SonarQube is the leading tool for continuously inspecting the Code Quality and Security of your codebases
and guiding development teams during Code Reviews.
Covering 27 programming languages, while pairing-up with your existing software pipeline, SonarQube provides clear remediation guidance for developers to understand and fix issues and for teams overall to deliver better, safer software. With over 170,000 deployments, helping small development teams as well as global organizations, SonarQube provides the means for all teams and companies, around the world, to own and impact their Code Quality and Security.
Back in 2007, when first lines of code were created, the founders of SonarQube (originally called Sonar) had a dream to one day provide every developer the ability to measure the code quality of his projects. Their motto: “Continuous Inspection must become mainstream as Continuous Integration”.
To make this dream come true, they invested all their time and energy into developing SonarQube as an open-source product, working closely with the community. Today SonarQube is used by more than 100,000 organizations that in return provide regular feedback and contributions.
Fully integrated with DevOps tool chains it comes with:
- built-in integration with most build tools, which enables in most cases a no configuration approach
- easy integration with continuous integration engines such as Jenkins, Azure DevOps, TeamCity, Bamboo,…
- support for numerous source configuration management tools such as Git, Subversion, CVS, Mercurial, …
SonarQube is distributed under GNU Lesser GPL License v3.
