About SonarQube

SonarQube is an open source platform to perform automatic reviews with static analysis of code to detect bugs, code smells and security vulnerabilities on 20+ programming languages including Java, C#, JavaScript, TypeScript, C/C++, COBOL and more. SonarQube is the only product on the market that supports a leak approach as a practice to code quality.

Back in 2007, when first lines of code were created, the founders of SonarQube (originally called Sonar) had a dream to one day provide every developer the ability to measure the code quality of his projects. Their motto: “Continuous Inspection must become mainstream as Continuous Integration”.

sonarqube

open source

To make this dream come true, they invested all their time and energy into developing SonarQube as an open-source product, working closely with the community. Today SonarQube is used by more than 85,000 organizations that in return provide regular feedback and contributions.

Fully integrated with DevOps tool chains it comes with:

  • built-in integration with most build tools, which enables in most cases a no configuration approach
  • easy integration with continuous integration engines such as Jenkins, Azure DevOps, TeamCity, Bamboo,…
  • support for numerous source configuration management tools such as Git, Subversion, CVS, Mercurial, …

DevOps

SonarQube is distributed under GNU Lesser GPL License v3.