Get clean, reliable, and secure software with SonarQube
Unlock the power of AI coding assistants without the risk of bad, insecure code using Sonar’s Clean Code solution.
Community
Free and open source for dev productivity and code quality
Always free:
$0 annually
Recommended for under 100K Lines of Code
20 languages & frameworks
One integration per DevOps platform
Developer
Essential capabilities for small teams and businesses
Starts at:
$160 annually
All features in Community Edition plus the following
Standard commercial support available
Advanced issue detection & deeper SAST
Analyze feature branches, maintenance branches, & pull requests
Display pass/fail status in DevOps platform’s pull request
Recommended for 100K Lines of Code or above
26 languages & frameworks
One integration per DevOps platform
Recommended
Enterprise
Deeper insights and performance for the modern enterprise
Annual price:
Talk to sales
All features in Developer Edition plus the following
Standard commercial support available
24/7 white glove premium support available
Detailed health reports for projects, applications, & portfolios
Security reports to track progress against meeting security standards
Generate actionable reports for audits & regulations
Unified view of release readiness across all assets with portfolios
Improved performance for large teams running multiple analyses
Manage projects in a monorepo
Recommended for 1M Lines of Code or above
33 languages & frameworks
Unlimited integrations into DevOps platforms
Data Center
Mission critical high availability, scalability, and performance
Annual price:
Talk to sales
Scales on demand for improved performance across distributed teams
Component redundancy to maintain high service integrity
Data resiliency for improved business continuity
High performance maintained under extreme loads reducing losses in productivity
Standard commercial support included
24/7 white glove premium support available
Detailed health reports for projects, applications, & portfolios
Security reports to track progress against meeting security standards
Generate actionable reports for audits & regulations
Unified view of release readiness across all assets with portfolios
Improved performance for large teams running multiple analyses
Manage projects in a monorepo
Recommended for 20M Lines of Code or above
33 languages & frameworks
Unlimited integrations into DevOps platforms
Trusted and loved by 7 million developers & 400,000+ Organizations
Community | Developer | Data Center | ||
---|---|---|---|---|
Languages and frameworks | 20 | 27 | 33 | 33 |
Recommended for under 100K Lines of Code | ||||
Recommended for 100K Lines of Code or above | ||||
Recommended for 1M Lines of Code or above | ||||
Recommended for 20M Lines of Code or above | ||||
NEW: Detect issues in AI generated code | ||||
NEW: SonarQube server runs in a FIPS environment | ||||
Seamlessly integrates into your CI/CD workflow | ||||
Detect issues in code that cause bugs, hotspots, and basic security vulnerabilities | ||||
Track and resolve technical debt | ||||
Monitor code quality metrics and history of activity | ||||
Secrets detection to prevent secrets from leaking | ||||
Combine third-party tool results with SARIF reports | ||||
Limited to 4 integrations with DevOps platforms | ||||
NEW: AutoConfig for C and C++ projects | ||||
Taint analysis with deeper SAST | ||||
Detection of advanced dataflow bugs | ||||
Analysis of feature branches, maintenance branches, and pull requests | ||||
Display quality gate status in DevOps pull request | ||||
Autoprovision users and groups from GitHub and GitLab | ||||
Permissions autosync with GitHub | ||||
Display security vulnerabilities in GitHub and GitLab | ||||
Collect multiple projects together as an Application for a single view | ||||
Standard commercial support | ||||
NEW: Set rule priority to uphold your coding standards | ||||
Unlimited integrations with DevOps platforms | ||||
Security engine custom configuration for more powerful taint analysis | ||||
Custom rules to detect private secret patterns | ||||
Aggregate projects and applications into a portfolio | ||||
Project, application, and executive portfolio reports | ||||
Security reports for common security standards | ||||
Regulatory reports and audit logs | ||||
Consolidate projects into a central instance | ||||
Parallel processing of analyses for large teams | ||||
Pull request decoration and guided setup for monorepos | ||||
Additional licenses for testing and staging environments | ||||
Automatic user and group provisioning through SCIM with Okta and Azure AD | ||||
24/7 white glove premium support available | ||||
NEW: Autoscaling in a Kubernetes cluster | ||||
Component redundancy | ||||
Data resiliency | ||||
Horizontal scalability | ||||
High performance under extreme load |
frequently asked questions
Developer Edition, Enterprise Edition, and Data Center Edition are priced per instance per year and based on your lines of code (LOC). An instance is an installation of SonarQube. You pay per instance for a maximum number of LOC to be analyzed.
Developer Edition pricing starts at $160/yr for a maximum analysis of 100,000 LOC and can extend to $68,580/yr for a maximum analysis of 20M LOC.
Enterprise Edition pricing starts at $21,000/yr for a maximum analysis of 1M LOC and can extend to $252,000/yr for a maximum analysis of 100M LOC.
Need to analyze more lines of code? Check out our Data Center Edition, and discover the horizontal scalability and high availability for global deployments! Get in touch with sales for detailed pricing.