Integration type
Sonar certified
SDLC Categories
- CI/CD
- Security & Compliance
Integration overview
The SonarQube integration with JFrog provides trusted auditing for software packages by enriching artifacts and builds with signed attestation metadata. This allows for easy tracking and verification for governance and compliance. The integration uses the JFrog CLI to create Sonar evidence, including the quality gate status, which is then displayed on the JFrog platform.