SonarQube - OpenSource SAST Tool

Summary

SonarQube is a tool for automatic code review and static code analysis that detects bugs, vulnerabilities, and  supports 29 programming languages.

11 min read

SonarQube

What is SonarQube?

SonarQube is a Code Quality Assurance tool that collects and analyzes source code and provides reports on the code quality of your project. It combines static and dynamic analysis tools and enables quality to be measured continuously over time.

SonarQube Dashboard

Sonarqube also ensures code reliability, Application security, and reduces technical debt by making your codebase clean and maintainable.

 

Sonarqube also provides support for 27 different languages, including C, C++, Java, Javascript, PHP, Go, Python, and much more.SonarQube also provides CI/CD integration, and gives feedback during a code review with branch analysis and pull request decoration.

On this page:

Leave a Reply

Your email address will not be published. Required fields are marked *