# GitLab vs SonarQube Comparison --- ## AI Generated Summary - **G2 reviewers report** that SonarQube excels in providing **actionable insights** directly within pull requests, making it easier for developers to identify and address issues quickly. Users appreciate the **quality gates** that enhance DevOps automation, ensuring code quality throughout the development process. - **According to verified reviews** , GitLab stands out for its **self-hosting capabilities** , allowing teams to maintain control over their code repositories and CI/CD environments. Users value the comprehensive visibility it offers across the software development lifecycle, which is crucial for effective project management. - **Reviewers mention** that while SonarQube provides a robust dashboard for monitoring code health, it sometimes faces challenges in meeting specific workflow needs, with some users noting configuration difficulties. However, its performance in static code analysis is highly praised, with users highlighting its efficiency and low resource consumption. - **Users say** that GitLab's integration capabilities are a significant advantage, particularly its strong security features and identity governance controls. This makes it a preferred choice for teams looking for a comprehensive solution that combines development and security seamlessly. - **G2 reviewers highlight** that SonarQube's ease of integration into CI/CD pipelines is a major plus, with many users noting how quickly it can be set up to provide a complete view of the codebase. This quick implementation process is often cited as a key benefit for teams looking to enhance their development workflows. - **According to recent feedback** , GitLab's documentation for setting up CI/CD pipelines is well-received, making it easier for teams to automate processes. However, some users feel that it lacks certain features compared to SonarQube, which may impact teams with more specialized needs. | | GitLab | SonarQube | |---|---|---| | **Star Rating** | 4.5 out of 5 | 4.4 out of 5 | | **Total Reviews** | 893 | 141 | | **Largest Market Segment** | Small-Business (36.9% of reviews) | Enterprise (42.0% of reviews) | | **Entry Level Price** | No pricing available | Free | --- ## Top Pros & Cons ### GitLab Pros: - Ease of Use (40 reviews) - Features (39 reviews) Cons: - Complexity (20 reviews) - Difficult Learning (19 reviews) ### SonarQube Pros: - Code Quality (24 reviews) - Features (20 reviews) Cons: - Software Bugs (12 reviews) - Complex Configuration (10 reviews) --- ## Ratings Comparison | Rating | GitLab | SonarQube | |---|---|---| | **Meets Requirements** | 9.1 (679 reviews) | 8.8 (119 reviews) | | **Ease of Use** | 8.7 (683 reviews) | 8.5 (122 reviews) | | **Ease of Setup** | 8.7 (242 reviews) | 8.1 (81 reviews) | | **Ease of Admin** | 8.6 (173 reviews) | 8.5 (67 reviews) | | **Quality of Support** | 8.5 (541 reviews) | 8.2 (101 reviews) | | **Has the product been a good partner in doing business?** | 8.8 (148 reviews) | 8.3 (60 reviews) | | **Product Direction (% positive)** | 8.8 (644 reviews) | 8.6 (115 reviews) | --- ## Pricing ### GitLab #### Entry-Level Pricing No pricing available #### Free Trial Yes ### SonarQube #### Entry-Level Pricing Plan: Free Price: Free Description: For developers wanting to try SonarQube. Key Features: - Scan of private projects limited to 50k lines of code - Users limited to max. 5 - Architecture management [Browse all 3 editions](https://www.g2.com/products/sonarqube/pricing) #### Free Trial Yes --- ## Features Comparison By Category ### Application Release Orchestration | Product | Score | Reviews | |---|---|---| | **GitLab** | 8.7/10 | 147 | | **SonarQube** | N/A | N/A | #### Administration | Feature | GitLab | SonarQube | |---|---|---| | **Configuration Management** | 8.7 (125 reviews) | Not enough data | | **Access Control** | 8.9 (131 reviews) | Not enough data | | **Dashboards** | 8.6 (125 reviews) | Not enough data | #### Functionality | Feature | GitLab | SonarQube | |---|---|---| | **Deployment Automation** | 9.0 (132 reviews) | Not enough data | | **Process Analytics** | 8.5 (115 reviews) | Not enough data | | **Plugins** | 8.5 (109 reviews) | Not enough data | | **APIs / Integrations** | 8.7 (114 reviews) | Not enough data | | **Feature Flags** | 8.6 (103 reviews) | Not enough data | #### Processes | Feature | GitLab | SonarQube | |---|---|---| | **Pipelines** | 9.1 (135 reviews) | Not enough data | | **Orchestration** | 9.0 (122 reviews) | Not enough data | | **Workflow Visualization** | 8.7 (122 reviews) | Not enough data | ### Static Application Security Testing (SAST) | Product | Score | Reviews | |---|---|---| | **GitLab** | 9.0/10 | 37 | | **SonarQube** | 7.3/10 | 25 | #### Administration | Feature | GitLab | SonarQube | |---|---|---| | **API / Integrations** | 9.3 (33 reviews) | 7.9 (20 reviews) | | **Extensibility** | 9.0 (29 reviews) | 6.0 (20 reviews) | #### Analysis | Feature | GitLab | SonarQube | |---|---|---| | **Reporting and Analytics** | 8.8 (28 reviews) | 7.4 (21 reviews) | | **Issue Tracking** | 9.1 (30 reviews) | 8.0 (20 reviews) | | **Static Code Analysis** | 9.2 (28 reviews) | 9.0 (23 reviews) | | **Code Analysis** | 8.9 (28 reviews) | 9.1 (23 reviews) | #### Testing | Feature | GitLab | SonarQube | |---|---|---| | **Command-Line Tools** | 8.8 (30 reviews) | 6.6 (18 reviews) | | **Manual Testing** | 8.8 (27 reviews) | 5.9 (19 reviews) | | **Test Automation** | 9.2 (30 reviews) | 6.0 (21 reviews) | | **Compliance Testing** | 8.8 (26 reviews) | 6.9 (18 reviews) | | **Black-Box Scanning** | 8.9 (25 reviews) | 6.8 (17 reviews) | | **Detection Rate** | 8.5 (25 reviews) | 8.2 (21 reviews) | | **False Positives** | 8.8 (24 reviews) | 6.7 (23 reviews) | #### Agentic AI - Static Application Security Testing (SAST) | Feature | GitLab | SonarQube | |---|---|---| | **Autonomous Task Execution** | Not enough data | Not enough data | ### Dynamic Application Security Testing (DAST) | Product | Score | Reviews | |---|---|---| | **GitLab** | 9.0/10 | 27 | | **SonarQube** | N/A | N/A | #### Administration | Feature | GitLab | SonarQube | |---|---|---| | **API / Integrations** | 9.2 (25 reviews) | Not enough data | | **Extensibility** | 8.9 (24 reviews) | Not enough data | #### Analysis | Feature | GitLab | SonarQube | |---|---|---| | **Reporting and Analytics** | 8.5 (24 reviews) | Not enough data | | **Issue Tracking** | 9.2 (24 reviews) | Not enough data | | **Static Code Analysis** | 8.8 (24 reviews) | Not enough data | | **Vulnerability Scan** | 8.9 (24 reviews) | Not enough data | | **Code Analysis** | 9.0 (24 reviews) | Not enough data | #### Testing | Feature | GitLab | SonarQube | |---|---|---| | **Manual Testing** | 8.6 (23 reviews) | Not enough data | | **Test Automation** | 9.1 (23 reviews) | Not enough data | | **Compliance Testing** | 8.9 (22 reviews) | Not enough data | | **Black-Box Scanning** | 9.0 (21 reviews) | Not enough data | | **Detection Rate** | 9.0 (20 reviews) | Not enough data | | **False Positives** | 9.1 (21 reviews) | Not enough data | ### Cloud Infrastructure Automation | Product | Score | Reviews | |---|---|---| | **GitLab** | 8.8/10 | 92 | | **SonarQube** | N/A | N/A | #### Administration | Feature | GitLab | SonarQube | |---|---|---| | **Administration Console** | 8.7 (77 reviews) | Not enough data | | **Task Management** | 8.7 (78 reviews) | Not enough data | | **Dashboards and Visualizations** | 8.7 (75 reviews) | Not enough data | | **Access Control** | 8.8 (81 reviews) | Not enough data | #### Automation | Feature | GitLab | SonarQube | |---|---|---| | **Test Automation** | 8.9 (79 reviews) | Not enough data | | **Intelligent Automation** | 8.4 (72 reviews) | Not enough data | | **Release Automation** | 9.0 (80 reviews) | Not enough data | | **Automated Provisioning** | 8.7 (73 reviews) | Not enough data | #### IT Management | Feature | GitLab | SonarQube | |---|---|---| | **Workflow Management** | 8.7 (75 reviews) | Not enough data | | **Infrastructure Management** | 8.9 (74 reviews) | Not enough data | | **IT Discovery** | 8.6 (71 reviews) | Not enough data | ### Continuous Delivery | Product | Score | Reviews | |---|---|---| | **GitLab** | 8.3/10 | 249 | | **SonarQube** | N/A | N/A | #### Functionality | Feature | GitLab | SonarQube | |---|---|---| | **Deployment-Ready Staging** | 8.8 (218 reviews) | Not enough data | | **Integration** | 9.0 (223 reviews) | Not enough data | | **Extensible** | 8.7 (204 reviews) | Not enough data | #### Management | Feature | GitLab | SonarQube | |---|---|---| | **Processes and Workflow** | 8.8 (207 reviews) | Not enough data | | **Reporting** | 8.3 (194 reviews) | Not enough data | | **Automation** | 8.9 (216 reviews) | Not enough data | #### Agentic AI - Continuous Delivery | Feature | GitLab | SonarQube | |---|---|---| | **Autonomous Task Execution** | 8.0 (9 reviews) | Not enough data | | **Cross-system Integration** | 8.3 (11 reviews) | Not enough data | | **Adaptive Learning** | 7.5 (10 reviews) | Not enough data | | **Natural Language Interaction** | 7.5 (10 reviews) | Not enough data | | **Proactive Assistance** | 7.2 (9 reviews) | Not enough data | ### Software Development Analytics Tools | Product | Score | Reviews | |---|---|---| | **GitLab** | N/A | N/A | | **SonarQube** | 8.0/10 | 35 | #### Functionality | Feature | GitLab | SonarQube | |---|---|---| | **Repository Integration** | Not enough data | 8.1 (32 reviews) | | **Analytics and Trends** | Not enough data | 8.5 (31 reviews) | | **Productivity Updates** | Not enough data | 8.2 (29 reviews) | #### Management | Feature | GitLab | SonarQube | |---|---|---| | **Historical Data Consolidation** | Not enough data | Feature Not Available | | **Data Context** | Not enough data | 7.5 (26 reviews) | | **Testing Integration** | Not enough data | 7.9 (29 reviews) | ### Bug Tracking | Product | Score | Reviews | |---|---|---| | **GitLab** | 8.5/10 | 169 | | **SonarQube** | 8.1/10 | 11 | #### Bug Reporting | Feature | GitLab | SonarQube | |---|---|---| | **User Reports & Feedback** | 8.6 (139 reviews) | 7.7 (10 reviews) | | **Tester Reports & Feedback** | 8.5 (134 reviews) | 8.0 (10 reviews) | | **Team Reports & Comments** | 8.6 (142 reviews) | 8.3 (10 reviews) | #### Bug Monitoring | Feature | GitLab | SonarQube | |---|---|---| | **Analytics** | 8.5 (139 reviews) | 7.8 (10 reviews) | | **Bug History** | 8.8 (147 reviews) | 8.2 (10 reviews) | | **Data Retention** | 8.8 (136 reviews) | 8.5 (10 reviews) | #### Agentic AI - Bug Tracking | Feature | GitLab | SonarQube | |---|---|---| | **Adaptive Learning** | 8.3 (9 reviews) | Not enough data | | **Natural Language Interaction** | 8.1 (9 reviews) | Not enough data | | **Proactive Assistance** | 8.3 (8 reviews) | Not enough data | ### Software Composition Analysis | Product | Score | Reviews | |---|---|---| | **GitLab** | 8.9/10 | 78 | | **SonarQube** | N/A | N/A | #### Functionality - Software Composition Analysis | Feature | GitLab | SonarQube | |---|---|---| | **Language Support** | 8.7 (66 reviews) | Not enough data | | **Integration** | 8.8 (72 reviews) | Not enough data | | **Transparency** | 8.7 (67 reviews) | Not enough data | #### Effectiveness - Software Composition Analysis | Feature | GitLab | SonarQube | |---|---|---| | **Remediation Suggestions** | 8.8 (64 reviews) | Not enough data | | **Continuous Monitoring** | 9.0 (64 reviews) | Not enough data | | **Thorough Detection** | 9.0 (62 reviews) | Not enough data | ### DevOps Platforms | Product | Score | Reviews | |---|---|---| | **GitLab** | 8.8/10 | 182 | | **SonarQube** | N/A | N/A | #### Management | Feature | GitLab | SonarQube | |---|---|---| | **Configuration Management** | 8.8 (150 reviews) | Not enough data | | **Access Control** | 8.8 (152 reviews) | Not enough data | | **Orchestration** | 8.5 (139 reviews) | Not enough data | #### Functionality | Feature | GitLab | SonarQube | |---|---|---| | **Automation** | 8.8 (158 reviews) | Not enough data | | **Integrations** | 8.8 (156 reviews) | Not enough data | | **Extensibility** | 8.6 (141 reviews) | Not enough data | #### Processes | Feature | GitLab | SonarQube | |---|---|---| | **Pipeline Control** | 9.0 (162 reviews) | Not enough data | | **Workflow Visualization** | 8.5 (144 reviews) | Not enough data | | **Continuous Deployment** | 9.0 (162 reviews) | Not enough data | ### Continuous Integration | Product | Score | Reviews | |---|---|---| | **GitLab** | 8.1/10 | 249 | | **SonarQube** | N/A | N/A | #### Functionality | Feature | GitLab | SonarQube | |---|---|---| | **Integrations** | 8.9 (229 reviews) ✓ Verified | Not enough data | | **Extensibility** | 8.6 (210 reviews) ✓ Verified | Not enough data | | **Test Customization** | 8.4 (204 reviews) ✓ Verified | Not enough data | #### Management | Feature | GitLab | SonarQube | |---|---|---| | **Automation** | 8.9 (219 reviews) ✓ Verified | Not enough data | | **Processes and Workflow** | 8.8 (217 reviews) ✓ Verified | Not enough data | | **Reporting** | 8.4 (199 reviews) ✓ Verified | Not enough data | #### Agentic AI - Continuous Integration | Feature | GitLab | SonarQube | |---|---|---| | **Autonomous Task Execution** | 7.5 (12 reviews) | Not enough data | | **Cross-system Integration** | 7.8 (13 reviews) | Not enough data | | **Adaptive Learning** | 7.4 (11 reviews) | Not enough data | | **Natural Language Interaction** | 7.1 (11 reviews) | Not enough data | | **Proactive Assistance** | 7.6 (11 reviews) | Not enough data | ### Secure Code Review | Product | Score | Reviews | |---|---|---| | **GitLab** | 8.5/10 | 133 | | **SonarQube** | 7.5/10 | 45 | #### Documentation | Feature | GitLab | SonarQube | |---|---|---| | **Feedback** | 8.8 (117 reviews) | 8.0 (42 reviews) | | **Prioritization** | 8.6 (112 reviews) | 7.6 (37 reviews) | | **Remediation Suggestions** | 8.4 (112 reviews) | 8.3 (38 reviews) | #### Security | Feature | GitLab | SonarQube | |---|---|---| | **False Positives** | 8.0 (101 reviews) | 6.7 (37 reviews) | | **Custom Compliance** | 8.4 (101 reviews) | 7.0 (34 reviews) | | **Agility** | 9.0 (110 reviews) | 7.9 (37 reviews) | ### AI Code Generation | Product | Score | Reviews | |---|---|---| | **GitLab** | N/A | N/A | | **SonarQube** | N/A | N/A | #### Functionality | Feature | GitLab | SonarQube | |---|---|---| | **Accuracy** | Not enough data | Not enough data | | **Input processing** | Not enough data | Not enough data | | **Interface** | Not enough data | Not enough data | | **Code quality** | Not enough data | Not enough data | #### Support | Feature | GitLab | SonarQube | |---|---|---| | **Community** | Not enough data | Not enough data | | **Update schedule** | Not enough data | Not enough data | | **Documentation** | Not enough data | Not enough data | #### Agentic AI - AI Code Generation | Feature | GitLab | SonarQube | |---|---|---| | **Cross-system Integration** | Not enough data | Not enough data | | **Adaptive Learning** | Not enough data | Not enough data | | **Natural Language Interaction** | Not enough data | Not enough data | | **Proactive Assistance** | Not enough data | Not enough data | | **Decision Making** | Not enough data | Not enough data | ### Application Security Posture Management (ASPM) | Product | Score | Reviews | |---|---|---| | **GitLab** | N/A | N/A | | **SonarQube** | 8.5/10 | 7 | #### Risk management - Application Security Posture Management (ASPM) | Feature | GitLab | SonarQube | |---|---|---| | **Vulnerability Management** | Not enough data | 9.3 (5 reviews) | | **Risk Assessment and Prioritization** | Not enough data | Feature Not Available | | **Compliance Management** | Not enough data | 9.0 (5 reviews) | | **Policy Enforcement** | Not enough data | 8.9 (6 reviews) | #### Integration and efficiency - Application Security Posture Management (ASPM) | Feature | GitLab | SonarQube | |---|---|---| | **Integration with Development Tools** | Not enough data | 7.8 (6 reviews) | | **Automation and Efficiency** | Not enough data | Feature Not Available | #### Reporting and Analytics - Application Security Posture Management (ASPM) | Feature | GitLab | SonarQube | |---|---|---| | **Trend Analysis** | Not enough data | 7.8 (6 reviews) | | **Risk Scoring** | Not enough data | Not enough data | | **Customizable Dashboards** | Not enough data | 8.3 (5 reviews) | #### Agentic AI - Application Security Posture Management (ASPM) | Feature | GitLab | SonarQube | |---|---|---| | **Autonomous Task Execution** | Not enough data | Not enough data | | **Multi-step Planning** | Not enough data | Not enough data | ### Software Bill of Materials (SBOM) | Product | Score | Reviews | |---|---|---| | **GitLab** | N/A | N/A | | **SonarQube** | N/A | N/A | #### Functionality - Software Bill of Materials (SBOM) | Feature | GitLab | SonarQube | |---|---|---| | **Format Support** | Not enough data | Not enough data | | **Annotations** | Not enough data | Not enough data | | **Attestation** | Not enough data | Not enough data | #### Management - Software Bill of Materials (SBOM) | Feature | GitLab | SonarQube | |---|---|---| | **Monitoring** | Not enough data | Not enough data | | **Dashboards** | Not enough data | Not enough data | | **User Provisioning** | Not enough data | Not enough data | ### AI Governance Tools | Product | Score | Reviews | |---|---|---| | **GitLab** | N/A | N/A | | **SonarQube** | N/A | N/A | #### AI Compliance | Feature | GitLab | SonarQube | |---|---|---| | **Regulatory Reporting** | Not enough data | Not enough data | | **Automated Compliance** | Not enough data | Not enough data | | **Audit Trails** | Not enough data | Feature Not Available | #### Risk Management & Monitoring | Feature | GitLab | SonarQube | |---|---|---| | **AI Risk Management** | Not enough data | Feature Not Available | | **Real-time Monitoring** | Not enough data | Not enough data | #### AI Lifecycle Management | Feature | GitLab | SonarQube | |---|---|---| | **Lifecycle Automation** | Not enough data | Feature Not Available | #### Access Control and Security | Feature | GitLab | SonarQube | |---|---|---| | **Pole-based Access Control (RBAC)** | Not enough data | Not enough data | #### Collaboration and Communication | Feature | GitLab | SonarQube | |---|---|---| | **Model Sharing and Reuse** | Not enough data | Feature Not Available | #### Agentic AI - AI Governance Tools | Feature | GitLab | SonarQube | |---|---|---| | **Autonomous Task Execution** | Not enough data | Not enough data | | **Multi-step Planning** | Not enough data | Not enough data | | **Cross-system Integration** | Not enough data | Not enough data | | **Adaptive Learning** | Not enough data | Not enough data | | **Natural Language Interaction** | Not enough data | Not enough data | | **Proactive Assistance** | Not enough data | Feature Not Available | | **Decision Making** | Not enough data | Not enough data | ### Static Code Analysis | Product | Score | Reviews | |---|---|---| | **GitLab** | N/A | N/A | | **SonarQube** | 6.2/10 | 8 | #### Agentic AI - Static Code Analysis | Feature | GitLab | SonarQube | |---|---|---| | **Adaptive Learning** | Not enough data | 6.3 (8 reviews) | | **Natural Language Interaction** | Not enough data | 5.7 (7 reviews) | | **Proactive Assistance** | Not enough data | 6.7 (8 reviews) | ### AI AppSec Assistants | Product | Score | Reviews | |---|---|---| | **GitLab** | N/A | N/A | | **SonarQube** | N/A | N/A | #### Performance - AI AppSec Assistants | Feature | GitLab | SonarQube | |---|---|---| | **Remediation** | Not enough data | Not enough data | | **Real-time Vulnerability Detection** | Not enough data | Not enough data | | **Accuracy** | Not enough data | Not enough data | #### Integration - AI AppSec Assistants | Feature | GitLab | SonarQube | |---|---|---| | **Stack Integration** | Not enough data | Not enough data | | **Workflow Integration** | Not enough data | Not enough data | | **Codebase Contextual Awareness** | Not enough data | Not enough data | ### Cloud Security | Product | Score | Reviews | |---|---|---| | **GitLab** | N/A | N/A | | **SonarQube** | N/A | N/A | #### Cloud Visibility | Feature | GitLab | SonarQube | |---|---|---| | **Data Discovery** | Not enough data | Not enough data | | **Cloud Registry** | Not enough data | Not enough data | | **Cloud Gap Analytics** | Not enough data | Not enough data | #### Security | Feature | GitLab | SonarQube | |---|---|---| | **Data Security** | Not enough data | Not enough data | | **Data loss Prevention** | Not enough data | Not enough data | | **Security Auditing** | Not enough data | Not enough data | #### Identity | Feature | GitLab | SonarQube | |---|---|---| | **SSO** | Not enough data | Not enough data | | **Governance** | Not enough data | Not enough data | | **User Analytics** | Not enough data | Not enough data | ### Value Stream Management | Product | Score | Reviews | |---|---|---| | **GitLab** | 8.8/10 | 49 | | **SonarQube** | N/A | N/A | #### Value Analysis | Feature | GitLab | SonarQube | |---|---|---| | **Metric Relevance** | 8.9 (40 reviews) | Not enough data | | **Insight** | 8.7 (41 reviews) | Not enough data | | **Impact Predictions** | 8.6 (36 reviews) | Not enough data | | **Report Generation** | 8.9 (38 reviews) | Not enough data | #### Value Management | Feature | GitLab | SonarQube | |---|---|---| | **Planning Tools** | 9.0 (39 reviews) | Not enough data | | **Communication Tools** | 8.7 (42 reviews) | Not enough data | | **Control** | 8.9 (40 reviews) | Not enough data | --- ## Categories **Shared Categories (4):** [Secure Code Review Software](https://www.g2.com/categories/secure-code-review), [Software Composition Analysis Tools](https://www.g2.com/categories/software-composition-analysis), [Static Application Security Testing (SAST) Software](https://www.g2.com/categories/static-application-security-testing-sast), [Bug Tracking Software](https://www.g2.com/categories/bug-tracking) **Unique to GitLab (10):** [DevOps Platforms](https://www.g2.com/categories/devops-platforms), [Value Stream Management Software](https://www.g2.com/categories/value-stream-management), [Cloud Infrastructure Automation Software](https://www.g2.com/categories/cloud-infrastructure-automation), [Dynamic Application Security Testing (DAST) Software](https://www.g2.com/categories/dynamic-application-security-testing-dast), [Application Release Orchestration (ARO) Tools](https://www.g2.com/categories/application-release-orchestration), [Version Control Hosting Software](https://www.g2.com/categories/version-control-hosting), [Peer Code Review Software](https://www.g2.com/categories/peer-code-review), [Continuous Delivery Tools](https://www.g2.com/categories/continuous-delivery-tools), [Continuous Integration Tools](https://www.g2.com/categories/continuous-integration), [AI Code Generation Software](https://www.g2.com/categories/ai-code-generation) **Unique to SonarQube (6):** [Application Security Posture Management (ASPM) Software](https://www.g2.com/categories/application-security-posture-management-aspm), [Software Development Analytics Tools](https://www.g2.com/categories/software-development-analytics-tools), [Static Code Analysis Tools](https://www.g2.com/categories/static-code-analysis), [Software Bill of Materials (SBOM) Software](https://www.g2.com/categories/software-bill-of-materials-sbom), [AI AppSec Assistants](https://www.g2.com/categories/ai-appsec-assistants), [ AI Governance Tools](https://www.g2.com/categories/ai-governance-tools) --- ## Reviewer Demographics ### By Company Size | Segment | GitLab | SonarQube | |---|---|---| | **Small-Business** | 36.9% | 18.1% | | **Mid-Market** | 36.5% | 39.9% | | **Enterprise** | 26.6% | 42.0% | ### By Industry #### GitLab - **Computer Software:** 33.4% - **Information Technology and Services:** 24.4% - **Internet:** 3.9% - **Financial Services:** 3.4% - **Telecommunications:** 2.4% - **Computer & Network Security:** 2.2% - **Marketing and Advertising:** 1.9% - **Banking:** 1.8% - **Retail:** 1.8% - **Program Development:** 1.6% - **Other:** 23.1% #### SonarQube - **Information Technology and Services:** 26.7% - **Computer Software:** 20.7% - **Financial Services:** 7.4% - **Banking:** 3.7% - **Computer & Network Security:** 3.0% - **Hospital & Health Care:** 3.0% - **Manufacturing:** 2.2% - **Automotive:** 2.2% - **Aviation & Aerospace:** 2.2% - **Telecommunications:** 2.2% - **Other:** 26.7% --- ## Alternatives ### Alternatives to GitLab - [GitHub](https://www.g2.com/products/github/reviews) — 4.7/5 stars (2363 reviews) - [CloudBees](https://www.g2.com/products/cloudbees/reviews) — 4.4/5 stars (621 reviews) - [Red Hat Ansible Automation Platform](https://www.g2.com/products/red-hat-ansible-automation-platform/reviews) — 4.6/5 stars (377 reviews) - [Harness Platform](https://www.g2.com/products/harness-platform/reviews) — 4.6/5 stars (281 reviews) - [Jenkins](https://www.g2.com/products/jenkins/reviews) — 4.4/5 stars (567 reviews) - [CircleCI](https://www.g2.com/products/circleci/reviews) — 4.4/5 stars (509 reviews) - [Azure Pipelines](https://www.g2.com/products/azure-pipelines/reviews) — 4.3/5 stars (375 reviews) - [Copado DevOps](https://www.g2.com/products/copado-devops/reviews) — 4.4/5 stars (329 reviews) - [Azure DevOps Server](https://www.g2.com/products/azure-devops-server/reviews) — 4.2/5 stars (198 reviews) - [Bitbucket](https://www.g2.com/products/bitbucket/reviews) — 4.4/5 stars (1011 reviews) ### Alternatives to SonarQube - [GitHub](https://www.g2.com/products/github/reviews) — 4.7/5 stars (2363 reviews) - [Veracode Application Security Platform](https://www.g2.com/products/veracode-application-security-platform/reviews) — 3.8/5 stars (26 reviews) - [Mend.io](https://www.g2.com/products/mend-io/reviews) — 4.3/5 stars (112 reviews) - [Semgrep](https://www.g2.com/products/semgrep/reviews) — 4.6/5 stars (55 reviews) - [Snyk](https://www.g2.com/products/snyk/reviews) — 4.5/5 stars (132 reviews) - [Aikido Security](https://www.g2.com/products/aikido-security/reviews) — 4.6/5 stars (141 reviews) - [Checkmarx](https://www.g2.com/products/checkmarx/reviews) — 4.2/5 stars (40 reviews) - [Kiuwan Code Security & Insights](https://www.g2.com/products/kiuwan-code-security-insights/reviews) — 4.5/5 stars (34 reviews) - [Embold](https://www.g2.com/products/embold/reviews) — 4.7/5 stars (18 reviews) - [Microsoft Defender for Cloud](https://www.g2.com/products/microsoft-defender-for-cloud/reviews) — 4.4/5 stars (310 reviews) --- ## Top Discussions ### GitLab - Title: [Is GitLab paid?](https://www.g2.com/discussions/is-gitlab-paid) — 5 comments, 2 upvotes > **Top comment:** "Yes, Gitlab is paid as it provides the flexibility to use all the features of the GitHub and Git as well as the freedom to use your own DataBase so that you..." - Title: [Is GitLab free software?](https://www.g2.com/discussions/is-gitlab-free-software) — 4 comments, 1 upvote > **Top comment:** "Yes most of the functinalities are" - Title: [What is GitLab used for?](https://www.g2.com/discussions/what-is-gitlab-used-for) — 2 comments > **Top comment:** "It is an alternative to GitHub or BitBucket, it handles code versioning and also deployments among other things" - Title: [What can GitLab do?](https://www.g2.com/discussions/what-can-gitlab-do) — 2 comments > **Top comment:** "Gitlab can keep your source on cloud, It can run continuous deployment, continuous integration pipelines, It can even track issues." - Title: [Why does GitLab Server goes down?](https://www.g2.com/discussions/why-does-gitlab-server-goes-down) — 2 comments, 1 upvote > **Top comment:** "-We determine if the GitLab server is returning an error message that indicates some sort of problem. These types of errors generally mean that a visitor --..." ### SonarQube No discussions available for this product. --- **Source:** [G2.com](https://www.g2.com) | [Comparison Page](https://www.g2.com/compare/gitlab-vs-sonarqube)