Sign in
Sign in
or
Create a new account
Categories
Your Saved List Become a Channel Partner Sell in AWS Marketplace Amazon Web Services Home Help

SonarQube™ packaged by 12 Tech

12 Tech | 1.0

Linux/Unix, Amazon Linux Amazon Linux 2 - 64-bit Amazon Machine Image (AMI)

Reviews from AWS Marketplace

0 AWS reviews
  • 5 star
    0
  • 4 star
    0
  • 3 star
    0
  • 2 star
    0
  • 1 star
    0

External reviews

86 reviews
from G2

External reviews are not included in the AWS star rating for the product.

    Medical Devices

Good tool, mixed experience with SonarSource

  • April 28, 2024
  • Review verified by G2

What do you like best about the product?
Good integration with CI tools. Supports many programming languages. Modern web UI.
What do you dislike about the product?
My experience as a SonarSource customer shows that they manifest little interest in small customers. In addition, their quality policy is poor when it comes to fixing major bugs in their code. For instance, this ticket has now been open for 1 year without any time frame for fix:
https://sonarsource.atlassian.net/browse/CPP-4175
This is unsatifying and quite ironical actually, for a company writing software for code quality.
What problems is the product solving and how is that benefiting you?
Static code analysis, discover potential bugs in code.

    josue d.

Good but I would like to have training courses

  • April 25, 2024
  • Review verified by G2

What do you like best about the product?
I like how complete the tool is, I like that I can have many users with different permissions
What do you dislike about the product?
I don't like the complexity of integrations
I don't like that there is no error documentation
I don't like that there are no training courses.
I would like a certification
What problems is the product solving and how is that benefiting you?
in ease of use, because it is easier to make demos that way

    theo g.

really Bad i have issues to implement on a repo sonaqube free edition

  • April 24, 2024
  • Review provided by G2

What do you like best about the product?
they sell that is good , i don't have a change to fully test
What do you dislike about the product?
complicated to implement , lack of documentation for diff version .
all points to developer edition of sonaclone that is expensive
What problems is the product solving and how is that benefiting you?
unable to make work , java errors for every where

    Kelli K.

SonarQube has Improved our Tech Debt!

  • April 24, 2024
  • Review verified by G2

What do you like best about the product?
We have implemented it across our org, and it has been awesome. Code coverage everywhere has gone up, more bugs are being fixed, and there is more visibility into team's tech debt.
What do you dislike about the product?
The one downside to the new versions is lack of support for older node versions. Our monolith is still using some old versions (which of course we need to work on upgrading!), keeping us from upgrading sonarqube.
What problems is the product solving and how is that benefiting you?
It is helping us increase code coverage across our whole organization, which is making for better code all around.

    Biotechnology

QA with SonarQube

  • April 24, 2024
  • Review verified by G2

What do you like best about the product?
The ease of use of SonarQube (in house we call it sqube) is vital to our teams in increasing the velocity of development
What do you dislike about the product?
The admin interface could be simplified. Also it does't automatically provide pull requests with fixes.
What problems is the product solving and how is that benefiting you?
In BioTech, safety is paramount. We use Sqube as a tool to show that we follow the latest trends to provide GxP methods found in the industry.

    Alan R.

Sonarqube is a great tool to help devs raise the quality of legacy code and new greenfield code

  • April 24, 2024
  • Review provided by G2

What do you like best about the product?
Identification of coding issues across whole codebases, while providing a manageable way to gradually improve the code quality over time by enforcing that new code is of good quality. Developers can be gently guided to better practices without having to solve thousands of code smells all at once. We can refactor code as we work in different areas without introducing new risk of regressions.
Easy to setup and manage and pretty hands off. It integrates well with Azure DevOps and our pull request and CI workflows.
What do you dislike about the product?
Some churn recently in how Sonarqube manages quality gates and what the bar is.
We have a number of limitations in our analysis, particularly in collecting code coverage information.
What problems is the product solving and how is that benefiting you?
Sonarqube provides a level of security review to our code changes.
Sonarqube helps developers maintain a high quality bar in the code they write, provides neutral guidance and learning without code reviewers having to nitpick every commit. Developers are guided to improve the code they touch, gradually helping improve the quality of older legacy codebases without making large changes and introducing regression risk.

    Computer Software

Effective static analysis for bugs and vulnerabilities

  • April 24, 2024
  • Review verified by G2

What do you like best about the product?
Being able to filter issues and assign them to different team members allows each developer to focus on high-priority issues. SonarQube allows you to enable to disable specific rules, and to set the severity of each rule. This further help to prioritize the issues needing attention.

When a developer determines that a particular issue should NOT result in a code change, they can mark that issue as "won't fix" and enter an explanation. This helps provide detailed reports.

SonarQube also provides clear, high-level overviews of the status of your software projects (for managers), along with reports (for customers). This helps take much of the communication burden off of the development team.
What do you dislike about the product?
Like any static analysis tool, there are occasional false-positives. And depending on your code, there may be issues flagged as "problems" which are really just stylistic differences or deviations from best practices.

But it is fairly easy to mitigate these issues. False-positives need to be reviewed, but the detailed analysis provided by SonarQube (including traces through earlier statements showing how the issue was identified) help with the review. As for issues that are merely stylistic differences, these can be given a lower severity rating or even eliminated by customizing the underlying rules.
What problems is the product solving and how is that benefiting you?
Identifies code quality issues. Helps us improve the reliability of our applications and reduce our technical support burden. Also helps us mature the code base, which makes subsequent development faster and easier.
Identifies code security issues. Helps us head off vulnerability crises and the need to develop hotfixes.
Reports the status of unresolved issues and unit test code coverage per project. Helps us track technical debt.
Reports the status of each project or application (set of projects) for consumption by customers. Meets requirements imposed by some customers, allowing certain sales to go through that would otherwise be blocked.

    Franco R.

A powerful tool for more powerful teams

  • April 24, 2024
  • Review verified by G2

What do you like best about the product?
This easy-to-configure tool increases code quality in no time
What do you dislike about the product?
It takes a bit to achieve the cultural change of the team necessary to take advantage of the insights reported by the tool
What problems is the product solving and how is that benefiting you?
We were able to resolve code errors and improve quality. We also increased test coverage by reducing the number of functional errors

    Soufiane M.

Wonderful tool to learn from your mistakes

  • April 24, 2024
  • Review verified by G2

What do you like best about the product?
* Comprehensive Code Analysis
* Very easy to use
* Very easy to integrate with existing CI/CD tools
What do you dislike about the product?
* Difficult to implement in a rigid environment
What problems is the product solving and how is that benefiting you?
Issues related to code quality
Recurrent mistakes that need to be taught to all new comers can be added as rules
Code Legacy

    Manufacturing

Sast tooling experience

  • April 24, 2024
  • Review verified by G2

What do you like best about the product?
SonarQubes ability to analyze the code at local build as well in CI/CD build add an important steps in improving the quality of the code. The recently added security analsyis of the code is very helpful for us for discovering any vulnerabily of the written code.
What do you dislike about the product?
Reporting can be further improved with slice and dice featues
What problems is the product solving and how is that benefiting you?
SonarQube is helping improve the code quality interms of security and as well as overall quality of the code

showing 1 - 10