Developer Edition Enterprise Edition

Built for Developers By Developers

Built for developers by developers

Innovative features to systematically track and improve Code Quality and Code Security in your applications

Request your 14 day free trial!

Enhance your Workflow with Developer Edition

Automatically analyze branches
and decorate pull requests

  • Bitbucket Bitbucket
  • GitHub GitHub
  • Azure DevOps Azure DevOps
  • GitLab GitLab

Available for both cloud-based and self-hosted platforms

Your pull request from Bitbucket using SonarQube

Whether you're self-hosted or SaaS, on-prem or in-cloud, we have you covered.

Import repositories and provision projects from your DevOps Platform.

Easily navigate your environment’s analysis configuration with built-in wizards.

Automatically differentiate between main branch and PR - no extra config required.

Commit to Developer-Led Security

Maximum Security Protection with early Vulnerability
detection and taint analysis

Security Hotspots

Hotspots chevron Code review

Find and review Security Hotspots (uses of
security-sensitive code) in

Available for:

Detect Security Hotspots in java Detect Security Hotspots in C sharp Detect Security Hotspots in Python Detect Security Hotspots in PHP Detect Security Hotspots in javascript Detect Security Hotspots in typescript Detect Security Hotspots in C Detect Security Hotspots in C++ Detect Security Hotspots in vb
Security Vulnerabilities

Vulnerabilities chevron Code change/fix

Automatically detect Vulnerabilities (including
Injection Flaws) in:

Available for:

Detect Security Vulnerabilities in java Detect Security Vulnerabilities in C sharp Detect Security Vulnerabilities in Python Detect Security Vulnerabilities in PHP Detect Security Vulnerabilities in javascript Detect Security Vulnerabilities in typescript Detect Security Vulnerabilities in C Detect Security Vulnerabilities in C++

Guided developer experience

Check The UI is crafted for clarity so developers easily understand the problem flow from the vulnerability source to the code location (‘sink’) where the compromise occurs

Check Issue visualizer to track untrusted user input throughout the execution flow

Chase down the bad actors

Making sure user-provided data is sanitized before it hits critical systems (database, file system, OS, etc.) helps ensure your code security. Taint analysis tracks untrusted user input throughout the execution flow - across not just methods but also from file to file.

Dedicated UI navigation from the Vulnerability source to the code location
Taint Analysis tracks non-trusted user input throughout the execution flow for Java code
  • Java
  • PHP
  • C#
  • C++
  • Python
  • JS/TS
Critical security rules for vital languages

Get highly relevant rules for critical languages to help keep your code secure.

Application Management

Manage your team's success: Release quality code across projects every time

An Application is a synthetic project composed of projects that ship together; if one isn't ready to ship, none of them are. SonarQube Developer Edition provides you with:

Aggregate quality gate

One place to know if your project set is shippable

Easily visualize the pieces of the projects that work together

Quality Gate

Maintainability, Reliability and Security
in your language!

Catch tricky bugs, track Code Smells and fix Technical Debt in 24 languages supported:

Try Developer Edition for free for 14 days!

Licensed by Lines of Code - Starts at $150