The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning. Learn more →
SonarQube Alternatives
Similar projects and alternatives to SonarQube
-
Spotbugs
SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.
-
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
Checkstyle
Checkstyle is a development tool to help programmers write Java code that adheres to a coding standard. By default it supports the Google Java Style Guide and Sun Code Conventions, but is highly configurable. It can be invoked with an ANT task and a command line program.
-
snyk
Discontinued Snyk CLI scans and monitors your projects for security vulnerabilities. [Moved to: https://github.com/snyk/cli]
-
-
semgrep
Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
-
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
-
-
-
-
-
-
-
Grafana
The open and composable observability and data visualization platform. Visualize metrics, logs, and traces from multiple sources like Prometheus, Loki, Elasticsearch, InfluxDB, Postgres and many more.
-
fastlane
🚀 The easiest way to automate building and releasing your iOS and Android apps
-
-
-
OSQuery
SQL powered operating system instrumentation, monitoring, and analytics.
-
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
SonarQube reviews and mentions
-
Experience Continuous Integration with Jenkins | Ansible | Artifactory | SonarQube | PHP
SonarQube (Scroll down to the Sonarqube section to see instructions on how to set up and configure SonarQube manually)
- Enterprise level open source react apps?
-
Usefully links for DotNet Backend Developers
SonarQube https://www.sonarqube.org/
-
How do you integrate a static security analysis tool into the CI/CD pipeline
There are commercial tools that can be integrated into a CI pipeline and/or a developer's IDE. I've used SonarQube before, but there are others.
-
How I go with react native in late 2022
having a code review and analysis tool in CI/CD pipeline can help developers to keep their code clean. some examples of these tools are sonarqube and embold.
-
Top 10 Open-Source DevOps Tools That You Should Know
Sonarqube Source Code Repository
- Ask HN: How can I DDOoS attack my personal website (for curiosity)?
-
Spring Boot – Black Box Testing
The generated classes should be put into .gitignore. Otherwise, if you have Checkstyle, PMD, or SonarQube in your project, then generated classes can violate some rules. Besides, if you don't put them into .gitignore, then each pull request might become huge due to the fact that even a slightest fix can lead to lots of changes in the generated classes.
-
Implement DevSecOps to Secure your CI/CD pipeline
SonarQube allows all developers to write cleaner and safer code. It supports lots of programming languages for scanning (Java, Kotlin, Go, JavaScript). It also supports running unit testing for code coverage. It can be easily integrated with Jenkins and Azure DevOps. Checkmarx, Veracode, and Klocwork also provide similar functionality but these are paid tools.
-
CBC Lite, a low-bandwidth CBC news site, built with React/Nextjs
As for some of our tech stack outside of Next.js for those curious, we use Sass to define CSS and its globals, Jenkins for our CI/CD pipeline, and Sentry for error tracking, all of which have been great to work with so far. Within our testing suite, we utilize Sonarqube, Lighthouse, aXe Core, WebPageTest, @next/bundle-analyzer, and run tests written with Cypress.
-
A note from our sponsor - WorkOS
workos.com | 28 Mar 2024
Stats
SonarSource/sonarqube is an open source project licensed under GNU Lesser General Public License v3.0 only which is an OSI approved license.
The primary programming language of SonarQube is Java.