security vulnerability review in GitLab
Sonar workflow integration helps you review and prioritize vulnerabilities directly from your repository during your code reviews.
GitLab Integration
Sonar tightly integrates with GitLab enabling your team to consistently and efficiently deliver clean code that's free of issues that lead to vulnerabilities, bugs and code smells.
Elevate your GitLab experience with Sonar and ensure only Clean Code is added to the code base. With just a few clicks you're up and running right where your code lives.
Sonar automatically decorates code quality metrics directly on your merge request & feature branches. Resolve issues BEFORE you merge.
Fail your GitLab pipelines when the quality of code doesn’t meet your defined requirements. Clean Code becomes the norm!
Review and prioritize issue remediation during code reviews directly from GitLab.
Configure multiple Quality Gates and receive project-labeled messages in your GitLab mono repository.
Sonar supports authentication delegation - if you're logged into your GitLab account, you're all set!
Native Git data support so issues are automatically assigned and tracked.
Configure your CI chain to automatically analyze merge requests and branches and publish the Quality Gate results in the build summary.
developers use Sonar
coding rules available
lines of code analyzed
Sonar workflow integration helps you review and prioritize vulnerabilities directly from your repository during your code reviews.
With its tight coupling to GitLab, Sonar analyzes your projects and provides code health metrics at the right time and in the right place
Non-disruptive code quality analysis overlays your workflow so your team only produces clean builds. Your project’s Quality Gate status is clearly decorated right in GitLab Pipelines along with code coverage and duplication metrics. Live updating keeps everyone on the same page.
Integrate with GitLab CI/CD, Jenkins, CircleCI or any other CI tool.
You’ve got fresh code to analyze so we make it easy to get started. An onboarding wizard guides you in adding all your projects and setting up autodetection of branches and MRs.