Coming from an older Community Build version? Check the upgrade path.
FREE & OPEN SOURCE
SonarQube Community Build
SonarQube Community Build provides development teams with a workflow-integrated code analysis solution for automated code review, so they can protect its quality and security. SonarQube Community Build supports dozens of popular and classic programming languages, frameworks and cloud technologies.

The tooling you need for automated code review
Enable your team to systematically deliver code that meets high standards for code quality and code security, for every project, at every step in the workflow.
Popular & classic languages support
Analyze the quality of the code in your preferred language. Support for dozens of popular & classic languages, frameworks & web technologies.
与热门 DevOps 平台集成
轻松载入项目。与 GitHub Actions、GitLab CI/CD、Azure Pipelines、Bitbucket Pipelines 和 Jenkins 集成,以便自动触发分析并显示所编写代码的健康状态。
清楚的通过/不通过 Sonar 质量门
当代码质量不符合您定义的标准时,构建管道就会失败。防止问题被合并或发布,从而降低风险并节省因在 SDLC 中延迟发现问题而产生的成本。
一流的分析速度和准确性
在几分钟内即可收到可执行的整洁代码指标,而 不用等待数小时。Clean as You Code 会在您编写时检查较小的代码片段,为您提供有关新代码质量的准确反馈。
统一的共享配置
制定具体的编码标准,让团队始终保持代码健康,实现代码质量目标。此外,Learn as You Code 还能将开发人员的技能提升到同样的高度。
SonarQube for IDE
添加 SonarQube for IDE 扩展并将其连接到 SonarQube 服务器,以便在编码时动态查找编码问题,并确保您的团队遵循单一受监管的编码标准。
21 languages, frameworks, and IaC
The best way to improve the health of your code
Focus on new code
SonarQube encourages developers to focus on new or changed code, setting clear quality expectations for the team and ensuring they deliver reliable, secure code every day.

Use a quality gate
The built-in Sonar quality gate provides a clear indicator if new or changed code meets the standards you have set. If it does, you can be confident it's fit for production.

Give feedback quickly
Increase development team speed and efficiency, reduce team friction and empower developers through rapid issue identification and short resolution timeframes.

Full DevOps integration
IDE Integration
SonarQube for IDE catches coding issues on the fly in your dev environment, with extensions for JetBrains, VS Code, Visual Studio and Eclipse.
Build Integration
Out-of-the box support for popular CI engines such as Jenkins, Azure DevOps, TeamCity and CircleCI along with build platforms such as Gradle and Maven.
Pipeline and Promotion
SonarQube makes it easy to promote integrated code quality and code security throughout your development pipeline and promotion processes.