to others considering the product:
It is important when using this tool, take into account that not all IDE codes can be used in SonarQube, so you have to be aware when selecting them. Similarly, the security terms of the code must be taken into account, these could be better.


    Mansi J.

Very concise analytics tool with good visualization design choices.

  • July 27, 2020
  • Review provided by G2

What do you like best?
Code smell detection and quality checks! Great feature for bugs and errors as well as integration with Jenkins.
What do you dislike?
It would be nice to have suggestions from team members to the code smells and assign other people to take care of certain bugs/issues
What problems are you solving with the product? What benefits have you realized?
Have a more robust test suite.
Recommendations to others considering the product:
Keep checking your code for this!


    Mansi S.

Great for quality check of software

  • March 07, 2020
  • Review provided by G2

What do you like best?
Sonarqube is used for quality check for the software which is under development . I have found so many bugs , vulnerabilities and code smells using sonarqube and then after I minimized them which improved my code quality. SonarQube is very good.
What do you dislike?
Initial setup for the Sonar Qube is very irritating and troublesome . I got hanged so many times in its setup.
What problems are you solving with the product? What benefits have you realized?
I have used sonar Qube in many projects of my company. I have minimized so many bugs , vulnerabilities and code smells by finding them using Sonar Qube. It helps me for quality check and refactoring of my code.


    Thati S.

A must tool for the code quality i.e. Sonarqube

  • November 29, 2019
  • Review verified by G2

What do you like best?
These are the below points i love to use it
1) Sonarqube integration to the continuous integration pipelines
2) Graphical viewing & lists the detail description of code bugs, Vulnerability, code smells & time taken to solve the code smells, detecting the duplicate lines & Code coverage
3) integrating the unit test cases to the existing pipelines & reflecting the same in the sonarqube dashboard
4) We have approx 26 tools in the market compare to all i feel like sonarqube is having the most number of pros.
5) In terms of the security features i could see it holds the number one in the market.
6) Integrating the fortifyscan with the sonarqube gives the best result in terms of the security.
7)For the developer it gives the detail description were exactly the code is lacking as per the market standards
What do you dislike?
The only dislike i have is
When ever developer writes any code they use to have habit to use the #(comment)ing the lines if necessary but sometimes sonarqube will detect those are errors,
What problems are you solving with the product? What benefits have you realized?
As discussed in the likes especially i like the way it differentiate the code smells, code bugs, vulnerabilities, Time taken to solve the vulnerabilities, Duplicate lines & code coverage
Recommendations to others considering the product:
Folks, As i said there are 26 tools in approx there in the market w.r.t code quality compare to all the other tools were in terms of dashboard, Security, Easiness, Comfort, depicting the change & etc will be observed in the sonarqube, So i strongly recommend this tool for the business needs to get the quality work

Finally i can say if you want quality & security then sonar qube is the best tool in the market