Sign in
Sign in
or
Create a new account
Categories
Your Saved List Become a Channel Partner Sell in AWS Marketplace Amazon Web Services Home Help

SonarQube™ packaged by 12 Tech

12 Tech | 1.0

Linux/Unix, Amazon Linux Amazon Linux 2 - 64-bit Amazon Machine Image (AMI)

Reviews from AWS Marketplace

0 AWS reviews
  • 5 star
    0
  • 4 star
    0
  • 3 star
    0
  • 2 star
    0
  • 1 star
    0

External reviews

66 reviews
from G2

External reviews are not included in the AWS star rating for the product.

    Ethan B.

Sonarqube is a great tool for monitoring codebases.

  • April 18, 2024
  • Review verified by G2

What do you like best about the product?
Quick, easy way to see major issues with code, duplications, security issues, etc. Easy to setup and maintain. Support has been very quick and helpful when I have needed them.
What do you dislike about the product?
While it supports a decent ammount of prgoramming languages, it definitely doesn't support all of them. Specifically Dart projects in Flutter which we use for mobile app developement (though apparently there are plans to add it in the future).
What problems is the product solving and how is that benefiting you?
It helps us to make sure we are not duplicating code, using depricated libraries and methodes, and helps to identify any security issues.

    murthy g.

SonarQube Review

  • April 18, 2024
  • Review verified by G2

What do you like best about the product?
It's very easy to use and the customer support is fantastic. Very easy to integrate with other tools like TeamCity.
What do you dislike about the product?
Nothing in special we dislike about the product.
What problems is the product solving and how is that benefiting you?
We have been using sonar for Statis code analysis.

    Hospital & Health Care

Best performance/cost SAST tooling

  • April 18, 2024
  • Review verified by G2

What do you like best about the product?
- We are using a self hosted SonarQube server - hosting and upgrading our instance is a relatively painless process. The online documentation is clear and easy to follow
- The SonarQube scanner integrated easily into our existing Bitbucket and Cloud Build CI/CDs
- When comparing the findings with other SAST tooling, out-of-the-box SonarQube analysis had a low false positive rate, yet found extensive legitimate security/code quality issues
- Very happy with the speed of analysis, completes in only a few minutes on large repos (an order of magnitude faster than certain other SAST services)
- Surprised that language support is actually slightly better than documented - we were able to sucessfully analyze projects with older versions of .NET framework (4.5 and 4.0) than indicated in the documenation
- The triage and review process is easy for individual teams to execute on a regular basis
- The WEB API is well documented and enabled automating steps around user maintenance
- Bitbucket OAuth worked seamlesses to onboard users
- Installing additional plugins is also easy - we use Dependency-Check to add SCA to projects
- Bug fixes and features added to each new release are well documented, I appreciate being able to review all changes on the sonarsource atlassian page (and not just rely on the high-level marketing notes)
What do you dislike about the product?
- While SonarQube is a SAST tool, better support for SCA would be beneficial. The Dependency-Check plugn does not integrate well into the existing triage/remediation process.
- Other tooling does a better job of proving a high level overview of users and their productivity, ie. # of assigned open issues by engineer, # of fixed issues by engineer, etc.
What problems is the product solving and how is that benefiting you?
SonarQube enables us to perform code and security analysis and comply with our internal security procedures, with clear visibilty into the process via it's clean dashboards. SonarQube's bug and code smell detection has also reduced our technical debt and improved overall codebae quality.

    Computer Software

Simple to set up, use, and provides useful feedback on code quality

  • April 18, 2024
  • Review provided by G2

What do you like best about the product?
- The basic setup (automated analysis) is as simple as it gets to integrate with GitHub and supported languages
- The language-specific rules are of good quality and we rarely encounter false positives
- The overview it provides of the code quality trends is particularly nice
What do you dislike about the product?
- Manual setup could be documented better (it is not always fully clear which properties you need to define and why)
- There is no way to manually trigger an analysis with an automated analysis setup, which is sometimes necessary as the GitHub application "bugs out" and doesn't provide an analysis
What problems is the product solving and how is that benefiting you?
It is generally difficult to track code quality across different projects, and SonarQube offers a simple way with not much additional overhead to track and analyse code quality for each project.

    Damien G.

SonarQube: Help Developers to accelerate their productivity

  • April 18, 2024
  • Review verified by G2

What do you like best about the product?
Using SonarQube transformed our development process by providing comprehensive code analysis. it identified and flagged code smells, bugs and security vulnerabilities enabling our team to address them early in the development cycle
What do you dislike about the product?
Difficult to integrate with. Low integration with other ecosystem especialy with Kubernetes/Openshift.
What problems is the product solving and how is that benefiting you?
code analysis

    Dimitar K.

SonarQube as part of SDLC

  • January 24, 2024
  • Review provided by G2

What do you like best about the product?
The tool is really good for Static Code Analysis - detecting bugs, vulnerabilities and code smells. CI/CD pipeline integrations are really usesfull and cruical as part of the SDLC. Another great feature is the custom rules - for the advanced users. Apart from theese things - combination with SonarLint is great!

Last but not least eveyone can start with the free version and check if it will match their way of working - which is not available for many other tools!
What do you dislike about the product?
It would be great if there is better dependencies report!
What problems is the product solving and how is that benefiting you?
It's part of our Secure code review!

    Sundarrajan G.

Sonar qube

  • November 28, 2023
  • Review provided by G2

What do you like best about the product?
If you don't have much budget to go for sast products, it's good to go for this product, it's good and provides most of the best practices.
What do you dislike about the product?
It's not easy to integrate with cicd pipeline also you might not get very frequent or recent security recommendation like the commercial products.
What problems is the product solving and how is that benefiting you?
If you don't have much budget to go for sast products, it's good to go for this product, it's good and provides most of the best practices.

    NItin K.

Awesome tool for integrated static code analysis along with code smells

  • October 27, 2023
  • Review verified by G2

What do you like best about the product?
Amazing user interface, fast learning curve, faster installation and deployment, good customer support, security scanning features and code smells
What do you dislike about the product?
lacks in good graphs and reports generations, not very easy to customize the reports and export them, webAPI is not value for money
What problems is the product solving and how is that benefiting you?
Helps in fiding the vulnerabilities in our products and give early detection,. Its able to intergrate well with all our build chain.

    Kaviraj R.

Best Code Quality Analysis tool : SonarQube

  • October 07, 2023
  • Review verified by G2

What do you like best about the product?
SonarQube is its ability to identify and highlight code quality issues. It can detect coding errors, code smells, and potential bugs, enabling developers to fix them before they become more significant problems
What do you dislike about the product?
SonarQube can be complex and difficult to configure
community version can only be integrated with one branch, and the enterprise version is expensive
What problems is the product solving and how is that benefiting you?
SonarQube helps identify issues like: Bugs, Code smells, Security hotspots, Other vulnerabilities.
Maintains code quality
Improves coding structure

    Mohit S.

Best tool to inspect code quality and detect bugs and very easy to use.

  • September 07, 2023
  • Review verified by G2

What do you like best about the product?
I like everything about SonarQube, It is best tool to make your code bug free and optimised. It analysis your code very fast and provide proper path of the issue in your code and also provide best suggestion to how to solve it.
What do you dislike about the product?
SonarQube is not snychronze with the IDE, from where I am solving the issues. Whenever I solve an issue I have to re-run the sonarQube to check whether the issue is solved or not. It is little time consuming.
What problems is the product solving and how is that benefiting you?
SonarQube is helping me to improve my code performance and make it bug free, It also suggest best coding practices which helps to increase my knowledge and learn standard coding.

showing 1 - 10