# Codacy vs SonarQube Comparison
---
## AI Generated Summary
- **G2 reviewers report** that SonarQube excels in overall user satisfaction, reflected in its significantly higher G2 Score compared to Codacy. Users appreciate its robust code suggestions and the ability to identify potential errors, which enhances code quality and developer productivity.
- **Users say** that Codacy offers a more intuitive experience, particularly highlighting its ease of integration with code repositories and its user-friendly security dashboard. Reviewers mention that the quality gates and static code analyses help maintain clean code effortlessly.
- **According to verified reviews** , SonarQube&#39;s deployment process is praised for its simplicity, especially in Kubernetes environments. Users find the integration with GitHub seamless, allowing for efficient scanning and immediate feedback on code quality.
- **Reviewers mention** that Codacy&#39;s support team is highly responsive and helpful, which enhances the overall user experience. Many users have expressed satisfaction with the immediate assistance they receive, making it a reliable choice for teams needing quick support.
- **G2 reviewers highlight** that while Codacy has a strong focus on small businesses, SonarQube is favored by larger enterprises, as evidenced by its broader market presence. This distinction may influence buyers depending on their organizational size and needs.
- **Users report** that both tools offer free entry-level pricing, making them accessible for teams looking to improve their code quality without upfront costs. However, SonarQube&#39;s extensive feature set may provide more value for larger teams seeking comprehensive analysis capabilities.



| | Codacy | SonarQube | 
|---|---|---|
| **Star Rating** | 4.6 out of 5 | 4.4 out of 5 | 
| **Total Reviews** | 29 | 152 | 
| **Largest Market Segment** | Small-Business (60.7% of reviews) | Enterprise (43.2% of reviews) | 
| **Entry Level Price** | Free | Free | 

---
## Top Pros & Cons

### Codacy

Pros:
- Security (2 reviews)
- Automation (1 reviews)

Cons:
- Expensive (1 reviews)

### SonarQube

Pros:
- Code Quality (24 reviews)
- Features (20 reviews)

Cons:
- Software Bugs (12 reviews)
- Complex Configuration (10 reviews)

---
## Ratings Comparison
| Rating | Codacy | SonarQube | 
|---|---|---|
  | **Meets Requirements** | 9.0 (20 reviews) | 8.8 (129 reviews) | 
  | **Ease of Use** | 9.1 (21 reviews) | 8.5 (132 reviews) | 
  | **Ease of Setup** | 9.0 (14 reviews) | 8.1 (91 reviews) | 
  | **Ease of Admin** | 8.9 (12 reviews) | 8.5 (69 reviews) | 
  | **Quality of Support** | 9.1 (15 reviews) | 8.2 (108 reviews) | 
  | **Has the product been a good partner in doing business?** | 9.1 (9 reviews) | 8.3 (62 reviews) | 
  | **Product Direction (% positive)** | 8.3 (21 reviews) | 8.7 (123 reviews) | 

---
## Pricing

### Codacy

#### Entry-Level Pricing

Plan: Developer

Price: Free

Description: IDE plugin for individual devs, with real-time feedback and AI guardrails in the editor

Key Features:
- Auto-fix AI code before it reaches the editor
- Scan-as-you-type
- Security Scans (SAST, SCA, Secrets)

[Browse all 3 editions](https://www.g2.com/products/codacy/pricing)

#### Free Trial

Yes

### SonarQube

#### Entry-Level Pricing

Plan: Free

Price: Free

Description: For developers wanting to try SonarQube.


Key Features:
- Scan of private projects limited to 50k lines of code
- Users limited to max. 5
- Architecture management

[Browse all 3 editions](https://www.g2.com/products/sonarqube/pricing)

#### Free Trial

Yes

---
## Features Comparison By Category

### Application Shielding

| Product | Score | Reviews |
|---|---|---|
| **Codacy** | N/A | N/A |
| **SonarQube** | N/A | N/A |

#### Protect

| Feature | Codacy | SonarQube | 
|---|---|---|
| **Login** | Not enough data | Not enough data | 
| **Data Injections** | Not enough data | Not enough data | 
| **Code** | Not enough data | Not enough data | 
| **Certificate Exploitation** | Not enough data | Not enough data | 
| **Advanced Awareness** | Not enough data | Not enough data | 
| **Digital Content** | Feature Not Available | Not enough data | 

#### Execute

| Feature | Codacy | SonarQube | 
|---|---|---|
| **Environment** | Not enough data | Not enough data | 
| **Compliance** | Not enough data | Not enough data | 
| **Cross-Platform Implementation** | Not enough data | Not enough data | 

### Static Application Security Testing (SAST)

| Product | Score | Reviews |
|---|---|---|
| **Codacy** | N/A | N/A |
| **SonarQube** | 7.3/10 | 34 |

#### Administration

| Feature | Codacy | SonarQube | 
|---|---|---|
| **API / Integrations** | Not enough data | 8.1 (23 reviews) | 
| **Extensibility** | Not enough data | 6.0 (20 reviews) | 

#### Analysis

| Feature | Codacy | SonarQube | 
|---|---|---|
| **Reporting and Analytics** | Not enough data | 7.4 (24 reviews) | 
| **Issue Tracking** | Not enough data | 8.0 (23 reviews) | 
| **Static Code Analysis** | Not enough data | 9.2 (29 reviews) | 
| **Code Analysis** | Not enough data | 9.1 (30 reviews) | 

#### Testing

| Feature | Codacy | SonarQube | 
|---|---|---|
| **Command-Line Tools** | Not enough data | 6.6 (18 reviews) | 
| **Manual Testing** | Not enough data | 6.0 (20 reviews) | 
| **Test Automation** | Not enough data | 6.4 (23 reviews) | 
| **Compliance Testing** | Not enough data | 6.9 (18 reviews) | 
| **Black-Box Scanning** | Not enough data | 6.8 (17 reviews) | 
| **Detection Rate** | Not enough data | 8.2 (21 reviews) | 
| **False Positives** | Not enough data | 6.9 (26 reviews) | 

#### Agentic AI - Static Application Security Testing (SAST)

| Feature | Codacy | SonarQube | 
|---|---|---|
| **Autonomous Task Execution** | Not enough data | 6.0 (5 reviews) | 

### Dynamic Application Security Testing (DAST)

| Product | Score | Reviews |
|---|---|---|
| **Codacy** | N/A | N/A |
| **SonarQube** | N/A | N/A |

#### Administration

| Feature | Codacy | SonarQube | 
|---|---|---|
| **API / Integrations** | Not enough data | Not enough data | 
| **Extensibility** | Not enough data | Not enough data | 

#### Analysis

| Feature | Codacy | SonarQube | 
|---|---|---|
| **Reporting and Analytics** | Not enough data | Not enough data | 
| **Issue Tracking** | Not enough data | Not enough data | 
| **Static Code Analysis** | Not enough data | Not enough data | 
| **Vulnerability Scan** | Not enough data | Not enough data | 
| **Code Analysis** | Not enough data | Not enough data | 

#### Testing

| Feature | Codacy | SonarQube | 
|---|---|---|
| **Manual Testing** | Not enough data | Not enough data | 
| **Test Automation** | Not enough data | Not enough data | 
| **Compliance Testing** | Not enough data | Not enough data | 
| **Black-Box Scanning** | Not enough data | Not enough data | 
| **Detection Rate** | Not enough data | Not enough data | 
| **False Positives** | Not enough data | Not enough data | 

### Software Development Analytics Tools

| Product | Score | Reviews |
|---|---|---|
| **Codacy** | N/A | N/A |
| **SonarQube** | 8.0/10 | 37 |

#### Functionality

| Feature | Codacy | SonarQube | 
|---|---|---|
| **Repository Integration** | Not enough data | 8.1 (32 reviews) | 
| **Analytics and Trends** | Not enough data | 8.5 (31 reviews) | 
| **Productivity Updates** | Not enough data | 8.2 (30 reviews) | 

#### Management

| Feature | Codacy | SonarQube | 
|---|---|---|
| **Historical Data Consolidation** | Not enough data | Feature Not Available | 
| **Data Context** | Not enough data | 7.5 (26 reviews) | 
| **Testing Integration** | Not enough data | 7.9 (30 reviews) | 

### Bug Tracking

| Product | Score | Reviews |
|---|---|---|
| **Codacy** | N/A | N/A |
| **SonarQube** | 8.2/10 | 13 |

#### Bug Reporting

| Feature | Codacy | SonarQube | 
|---|---|---|
| **User Reports &amp; Feedback** | Not enough data | 7.7 (10 reviews) | 
| **Tester Reports &amp; Feedback** | Not enough data | 8.0 (10 reviews) | 
| **Team Reports &amp; Comments** | Not enough data | 8.3 (10 reviews) | 

#### Bug Monitoring

| Feature | Codacy | SonarQube | 
|---|---|---|
| **Analytics** | Not enough data | 8.0 (11 reviews) | 
| **Bug History** | Not enough data | 8.3 (12 reviews) | 
| **Data Retention** | Not enough data | 8.6 (11 reviews) | 

#### Agentic AI - Bug Tracking

| Feature | Codacy | SonarQube | 
|---|---|---|
| **Adaptive Learning** | Not enough data | Not enough data | 
| **Natural Language Interaction** | Not enough data | Not enough data | 
| **Proactive Assistance** | Not enough data | Not enough data | 

### Software Composition Analysis

| Product | Score | Reviews |
|---|---|---|
| **Codacy** | N/A | N/A |
| **SonarQube** | N/A | N/A |

#### Functionality - Software Composition Analysis 

| Feature | Codacy | SonarQube | 
|---|---|---|
| **Language Support** | Not enough data | Not enough data | 
| **Integration** | Not enough data | Not enough data | 
| **Transparency** | Not enough data | Not enough data | 

#### Effectiveness - Software Composition Analysis

| Feature | Codacy | SonarQube | 
|---|---|---|
| **Remediation Suggestions** | Not enough data | Not enough data | 
| **Continuous Monitoring** | Not enough data | Not enough data | 
| **Thorough Detection** | Not enough data | Not enough data | 

### Secure Code Review

| Product | Score | Reviews |
|---|---|---|
| **Codacy** | N/A | N/A |
| **SonarQube** | 7.6/10 | 50 |

#### Documentation

| Feature | Codacy | SonarQube | 
|---|---|---|
| **Feedback** | Not enough data | 8.0 (44 reviews) | 
| **Prioritization** | Not enough data | 7.7 (38 reviews) | 
| **Remediation Suggestions** | Not enough data | 8.3 (41 reviews) | 

#### Security

| Feature | Codacy | SonarQube | 
|---|---|---|
| **False Positives** | Not enough data | 6.7 (39 reviews) | 
| **Custom Compliance** | Not enough data | 7.1 (35 reviews) | 
| **Agility** | Not enough data | 8.0 (39 reviews) | 

### Application Security

| Product | Score | Reviews |
|---|---|---|
| **Codacy** | N/A | N/A |
| **SonarQube** | N/A | N/A |

#### Generative AI

| Feature | Codacy | SonarQube | 
|---|---|---|
| **AI Text Summarization** | Not enough data | Not enough data | 

### Application Security Posture Management (ASPM)

| Product | Score | Reviews |
|---|---|---|
| **Codacy** | N/A | N/A |
| **SonarQube** | 8.5/10 | 7 |

#### Risk management - Application Security Posture Management (ASPM)

| Feature | Codacy | SonarQube | 
|---|---|---|
| **Vulnerability Management** | Not enough data | 9.3 (5 reviews) | 
| **Risk Assessment and Prioritization** | Not enough data | Feature Not Available | 
| **Compliance Management** | Not enough data | 9.0 (5 reviews) | 
| **Policy Enforcement** | Not enough data | 8.9 (6 reviews) | 

#### Integration and efficiency - Application Security Posture Management (ASPM)

| Feature | Codacy | SonarQube | 
|---|---|---|
| **Integration with Development Tools** | Not enough data | 7.8 (6 reviews) | 
| **Automation and Efficiency** | Not enough data | Feature Not Available | 

#### Reporting and Analytics - Application Security Posture Management (ASPM)

| Feature | Codacy | SonarQube | 
|---|---|---|
| **Trend Analysis** | Not enough data | 7.8 (6 reviews) | 
| **Risk Scoring** | Not enough data | Not enough data | 
| **Customizable Dashboards** | Not enough data | 8.3 (5 reviews) | 

#### Agentic AI  - Application Security Posture Management (ASPM)

| Feature | Codacy | SonarQube | 
|---|---|---|
| **Autonomous Task Execution** | Not enough data | Not enough data | 
| **Multi-step Planning** | Not enough data | Not enough data | 

### Software Bill of Materials (SBOM)

| Product | Score | Reviews |
|---|---|---|
| **Codacy** | N/A | N/A |
| **SonarQube** | N/A | N/A |

#### Functionality - Software Bill of Materials (SBOM)

| Feature | Codacy | SonarQube | 
|---|---|---|
| **Format Support** | Not enough data | Not enough data | 
| **Annotations** | Not enough data | Not enough data | 
| **Attestation** | Not enough data | Not enough data | 

#### Management - Software Bill of Materials (SBOM)

| Feature | Codacy | SonarQube | 
|---|---|---|
| **Monitoring** | Not enough data | Not enough data | 
| **Dashboards** | Not enough data | Not enough data | 
| **User Provisioning** | Not enough data | Not enough data | 

### AI Governance Tools

| Product | Score | Reviews |
|---|---|---|
| **Codacy** | N/A | N/A |
| **SonarQube** | N/A | N/A |

#### AI Compliance

| Feature | Codacy | SonarQube | 
|---|---|---|
| **Regulatory Reporting** | Not enough data | Not enough data | 
| **Automated Compliance** | Not enough data | Not enough data | 
| **Audit Trails** | Not enough data | Feature Not Available | 

#### Risk Management &amp; Monitoring

| Feature | Codacy | SonarQube | 
|---|---|---|
| **AI Risk Management** | Not enough data | Feature Not Available | 
| **Real-time Monitoring** | Not enough data | Not enough data | 

#### AI Lifecycle Management

| Feature | Codacy | SonarQube | 
|---|---|---|
| **Lifecycle Automation** | Not enough data | Feature Not Available | 

#### Access Control and Security

| Feature | Codacy | SonarQube | 
|---|---|---|
| **Pole-based Access Control (RBAC)** | Not enough data | Not enough data | 

#### Collaboration and Communication 

| Feature | Codacy | SonarQube | 
|---|---|---|
| **Model Sharing and Reuse** | Not enough data | Feature Not Available | 

#### Agentic AI - AI Governance Tools

| Feature | Codacy | SonarQube | 
|---|---|---|
| **Autonomous Task Execution** | Not enough data | Not enough data | 
| **Multi-step Planning** | Not enough data | Not enough data | 
| **Cross-system Integration** | Not enough data | Not enough data | 
| **Adaptive Learning** | Not enough data | Not enough data | 
| **Natural Language Interaction** | Not enough data | Not enough data | 
| **Proactive Assistance** | Not enough data | Feature Not Available | 
| **Decision Making** | Not enough data | Not enough data | 

### Static Code Analysis

| Product | Score | Reviews |
|---|---|---|
| **Codacy** | N/A | N/A |
| **SonarQube** | 6.2/10 | 10 |

#### Agentic AI - Static Code Analysis

| Feature | Codacy | SonarQube | 
|---|---|---|
| **Adaptive Learning** | Not enough data | 6.5 (10 reviews) | 
| **Natural Language Interaction** | Not enough data | 5.2 (8 reviews) | 
| **Proactive Assistance** | Not enough data | 6.9 (9 reviews) | 

### AI AppSec Assistants

| Product | Score | Reviews |
|---|---|---|
| **Codacy** | N/A | N/A |
| **SonarQube** | N/A | N/A |

#### Performance - AI AppSec Assistants

| Feature | Codacy | SonarQube | 
|---|---|---|
| **Remediation** | Not enough data | Not enough data | 
| **Real-time Vulnerability Detection** | Not enough data | Not enough data | 
| **Accuracy** | Not enough data | Not enough data | 

#### Integration - AI AppSec Assistants

| Feature | Codacy | SonarQube | 
|---|---|---|
| **Stack Integration** | Not enough data | Not enough data | 
| **Workflow Integration** | Not enough data | Not enough data | 
| **Codebase Contextual Awareness** | Not enough data | Not enough data | 

### Cloud Security

| Product | Score | Reviews |
|---|---|---|
| **Codacy** | N/A | N/A |
| **SonarQube** | N/A | N/A |

#### Cloud Visibility

| Feature | Codacy | SonarQube | 
|---|---|---|
| **Data Discovery** | Not enough data | Not enough data | 
| **Cloud Registry** | Not enough data | Not enough data | 
| **Cloud Gap Analytics** | Not enough data | Not enough data | 

#### Security

| Feature | Codacy | SonarQube | 
|---|---|---|
| **Data Security** | Not enough data | Not enough data | 
| **Data loss Prevention** | Not enough data | Not enough data | 
| **Security Auditing** | Not enough data | Not enough data | 

#### Identity

| Feature | Codacy | SonarQube | 
|---|---|---|
| **SSO** | Not enough data | Not enough data | 
| **Governance** | Not enough data | Not enough data | 
| **User Analytics** | Not enough data | Not enough data | 

---
## Categories
**Shared Categories (3):** [Static Application Security Testing (SAST) Software](https://www.g2.com/categories/static-application-security-testing-sast), [Static Code Analysis Tools](https://www.g2.com/categories/static-code-analysis), [Software Composition Analysis Tools](https://www.g2.com/categories/software-composition-analysis)

**Unique to Codacy (2):** [Application Shielding Software](https://www.g2.com/categories/application-shielding), [Dynamic Application Security Testing (DAST) Software](https://www.g2.com/categories/dynamic-application-security-testing-dast)

**Unique to SonarQube (7):** [Application Security Posture Management (ASPM) Software](https://www.g2.com/categories/application-security-posture-management-aspm), [Secure Code Review Software](https://www.g2.com/categories/secure-code-review), [Software Development Analytics Tools](https://www.g2.com/categories/software-development-analytics-tools), [Bug Tracking Software](https://www.g2.com/categories/bug-tracking), [Software Bill of Materials (SBOM) Software](https://www.g2.com/categories/software-bill-of-materials-sbom), [AI AppSec Assistants](https://www.g2.com/categories/ai-appsec-assistants), [ AI Governance Tools](https://www.g2.com/categories/ai-governance-tools)


---
## Reviewer Demographics

### By Company Size

| Segment | Codacy | SonarQube | 
|---|---|---|
| **Small-Business** | 60.7% | 16.9% | 
| **Mid-Market** | 21.4% | 39.9% | 
| **Enterprise** | 17.9% | 43.2% | 

### By Industry

#### Codacy

- **Computer Software:** 28.6%
- **Information Technology and Services:** 14.3%
- **Program Development:** 7.1%
- **Financial Services:** 7.1%
- **Security and Investigations:** 3.6%
- **Retail:** 3.6%
- **Logistics and Supply Chain:** 3.6%
- **Internet:** 3.6%
- **Insurance:** 3.6%
- **Higher Education:** 3.6%
- **Other:** 21.4%

#### SonarQube

- **Information Technology and Services:** 26.2%
- **Computer Software:** 22.1%
- **Financial Services:** 7.6%
- **Computer &amp; Network Security:** 3.4%
- **Banking:** 3.4%
- **Hospital &amp; Health Care:** 2.8%
- **Automotive:** 2.8%
- **Logistics and Supply Chain:** 2.1%
- **Medical Devices:** 2.1%
- **Aviation &amp; Aerospace:** 2.1%
- **Other:** 25.5%

---
## Alternatives

### Alternatives to Codacy

- [Checkmarx](https://www.g2.com/products/checkmarx/reviews) — 4.2/5 stars (47 reviews)
- [DeepSource](https://www.g2.com/products/deepsource/reviews) — 4.6/5 stars (22 reviews)
- [GitHub](https://www.g2.com/products/github/reviews) — 4.7/5 stars (2374 reviews)
- [Coverity](https://www.g2.com/products/coverity/reviews) — 4.2/5 stars (55 reviews)
- [GitLab](https://www.g2.com/products/gitlab/reviews) — 4.5/5 stars (897 reviews)
- [Wiz](https://www.g2.com/products/wiz-wiz/reviews) — 4.7/5 stars (824 reviews)
- [Cloudflare Application Security and Performance](https://www.g2.com/products/cloudflare-application-security-and-performance/reviews) — 4.5/5 stars (614 reviews)
- [Veracode Application Security Platform](https://www.g2.com/products/veracode-application-security-platform/reviews) — 3.8/5 stars (26 reviews)
- [Microsoft Defender for Cloud](https://www.g2.com/products/microsoft-defender-for-cloud/reviews) — 4.4/5 stars (347 reviews)
- [Harness Platform](https://www.g2.com/products/harness-platform/reviews) — 4.6/5 stars (304 reviews)

### Alternatives to SonarQube

- [GitHub](https://www.g2.com/products/github/reviews) — 4.7/5 stars (2374 reviews)
- [GitLab](https://www.g2.com/products/gitlab/reviews) — 4.5/5 stars (897 reviews)
- [Veracode Application Security Platform](https://www.g2.com/products/veracode-application-security-platform/reviews) — 3.8/5 stars (26 reviews)
- [Mend.io](https://www.g2.com/products/mend-io/reviews) — 4.3/5 stars (114 reviews)
- [Semgrep](https://www.g2.com/products/semgrep/reviews) — 4.6/5 stars (56 reviews)
- [Snyk](https://www.g2.com/products/snyk/reviews) — 4.5/5 stars (135 reviews)
- [Aikido Security](https://www.g2.com/products/aikido-security/reviews) — 4.6/5 stars (145 reviews)
- [Checkmarx](https://www.g2.com/products/checkmarx/reviews) — 4.2/5 stars (47 reviews)
- [Kiuwan Code Security &amp; Insights](https://www.g2.com/products/kiuwan-code-security-insights/reviews) — 4.5/5 stars (34 reviews)
- [Embold](https://www.g2.com/products/embold/reviews) — 4.7/5 stars (18 reviews)

---
## Top Discussions

### Codacy

No discussions available for this product.

### SonarQube

No discussions available for this product.

---
**Source:** [G2.com](https://www.g2.com) | [Comparison Page](https://www.g2.com/compare/codacy-vs-sonarqube)

