Need advice about which tool to choose?Ask the StackShare community!

FindBugs

195
96
+ 1
0
SonarQube

1.6K
1.8K
+ 1
52
Add tool

FindBugs vs SonarQube: What are the differences?

FindBugs: An open-source static code analyser. It detects possible bugs in Java programs. Potential errors are classified in four ranks: scariest, scary, troubling and of concern. This is a hint to the developer about their possible impact or severity; SonarQube: Continuous Code Quality. SonarQube provides an overview of the overall health of your source code and even more importantly, it highlights issues found on new code. With a Quality Gate set on your project, you will simply fix the Leak and start mechanically improving.

FindBugs and SonarQube can be primarily classified as "Code Review" tools.

SonarQube is an open source tool with 3.88K GitHub stars and 1.09K GitHub forks. Here's a link to SonarQube's open source repository on GitHub.

Get Advice from developers at your company using StackShare Enterprise. Sign up for StackShare Enterprise.
Learn More
Pros of FindBugs
Pros of SonarQube
    Be the first to leave a pro
    • 26
      Tracks code complexity and smell trends
    • 16
      IDE Integration
    • 9
      Complete code Review
    • 1
      Difficult to deploy

    Sign up to add or upvote prosMake informed product decisions

    Cons of FindBugs
    Cons of SonarQube
      Be the first to leave a con
      • 7
        Sales process is long and unfriendly
      • 7
        Paid support is poor, techs arrogant and unhelpful
      • 1
        Does not integrate with Snyk

      Sign up to add or upvote consMake informed product decisions

      - No public GitHub repository available -

      What is FindBugs?

      It detects possible bugs in Java programs. Potential errors are classified in four ranks: scariest, scary, troubling and of concern. This is a hint to the developer about their possible impact or severity.

      What is SonarQube?

      SonarQube provides an overview of the overall health of your source code and even more importantly, it highlights issues found on new code. With a Quality Gate set on your project, you will simply fix the Leak and start mechanically improving.

      Need advice about which tool to choose?Ask the StackShare community!

      Jobs that mention FindBugs and SonarQube as a desired skillset
      CBRE
      United States of America Texas Richardson
      What companies use FindBugs?
      What companies use SonarQube?
      See which teams inside your own company are using FindBugs or SonarQube.
      Sign up for StackShare EnterpriseLearn More

      Sign up to get full access to all the companiesMake informed product decisions

      What tools integrate with FindBugs?
      What tools integrate with SonarQube?

      Sign up to get full access to all the tool integrationsMake informed product decisions

      What are some alternatives to FindBugs and SonarQube?
      PMD
      It is a source code analyzer. It finds common programming flaws like unused variables, empty catch blocks, unnecessary object creation, and so forth. It includes CPD, the copy-paste-detector.
      Checkstyle
      It is a development tool to help programmers write Java code that adheres to a coding standard. It automates the process of checking Java code to spare humans of this boring (but important) task. This makes it ideal for projects that want to enforce a coding standard.
      SonarLint
      It is an IDE extension that helps you detect and fix quality issues as you write code. Like a spell checker, it squiggles flaws so that they can be fixed before committing code.
      CodeNarc
      A flexible framework for rules, rule sets and custom rules means it's easy to configure it to fit into your project. Build tool, framework support, and report generation are all enterprise ready.
      ESLint
      A pluggable and configurable linter tool for identifying and reporting on patterns in JavaScript. Maintain your code quality with ease.
      See all alternatives