SonarQube Community Build

Home


FREE Looking for a Cloud Solution? Try SonarQube Cloud Free Tier

FREE & OPEN SOURCE

SonarQube Community Build

SonarQube Community Build provides development teams with a workflow-integrated code analysis solution for automated code review, so they can protect its quality and security. SonarQube Community Build supports dozens of popular and classic programming languages, frameworks and cloud technologies.

Upgrade steps
SONARQUBE COMMUNITY BUILD FEATURES

The tooling you need for automated code review

Enable your team to systematically deliver code that meets high standards for code quality and code security, for every project, at every step in the workflow.

Popular & classic languages support

Analyze the quality of the code in your preferred language. Support for dozens of popular & classic languages, frameworks & web technologies.

与热门 DevOps 平台集成

轻松载入项目。与 GitHub Actions、GitLab CI/CD、Azure Pipelines、Bitbucket Pipelines 和 Jenkins 集成,以便自动触发分析并显示所编写代码的健康状态。

清楚的通过/不通过 Sonar 质量门

当代码质量不符合您定义的标准时,构建管道就会失败。防止问题被合并或发布,从而降低风险并节省因在 SDLC 中延迟发现问题而产生的成本。

一流的分析速度和准确性

在几分钟内即可收到可执行的整洁代码指标,而不用等待数小时。Clean as You Code 会在您编写时检查较小的代码片段,为您提供有关新代码质量的准确反馈。

统一的共享配置

制定具体的编码标准,让团队始终保持代码健康,实现代码质量目标。此外,Learn as You Code 还能将开发人员的技能提升到同样的高度。

SonarQube for IDE

添加 SonarQube for IDE 扩展并将其连接到 SonarQube 服务器,以便在编码时动态查找编码问题,并确保您的团队遵循单一受监管的编码标准。

探索连接模式

21 languages, frameworks, and IaC

  • Java
  • https://assets-eu-01.kc-usercontent.com:443/886afe32-410a-0136-0267-0f7515a29063/e8a34013-7557-479a-90d3-4a12f5781e49/kotlin-color-padding.svg
  • C Sharp Logo
  • VB Logo
  • Javascript Logo
  • Typescript Logo
  • Python Logo
  • PHP Logo
  • Terraform Logo
  • Cloudformation Logo
  • Azure Resource Manager icon
  • Docker
  • https://assets-eu-01.kc-usercontent.com:443/886afe32-410a-0136-0267-0f7515a29063/dd29d45e-18d1-4b28-b0d4-9c62934cc7c5/Kubernetes_mark_color_with-padding.svg
  • https://assets-eu-01.kc-usercontent.com:443/886afe32-410a-0136-0267-0f7515a29063/f612645e-3b99-49d2-b1e4-05824935ff4d/helm-blue.svg
  • https://assets-eu-01.kc-usercontent.com:443/886afe32-410a-0136-0267-0f7515a29063/b5dec02b-1ec2-4d60-8c83-17f37355c952/CSS-new-color-padding.svg
  • Flex Logo
  • Go Logo
  • HTML5 Logo
  • Ruby Logo
  • Scala Logo
  • XML Logo
Ready to get started with SonarQube Community Build?

Coming from an older Community Build version? Check the upgrade path.

The best way to improve the health of your code

Focus on new code

SonarQube encourages developers to focus on new or changed code, setting clear quality expectations for the team and ensuring they deliver reliable, secure code every day.

security and reliability issues are shown

Use a quality gate

The built-in Sonar quality gate provides a clear indicator if new or changed code meets the standards you have set. If it does, you can be confident it's fit for production.

code merge shows no issues

Give feedback quickly

Increase development team speed and efficiency, reduce team friction and empower developers through rapid issue identification and short resolution timeframes.

bad code is uncovered
COMMUNITY BUILD

Full DevOps integration

IDE Integration

SonarQube for IDE catches coding issues on the fly in your dev environment, with extensions for JetBrains, VS Code, Visual Studio and Eclipse.

Build Integration

Out-of-the box support for popular CI engines such as Jenkins, Azure DevOps, TeamCity and CircleCI along with build platforms such as Gradle and Maven. 

Pipeline and Promotion

SonarQube makes it easy to promote integrated code quality and code security throughout your development pipeline and promotion processes.

Need more languages, secrets detection, standards compliance, or AI features? Try SonarQube Server.