SonarQube Alternatives
Similar projects and alternatives to SonarQube
-
Spotbugs
SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.
-
Checkstyle
Checkstyle is a development tool to help programmers write Java code that adheres to a coding standard. By default it supports the Google Java Style Guide and Sun Code Conventions, but is highly configurable. It can be invoked with an ANT task and a command line program.
-
SonarLint
Deliver Cleaner and Safer Code - Right in Your IDE of Choice!. SonarLint is a free and open source IDE extension that identifies and catches bugs and vulnerabilities as you code, directly in the IDE. Install from your favorite IDE marketplace today.
-
-
-
-
-
-
Scout APM
Less time debugging, more time building. Scout APM allows you to find and fix performance issues with no hassle. Now with error monitoring and external services monitoring, Scout is a developer's best friend when it comes to application development.
-
-
semgrep
Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
-
-
OSQuery
SQL powered operating system instrumentation, monitoring, and analytics.
-
-
-
groovy
Apache Groovy: A powerful multi-faceted programming language for the JVM platform
-
-
-
-
-
-
SonarQube reviews and mentions
-
Do I need to hire someone to look over my Django project for security problems before launching it to production?
And run a security scan like Sonarqube: https://www.sonarqube.org
-
The Engineer's Guide to Creating a Technical Debt Proposal🗺🧭
2. Static analyser tools such as SonarQube are used to analyse source code in search of technical debt.
-
Seriously who cares about the warnings
Never had anything like that though for four years my life revolved around getting PMD, checkstyle and Sonar rules to pass so my pull request would merge.
-
Starting new role as senior manager - I want to change the way how team builds software - I need your feedback.
Love it and have a suggestion: Use SonarQube. We set up the free version and use open-source plugins where needed. Set clear expectations for metrics like Cyclomatic complexity, code duplication, no critical/high vulnerabilities, % of test coverage. Leave no doubt what the expecations are, track progress over time, and if you do need to make resource changes, you will have objective data to use to make your decisions.
- Estabelecendo um processo fundamental de revisão de código
-
Modern StyleCop alternative? Advice appreciated.
I'm surprised none mentioned it, but check out https://www.sonarqube.org/
-
Measuring code quality in an app?
I recommend https://www.sonarqube.org/ in a heartbeat. I used it in my last two jobs and never looked back
-
A simple terminal Wordle in pure go
Check out SonarCube to see how much “cognitive load” your code puts devs through. Use Docker for a quick setup.
-
What is your CI/CD pipeline like?
SonarQube (formerly Sonar) looks for code smells, security no-no's and common bugs. It also shows you all kinds of statistics and breakdowns by project / file / contributor / whatever. It's a pretty nifty tool; it's also pretty effective at keeping egos in check.
-
Review Pull Requests 3x faster, ... then 10x faster
SonarQube
-
How to configure SonarLint to connect to SonarQube for VS Code
Fortunately, when it comes to SonarQube, they also provide SonarLint, which can be configured directly into your IDE to give that true shift-left mentality.
-
SonarQube in a Homelab?
I am wondering if it is possible to install SonarQube in my home network. I have 2 Raspberry Pis, one running Raspbian, the other running Ubuntu 20.04. I also have an Intel NUC.
-
Let's talk quality - Part 2
There are plenty of tools out there to help measure this. My own personal go-to in this space is SonarQube.
-
Container security best practices: Comprehensive guide
For application code, there are different SAST (Static Application Security Testing) tools like sonarqube, which provide vulnerability scanners for different languages, gosec for analyzing go code and detecting issues based on rules, linters, etc.
-
Flutter Complete Roadmap 2022
https://fastlane.tools https://danger.systems https://www.sonarqube.org https://codemagic.io/ https://travis-ci.org
Stats
SonarSource/sonarqube is an open source project licensed under GNU Lesser General Public License v3.0 only which is an OSI approved license.
Popular Comparisons
Are you hiring? Post a new remote job listing for free.