SonarQube Community Build

Home


FREE & OPEN SOURCE

SonarQube Community Build

SonarQube Community Build provides development teams with a workflow-integrated code analysis solution for automated code review, so they can protect its quality and security. SonarQube Community Build supports dozens of popular and classic programming languages, frameworks and cloud technologies.

Upgrade steps
SONARQUBE COMMUNITY BUILD FEATURES

The tooling you need for automated code review

Enable your team to systematically deliver code that meets high standards for code quality and code security, for every project, at every step in the workflow.

Popular & classic languages support

Analyze the quality of the code in your preferred language. Support for dozens of popular & classic languages, frameworks & web technologies.

DevSecOps integrated

Integrated with GitHub Actions, GitLab CI/CD, Azure Pipelines, Bitbucket Pipelines, and Jenkins to automate code reviews and show code health status where you work at every step.

Enforce your policies

Prevent code from reaching production that doesn't meet your policies with SonarQube quality gates. Eliminate issues in human-written and AI code, cutting late remediation costs.

Code review

Unmatched accuracy

Industry-leading accuracy maximizes signal and minimizes noise while reducing time-draining work. Receive actionable code health metrics in minutes instead of hours.

Code intelligence

Gain a more comprehensive understanding of your codebase with SonarQube's deep insights. Enhance developer productivity by reducing cognitive load.

Fix early and fast

Find and remediate issues in real-time as you code with SonarQube for IDE. Follow your coding policies in the IDE when in connected mode with SonarQube Server.

SonarQube for IDE

21 languages, frameworks, and IaC

  • Java
  • https://assets-eu-01.kc-usercontent.com:443/5dddefee-e8bb-013a-3b4e-7907971cf825/e8a34013-7557-479a-90d3-4a12f5781e49/kotlin-color-padding.svg
  • C Sharp Logo
  • VB Logo
  • Javascript Logo
  • Typescript Logo
  • Python Logo
  • PHP Logo
  • Terraform Logo
  • Cloudformation Logo
  • Azure Resource Manager icon
  • Docker
  • https://assets-eu-01.kc-usercontent.com:443/5dddefee-e8bb-013a-3b4e-7907971cf825/dd29d45e-18d1-4b28-b0d4-9c62934cc7c5/Kubernetes_mark_color_with-padding.svg
  • https://assets-eu-01.kc-usercontent.com:443/5dddefee-e8bb-013a-3b4e-7907971cf825/f612645e-3b99-49d2-b1e4-05824935ff4d/helm-blue.svg
  • https://assets-eu-01.kc-usercontent.com:443/5dddefee-e8bb-013a-3b4e-7907971cf825/b5dec02b-1ec2-4d60-8c83-17f37355c952/CSS-new-color-padding.svg
  • Flex Logo
  • Go Logo
  • HTML5 Logo
  • Ruby Logo
  • Scala Logo
  • XML Logo
Ready to get started with SonarQube Community Build?

Coming from an older Community Build version? Check the upgrade path.

The best way to improve the health of your code

Focus on new code

SonarQube encourages developers to focus on new or changed code, setting clear quality expectations for the team and ensuring they deliver reliable, secure code every day.

security and reliability issues are shown

Use a quality gate

The built-in Sonar quality gate provides a clear indicator if new or changed code meets the standards you have set. If it does, you can be confident it's fit for production.

code merge shows no issues

Give feedback quickly

Increase development team speed and efficiency, reduce team friction and empower developers through rapid issue identification and short resolution timeframes.

bad code is uncovered
COMMUNITY BUILD

Full DevOps integration

IDE Integration

SonarQube for IDE catches coding issues on the fly in your dev environment, with extensions for JetBrains, VS Code, Visual Studio and Eclipse.

Build Integration

Out-of-the box support for popular CI engines such as Jenkins, Azure DevOps, TeamCity and CircleCI along with build platforms such as Gradle and Maven. 

Pipeline and Promotion

SonarQube makes it easy to promote integrated code quality and code security throughout your development pipeline and promotion processes.

Need more languages, secrets detection, standards compliance, or AI features? Try SonarQube Server.

Free 14-day trial