SonarQube(TM) packaged by Bitnami
Bitnami by VMware | 9.9.2-5-r08 on Debian 11Linux/Unix, Debian 11 - 64-bit Amazon Machine Image (AMI)
External reviews
External reviews are not included in the AWS star rating for the product.
Best tool to inspect code quality and detect bugs and very easy to use.
What do you like best about the product?
I like everything about SonarQube, It is best tool to make your code bug free and optimised. It analysis your code very fast and provide proper path of the issue in your code and also provide best suggestion to how to solve it.
What do you dislike about the product?
SonarQube is not snychronze with the IDE, from where I am solving the issues. Whenever I solve an issue I have to re-run the sonarQube to check whether the issue is solved or not. It is little time consuming.
What problems is the product solving and how is that benefiting you?
SonarQube is helping me to improve my code performance and make it bug free, It also suggest best coding practices which helps to increase my knowledge and learn standard coding.
- Leave a Comment |
- Mark review as helpful
One stop solution for analysing code and ensure quality
What do you like best about the product?
It provides all varieties of the code scans and enterprise provides branch-based analysis
What do you dislike about the product?
Opensource doesn't allow branch analysis
What problems is the product solving and how is that benefiting you?
SonarQube helps development teams build successful and secure applications as part of their CI pipeline.
Sonarqube review
What do you like best about the product?
Its a efficient tool using performing code review.easy to implement and getting reports very easily and we can integrate on serverless also on eks. It showing wonderfull results
What do you dislike about the product?
Actyally no dislikes. But one thing it has default h2 database better we have postgress
What problems is the product solving and how is that benefiting you?
Its generating code quality reports in efficient way. Its benifiting you very usefully
Sonarqube
What do you like best about the product?
Code Quality Analysis, centralized dashboard
What do you dislike about the product?
Setup and configuration complexity, Resource Intensive
What problems is the product solving and how is that benefiting you?
Code Quality Assurance
Great plugin for Code Analysis
What do you like best about the product?
It's good to analyze code. It improves code practice.
What do you dislike about the product?
Sometimes it shows code smell that are not genuine
What problems is the product solving and how is that benefiting you?
Sonar cube is easy to use and solving code review effort as shows best practices for code
No way to escape from writing the quality code.
What do you like best about the product?
Automated quality code check analysis. The code smells, and major issues can easily be tracked mostly, which can cause production failure. We can integrate it with our applications and can perform the sonar checks with a single command.
What do you dislike about the product?
Though most of the time, it works well but sometimes creates problems without any significant issues in the code. Very strict in terms of code coverage part. Integrating and performing pre-flight jobs with sonar is a difficult process if you are a beginner, which means it requires complete knowledge of it.
What problems is the product solving and how is that benefiting you?
In my organization, we have integrated the sonarQube with GitHub pre-flight checks and CI-CD pipeline to perform the quality checks. We have set up a code coverage threshold of 90%, which restricts merging the code if the coverage is below the threshold. So in this way, we always ensure that the code developers write is up to the mark and easily readable.
Information security architect
What do you like best about the product?
thorough scan, multitude of languages, easy to use once set up
What do you dislike about the product?
no real support whatsoever for the $20k price tag; set up can be hellish if you haven't been through it before. With a database that has prevented updates to newer versions
What problems is the product solving and how is that benefiting you?
Sonic cube is very good at finding bugs and vulnerabilities in the code and reporting them in a way that can give directly to my developers for removing for remediation
Org Wide Static Code Analyzer for Code Quality
What do you like best about the product?
SonarQube is an excellent tool for maintaining code quality and enforcing code quality rules organization-wide. It has a free and open-source version which can be self-hosted.
Badges can also be created, which can be embedded in repos. It can be integrated with the CICD process
Badges can also be created, which can be embedded in repos. It can be integrated with the CICD process
What do you dislike about the product?
The free and open source version can be pretty limited and restrictive (it does not allow per-branch scanning, and only one branch can be analyzed at once)
The Enterprise version / Cloud version is quite expensive for a small startup
The Enterprise version / Cloud version is quite expensive for a small startup
What problems is the product solving and how is that benefiting you?
SonarQube is an excellent tool for maintaining code quality. It helps track tech debt and common code smells. Keeping SonarQube score high generally indicates a higher quality of code repo.
Rules can be enforced on an organization-wide basis or a per-repository basis. It also works with a lot of different languages and is continuously updated
Rules can be enforced on an organization-wide basis or a per-repository basis. It also works with a lot of different languages and is continuously updated
Good tool to detect issues within code
What do you like best about the product?
- Provides a wide range of code analysis tools that help developers identify and fix code quality issues, security vulnerabilities, and bugs.
- Offers support for a wide range of programming languages, including Java, C/C++, C#, Python, and many more.
- Integrates with a variety of popular build systems, CI/CD pipelines, and code repositories, including Jenkins, Azure DevOps, GitHub, and GitLab, making it easy to incorporate SonarQube into existing workflows.
- Offers support for a wide range of programming languages, including Java, C/C++, C#, Python, and many more.
- Integrates with a variety of popular build systems, CI/CD pipelines, and code repositories, including Jenkins, Azure DevOps, GitHub, and GitLab, making it easy to incorporate SonarQube into existing workflows.
What do you dislike about the product?
- Sometimes it may produce false positives or miss certain types of code quality issues, requiring developers to perform additional manual code review.
- The documentation can be overwhelming, and some of users with which I have worked with have face difficulties in finding the information they need.
- The documentation can be overwhelming, and some of users with which I have worked with have face difficulties in finding the information they need.
What problems is the product solving and how is that benefiting you?
It majorly solves our probelm by integrating into our DevOsp tool chains such as Jenkins, Azure DevOps, GitHub, and GitLab, making it easy to incorporate SonarQube into existing workflows.
Lightweight statis code analysis tool
What do you like best about the product?
Is very responsible and light. Quickly report issues in code
What do you dislike about the product?
Requires a certain level of knowledge (ex: CI-CD / pipeline). Cannot be implemented by security teams without assistance from the developer teams.
What problems is the product solving and how is that benefiting you?
Helps applying best practices in coding. Is a complement to our dynamic app scanning tools.
showing 1 - 10