SonarQube Server (formerly SonarQube) Reviews

We used SonarQube during the development period and AppScan after the system was deployed on the production site.

SonarQube is integrated with the CI/CD infrastructure. It automatically scans for code, detects vulnerabilities, and generates daily reports. SonarQube's integration with the CI/CD infrastructure helps us reduce the effort to scan the code manually.

After scanning our code and generating a report, it would be helpful if SonarQube could also generate a solution to fix vulnerabilities in the report.

I have been using SonarQube for six to seven years.

We haven’t faced any issues with the solution’s performance or stability.

We don't have a support license for SonarQube. We currently use the open-source community, which provides us with much support from communities worldwide.

The solution's initial setup is very easy. We have a team that handles the maintenance of SonarQube in the CI/CD environment.

The solution's deployment takes about two weeks. We have a new software development project, and integrating it into the CI/CD system took about half a working day.

We use the solution free of cost. SonarQube is a cost-efficient solution.

I would recommend the solution to other users.

Overall, I rate the solution ten out of ten.

This solution has the capability to analyze source code in almost all the languages in the market.

This is a well-rounded solution, however, some features could be made available on the free version. The price of the solution could be reduced.

I have used this solution for ten years. 

This is a stable solution. 

This is a scalable solution. We have been using it for all of our critical projects. 

I have never made the calculations to understand the real value of this solution but I know that the return of investment is very good. If not, we wouldn't have continued to use it for the past 10 years.

As a user and a consumer of this solution, it can be pricey for my company to support and use, even though there are many benefits. For this reason, we use the free version. In the future, as our product cycles develop and evolve at a more steady pace, we hope to invest in the licensing for this tool. 

This solution has evolved a lot in the last ten years. 

It comes with good DevOps implementation and security, which is a big problem today. 

I use SonarQube for testing software.

The solution can verify vulnerabilities, code smells, and hotspots. It makes the software more secure and it helps make a junior or novice developer sharper.

The software testing tool capability could improve. It does not always integrate well. You have to use a specific plugin and the plugin does not always go in Apple's applications.

In the next release, they should add the ability to analyze containers.

I have been using SonarQube for approximately three years.

We have mostly software developers using this solution are there are approximately 50 using it.

I have used Snyk and it is more catered to a different audience than SolarQube.SolarQube is more for software developers.

The installation is straightforward, especially with the new Docker implementation.

I did the implementation of the solution myself.

The process of purchasing the solution could improve.

This solution is a good static test tool for developers. It helps keep the maintainability and security of software.

I rate SonarQube an eight out of ten.

We use it as a gatekeeper for our external developers to follow the rules. If they don't comply with the rules within the source code, they cannot commit. 

It is working fine. It provides good value for money.

One thing to improve would be the integration. There is a steep learning curve to get it integrated.

I have been using this solution for maybe two years.

It is stable.

It is definitely scalable. Currently, we have six users.

We didn't contact them.

This was our first one.

Its initial setup is okay. It is not too difficult. It probably took a couple of hours.

One developer is enough for its deployment.

We pay €10 per month for this solution, which is good. It provides good value for money.

I would recommend this solution to others. I would rate SonarQube a nine out of 10.

We use SonarQube for testing, reviewing, and ensuring the quality of application code.

The most valuable features are the analysis and detection of issues within the application code.

The solution could improve by providing more advanced technologies.

I have been using the solution within the last 12 months.

The SonarQube is stable.

The installation is easy.

The price of this solution is more expensive than competitors. However, it works better than competitors.

I have evaluated other solutions.

I rate SonarQube an eight out of ten.