SonarQube Pros and Cons

SonarQube Pros

Steven Gomez
Lead Engineer at a pharma/biotech company with 1,001-5,000 employees
We have the software metrics that SonarQube gives us, which is something we did not have before. This helps us work towards aiming coding standards to empower us to move in the direction of better code quality. SonarQube provides targets and metrics for that.
View full review »
Andrew Kew
Senior Java Developer at a financial services firm
Code Convention: Using the tool to implement some sort of coding convention is really useful and ensures that the code is consistent no matter how many contributors.
View full review »
Phil Denomme
Manager at a wireless company with 11-50 employees
Integrate it into the developers' workbench so that they can bench check their code against what will be done in the server-based audit version.
View full review »
Risto Uibo
Senior Software Developer at a tech vendor
Issue Explanations: Documentation with detailed samples. Helps in growing technical knowledge and re-writing logic to conforming solutions.
View full review »
Daniel Hall
Technical Architect with 1,001-5,000 employees
The most valuable features are the wide array of languages, multiple languages per project, the breakdown of bugs, and the description of vulnerabilities and code smells (best practices).
View full review »
Rann Lifshitz
SW Automation Team Leader at a tech services company with 201-500 employees
SonarQube: Recording of issues over a period of time, with an indication of the addition in the new issues or the reduction of existing issues (which were fixed).
View full review »
Jeff Ingalls
Automation Tool Specialist at a comms service provider with 1,001-5,000 employees
It is very good at identifying technical debt.
It easily ties into our continuous integration pipeline.
View full review »
AppSecAn0945
Application Security Analyst at a agriculture
The most valuable function is its usability.
View full review »
Saurabh Ahuja
Devops Engineer at a healthcare company with 10,001+ employees
I follow Quality Gate's graduation model within organization, and it is extremely helpful for me to benchmark products.
View full review »
Technicae22f
Technical Architect and Software Engineer at a tech services company
With SonarQube's web interface, it is easy to drill down to see the individual problems, but also to look at the project from above and get the big picture, with possible larger problem areas.
View full review »

SonarQube Cons

Steven Gomez
Lead Engineer at a pharma/biotech company with 1,001-5,000 employees
We've been using the Community Edition, which means that we get to use it at our leisure, and they're kind enough to literally give it to us. However, it takes a fair amount of effort to figure out how to get everything up and running. Since we didn't go with the professional paid version, we're not entitled to support. Of course that could be self-correcting if we were to make the step to buy into this and really use it. Then their technical support would be available to us to make strides for using it better.
View full review »
Andrew Kew
Senior Java Developer at a financial services firm
An improvement is with false positives. Sometimes the tool can say there is an issue in your code but, really, you have to do things in a certain way due to external dependencies, and I think it's very hard to indicate this is the case.
View full review »
Phil Denomme
Manager at a wireless company with 11-50 employees
We're in the process of figuring out how to automate the workflow for QA audit controls on it. I think that's perhaps an area that we could use some buffing. We're a Kubernetes shop, so there are some things that aren't direct fits, which we're struggling with on the component Docker side. But nothing major.
View full review »
Risto Uibo
Senior Software Developer at a tech vendor
It requires advanced heuristics to recognize more complex constructs that could be disregarded as issues.
View full review »
Daniel Hall
Technical Architect with 1,001-5,000 employees
A robust credential scanner would be a huge bonus as it would remove the need for yet another niche product.
View full review »
Rann Lifshitz
SW Automation Team Leader at a tech services company with 201-500 employees
There is need for support for the additional languages and ease of use in adding new rules for detecting issues.
View full review »
Jeff Ingalls
Automation Tool Specialist at a comms service provider with 1,001-5,000 employees
I find it is light on the security side.
View full review »
AppSecAn0945
Application Security Analyst at a agriculture
This solution finds issues that are similar to what is found by Checkmarx, and it would be nice if the overlap could be eliminated.
View full review »
Saurabh Ahuja
Devops Engineer at a healthcare company with 10,001+ employees
When we have a thousand products published over it, we expect it to be more efficient in terms of serving requests from the browser.
View full review »
Noel Da Costa
Director at a consultancy with 10,001+ employees
Ease of use/interface.
View full review »

Sign Up with Email