Ingest, store, & analyze all types of time series data in a fully-managed, purpose-built database. Keep data forever with low-cost storage and superior data compression. Learn more →
Similar projects and alternatives to SonarQube
SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.
An extensible multilanguage static code analyzer.
Access the most powerful time series database as a service. Ingest, store, & analyze all types of time series data in a fully-managed, purpose-built database. Keep data forever with low-cost storage and superior data compression.
Checkstyle is a development tool to help programmers write Java code that adheres to a coding standard. By default it supports the Google Java Style Guide and Sun Code Conventions, but is highly configurable. It can be invoked with an ANT task and a command line program.
Catch common Java mistakes as compile-time errors
Snyk CLI scans and monitors your projects for security vulnerabilities. [Moved to: https://github.com/snyk/cli]
Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
Visual Studio Code
Visual Studio Code
Write Clean Java Code. Always.. Sonar helps you commit clean code every time. With over 600 unique rules to find Java bugs, code smells & vulnerabilities, Sonar finds the issues while you focus on the work.
The OWASP ZAP core project
A static analyzer for Java, C, C++, and Objective-C
The Prometheus monitoring system and time series database.
Cloud Native Runtime Security
The new home of the FindBugs project
The open and composable observability and data visualization platform. Visualize metrics, logs, and traces from multiple sources like Prometheus, Loki, Elasticsearch, InfluxDB, Postgres and many more.
🚀 The easiest way to automate building and releasing your iOS and Android apps
Git hooks made easy 🐶 woof!
Jenkins automation server
SQL powered operating system instrumentation, monitoring, and analytics.
CNCF Jaeger, a Distributed Tracing Platform
Zipkin is a distributed tracing system
ONLYOFFICE Docs — document collaboration in your environment. Powerful document editing and collaboration in your app or environment. Ultimate security, API and 30+ ready connectors, SaaS or on-premises
SonarQube reviews and mentions
Enterprise level open source react apps?
2 projects | reddit.com/r/reactjs | 30 Apr 2023
Usefully links for DotNet Backend Developers
13 projects | dev.to | 2 Jan 2023
How do you integrate a static security analysis tool into the CI/CD pipeline
3 projects | reddit.com/r/devops | 7 Dec 2022
There are commercial tools that can be integrated into a CI pipeline and/or a developer's IDE. I've used SonarQube before, but there are others.
How I go with react native in late 2022
33 projects | dev.to | 27 Nov 2022
having a code review and analysis tool in CI/CD pipeline can help developers to keep their code clean. some examples of these tools are sonarqube and embold.
Top 10 Open-Source DevOps Tools That You Should Know
11 projects | dev.to | 20 Nov 2022
Sonarqube Source Code Repository
Ask HN: How can I DDOoS attack my personal website (for curiosity)?
2 projects | news.ycombinator.com | 19 Nov 2022
Spring Boot – Black Box Testing
9 projects | dev.to | 13 Nov 2022
The generated classes should be put into .gitignore. Otherwise, if you have Checkstyle, PMD, or SonarQube in your project, then generated classes can violate some rules. Besides, if you don't put them into .gitignore, then each pull request might become huge due to the fact that even a slightest fix can lead to lots of changes in the generated classes.
Implement DevSecOps to Secure your CI/CD pipeline
54 projects | dev.to | 27 Sep 2022
CBC Lite, a low-bandwidth CBC news site, built with React/Nextjs
5 projects | reddit.com/r/reactjs | 25 Aug 2022
As for some of our tech stack outside of Next.js for those curious, we use Sass to define CSS and its globals, Jenkins for our CI/CD pipeline, and Sentry for error tracking, all of which have been great to work with so far. Within our testing suite, we utilize Sonarqube, Lighthouse, aXe Core, WebPageTest, @next/bundle-analyzer, and run tests written with Cypress.
Finding better motivations for software work (Other than pride)
3 projects | dev.to | 4 Aug 2022
I found code reviews to also be tedious but in a different way. We have a large number of tools to review code well, and my company also makes sure to automate checks for code standards, smells and best practices (see sonarqube). The expectation on me as a code reviewer was to criticize to improve the structure and design of our code. Along the way, I was also meant to teach other engineers things.
A note from our sponsor - InfluxDB
www.influxdata.com | 1 Jun 2023
SonarSource/sonarqube is an open source project licensed under GNU Lesser General Public License v3.0 only which is an OSI approved license.
The primary programming language of SonarQube is Java.