Eliminate bugs and vulnerabilities in your GitHub repositories with SonarQube.

Eliminate Bugs and Vulnerabilities
in your GitHub repositories

SonarQube Commercial Editions tightly integrate with GitHub so your team can write clean, quality code all day long!

Find issues before you merge

SonarQube analyzes branches and Pull Requests so you spot and resolve issues BEFORE you merge to master. Clean code becomes the norm!

SonarQube analyzes branches and Pull Requests in GitHub
Quality Gate and code metric results right in GitHub
Always know your code health

SonarQube publishes Quality Gate and code metric results right in GitHub Checks. You’re always getting the right info, at the right time and in the right place.

SonarQube helps you find AND fix

Finding code issues is great...and fixing them is awesome! SonarQube dives directly into detected issues and offers contextual help so you can resolve them quickly.

Bonus: you learn clean coding practices each day.

Detect BugsBugs
Detect VulnerabilitiesSecurity Vulnerabilities
Detect HotspotsSecurity Hotspots
Detect Code SmellsCode Smells
SonarQube detects issues and offers contextual help

See the benefits for yourself!

  • 0:52min

    Analysis workflow

  • 1:17min

    PR Decoration Demo

  • 2:32min

    Benefits Summary

  • 3:07min

    Wrap Up

Built-in features make analysis a snap!

Easy authentication
Built-in feature for easy GitHub authentication

SonarQube supports authentication delegation - if you're logged into your GitHub account, you're all set!

Auto issue assignment
Built-in feature for auto blame assignement

Native Git data support so issues are automatically assigned and tracked.

Continuous inspection
Built-in feature for CI chain configuration

Optionally configure your CI chain to automatically analyze pull requests and branches.

End-to-End CI/CD benefits

With its tight coupling to GitHub, SonarQube analyzes your projects and provides
code health metrics at the right time and in the right place.

It’s your same efficient workflow...improved with cleaner, safer code!

SonarQube analyzes your projects and provides code health metrics

Non-disruptive code quality analysis overlays your workflow so you can intelligently promote only clean builds.

Your project’s Quality Gate status is clearly decorated right in GitHub Checks along with code coverage and duplication metrics. Live updating keeps everyone on the same page.

Integrate with Jenkins, TeamCity, Azure Pipelines or any other CI

Integrate SonarQube with Jenkins Integrate SonarQube with TeamCity Integrate SonarQube with Azure Devops Integrate SonarQube with AppVeyor Integrate SonarQube with Bamboo
Transparency is best

Use SonarQube badges to share the good vibes and be transparent with your community

Be transparent with your community
SonarQube analyzes branches and Pull Requests in GitHub
Developer Edition

Ready to analyze your GitHub projects?

Pull Request decoration and branch analysis features start with Developer Edition.

Request Free Trial Discover Developer Edition