590
328
+ 1
14

What is SonarQube?

SonarQube provides an overview of the overall health of your source code and even more importantly, it highlights issues found on new code. With a Quality Gate set on your project, you will simply fix the Leak and start mechanically improving.
SonarQube is a tool in the Code Review category of a tech stack.
SonarQube is an open source tool with 4.4K GitHub stars and 1.2K GitHub forks. Here’s a link to SonarQube's open source repository on GitHub

Who uses SonarQube?

Companies
192 companies reportedly use SonarQube in their tech stacks, including Starbucks, Ocado Technology, and Agoda.

Developers
359 developers on StackShare have stated that they use SonarQube.

SonarQube Integrations

Jenkins, Bitbucket, Travis CI, Gradle, and Apache Maven are some of the popular tools that integrate with SonarQube. Here's a list of all 11 tools that integrate with SonarQube.

Why developers like SonarQube?

Here’s a list of reasons why companies and developers use SonarQube
SonarQube Reviews

Here are some stack decisions, common use cases and reviews by companies and developers who chose SonarQube in their tech stack.

Ganesa Vijayakumar
Ganesa Vijayakumar
Full Stack Coder | Module Lead · | 15 upvotes · 678.7K views
Codacy
Codacy
SonarQube
SonarQube
React
React
React Router
React Router
React Native
React Native
JavaScript
JavaScript
jQuery
jQuery
jQuery UI
jQuery UI
jQuery Mobile
jQuery Mobile
Bootstrap
Bootstrap
Java
Java
Node.js
Node.js
MySQL
MySQL
Hibernate
Hibernate
Heroku
Heroku
Amazon S3
Amazon S3
Amazon RDS
Amazon RDS
Solr
Solr
Elasticsearch
Elasticsearch
Amazon Route 53
Amazon Route 53
Microsoft Azure
Microsoft Azure
Amazon EC2 Container Service
Amazon EC2 Container Service
Apache Maven
Apache Maven
Git
Git
Docker
Docker

I'm planning to create a web application and also a mobile application to provide a very good shopping experience to the end customers. Shortly, my application will be aggregate the product details from difference sources and giving a clear picture to the user that when and where to buy that product with best in Quality and cost.

I have planned to develop this in many milestones for adding N number of features and I have picked my first part to complete the core part (aggregate the product details from different sources).

As per my work experience and knowledge, I have chosen the followings stacks to this mission.

UI: I would like to develop this application using React, React Router and React Native since I'm a little bit familiar on this and also most importantly these will help on developing both web and mobile apps. In addition, I'm gonna use the stacks JavaScript, jQuery, jQuery UI, jQuery Mobile, Bootstrap wherever required.

Service: I have planned to use Java as the main business layer language as I have 7+ years of experience on this I believe I can do better work using Java than other languages. In addition, I'm thinking to use the stacks Node.js.

Database and ORM: I'm gonna pick MySQL as DB and Hibernate as ORM since I have a piece of good knowledge and also work experience on this combination.

Search Engine: I need to deal with a large amount of product data and it's in-detailed info to provide enough details to end user at the same time I need to focus on the performance area too. so I have decided to use Solr as a search engine for product search and suggestions. In addition, I'm thinking to replace Solr by Elasticsearch once explored/reviewed enough about Elasticsearch.

Host: As of now, my plan to complete the application with decent features first and deploy it in a free hosting environment like Docker and Heroku and then once it is stable then I have planned to use the AWS products Amazon S3, EC2, Amazon RDS and Amazon Route 53. I'm not sure about Microsoft Azure that what is the specialty in it than Heroku and Amazon EC2 Container Service. Anyhow, I will do explore these once again and pick the best suite one for my requirement once I reached this level.

Build and Repositories: I have decided to choose Apache Maven and Git as these are my favorites and also so popular on respectively build and repositories.

Additional Utilities :) - I would like to choose Codacy for code review as their Startup plan will be very helpful to this application. I'm already experienced with Google CheckStyle and SonarQube even I'm looking something on Codacy.

Happy Coding! Suggestions are welcome! :)

Thanks, Ganesa

See more
frido
frido
SonarQube
SonarQube
codebeat
codebeat
Codacy
Codacy

It is very important to have clean code. To be sure that the code quality is not really bad I use a few tools. I love SonarQube with many relevant hints and deep analysis of code. codebeat isn't so detailed, but it can find complexity issues and duplications. Codacy cannot find more bugs then your IDE. The winner for me is SonarQube that shows me really relevant bugs in my code.

See more
Gonçalo Faustino
Gonçalo Faustino
Docker
Docker
OpenShift
OpenShift
SonarQube
SonarQube
Sonatype Nexus
Sonatype Nexus
GitLab
GitLab
Vault
Vault
Apache Maven
Apache Maven
AngularJS
AngularJS
Spring Boot
Spring Boot
#DeploymentWorkflow

We use Docker for our #DeploymentWorkflow along with OpenShift SonarQube Sonatype Nexus GitLab Vault Apache Maven AngularJS Spring-Boot

See more
Joshua Dean KĂĽpper
Joshua Dean KĂĽpper
CEO at Scrayos UG (haftungsbeschränkt) · | 1 upvotes · 14.3K views
atScrayos UG (haftungsbeschränkt)Scrayos UG (haftungsbeschränkt)
SonarQube
SonarQube

We use SonarQube because of the big inbuilt database of code-smells, pitfalls and best-practices. We were already using Checkstyle, PMD and SpotBugs before, but decided that an "in-depth" analysis – after those three tools already submitted their reports – would be a welcomed addition for the presentation of found issues. The blame-feature of SonarQube is brilliant for internal communication and the integration of the already generated reports of the other tools saves time and speeds up build pipelines.

See more
Timur Olzhabayev
Timur Olzhabayev
Head of Development at Trusted Shops · | 1 upvotes · 13.8K views
atTrusted Shops GmbHTrusted Shops GmbH
SonarQube
SonarQube

To increase our code quality and make vulnerabilities visible, we added SonarQube to our Git(lab) workflow, so every commit is analyzed and code flaws are shown directly at the Mergerequest. SonarQube

See more

SonarQube's Features

  • Multi-language
  • Detect tricky issues
  • Security analysis
  • Enhance your workflow

SonarQube Alternatives & Comparisons

What are some alternatives to SonarQube?
ReSharper
It is a popular developer productivity extension for Microsoft Visual Studio. It automates most of what can be automated in your coding routines. It finds compiler errors, runtime errors, redundancies, and code smells right as you type, suggesting intelligent corrections for them.
Checkmarx
It is a provider of state-of-the-art application security solution: static code analysis software, seamlessly integrated into development process.
Codacy
Codacy is an automated code review tool for Scala, Java, Ruby, JavaScript, PHP, Python, CoffeeScript and CSS. It's continuous static analysis without the hassle. Save time in Code Reviews. Tackle your technical debt
FindBugs
It detects possible bugs in Java programs. Potential errors are classified in four ranks: scariest, scary, troubling and of concern. This is a hint to the developer about their possible impact or severity.
ESLint
A pluggable and configurable linter tool for identifying and reporting on patterns in JavaScript. Maintain your code quality with ease.
See all alternatives

SonarQube's Followers
328 developers follow SonarQube to keep up with related blogs and decisions.
Philippe Gevaert
Jonathan Delee
Nigel Gandy
hernan yervoni
Erick Pham
Jackson Oh
Aman Singh
Andrey Karpov
Michele Cardone
Fahd Gilani