SonarQube Reviews & Product Details

SonarQube is the industry leader in automated code review, serving as the verification layer for code quality and security in the AI-powered SDLC. SonarQube ensures all code—whether written by developers, AI, or AI agents—is secure, reliable, and maintainable. Available through SaaS or self-managed deployment, SonarQube automatically analyzes pull and merge requests, providing developers with clear, actionable feedback and AI-driven fixes before code is merged. Rooted in the open source community, Sonar is trusted by 7M+ developers globally, including teams at Snowflake, Booking.com, Deutsche Bank, AstraZeneca, and Ford Motor Company.

Product Website

Seller

SonarSource Sàrl

Discussions

SonarQube Community

Languages Supported

English

Overview by

London Sarabia

Pricing

Pricing provided by SonarQube.

Cloud - based: Free

Free

View More Pricing Information

SonarQube Integrations

(42)

Verified by SonarQube

SonarQube Media

A one-pager about SonarQube.

A product screenshot of the application status view in SonarQube.

A product screenshot of security reports in SonarQube.

A product screenshot of the portfolio overview in SonarQube.

Official Downloads

(2)

edit

The Coding Personalities of Leading LLMs

Interactive Demo

edit

Try an interactive demo created by the software seller (right here on G2).

Try demo

G2 reviews are authentic and verified.

Here's how.

Aadarsha S.

Tranee DevOps

Small-Business (50 or fewer emp.)

8/26/2025

"Improving Code with SonarQube"

5/5

What do you like best about SonarQube?

SonarQube makes it easy to maintain high code quality by automatically detecting bugs, vulnerabilities, and code smells. I like how it integrates with CI/CD pipelines and provides clear, actionable insights for developers. The detailed dashboards and quality gates help enforce coding standards across teams. Review collected by and hosted on G2.com.

What do you dislike about SonarQube?

The initial setup and configuration can be a bit complex, especially for new users. It also requires tuning to avoid too many false positives. For very large projects, performance can sometimes feel slower, and the UI could be more modern and intuitive. Review collected by and hosted on G2.com.

Nassima R.

Software Developer

Small-Business (50 or fewer emp.)

1/19/2026

"Error Detection and Quality Gates That Strengthen Stability"

4/5

What do you like best about SonarQube?

The ability to detect errors, combined with Quality Gates, is vital to our stability; it filters out defective code before it reaches production and helps mitigate serious operational risks. Review collected by and hosted on G2.com.

What do you dislike about SonarQube?

It consumes too much RAM, and it sometimes flags false positives on code patterns that are actually correct, which makes it quite tedious to use. Review collected by and hosted on G2.com.

Arnaud T.

Head of Architecture

Mid-Market (51-1000 emp.)

4/16/2025

"A great actionnable tool for developers"

4.5/5

What do you like best about SonarQube?

SonarCloud is very easy to set up, and integrates nicely into your development platform.

It supports a large number of languages, rules, and can be configured to fit your needs.

Teams use it on a daily basis without needing to think of it.

It is also very intuitive and robust, so you will hardly need technical support ; if you need to, the community website is the way to go for quick answers. Review collected by and hosted on G2.com.

What do you dislike about SonarQube?

The 2024 changes in pricing and product organization led to some hard discussions on pricing internally. The pricing is fair, but the price hike was hard to swallow by the management. Review collected by and hosted on G2.com.

What problems is SonarQube solving and how is that benefiting you?

Using SonarCloud, we are able to take actions on security, bugs, and overall quality issues before the code reaches the main branch.

The quality gates concept allows to focus on new code, by improving it. Upon time, this focus on touched code on a daily basis vastly improves the overall code base quality. Review collected by and hosted on G2.com.

Diego M.

IT & Security Lead

Mid-Market (51-1000 emp.)

10/14/2025

"SonarQube: Great for Code Quality, but Community Edition Upgrades Are Frustrating"

4.5/5

What do you like best about SonarQube?

I like how easy it is to spot issues before they hit production. SonarQube gives clear feedback and keeps our codebase clean and secure. Review collected by and hosted on G2.com.

What do you dislike about SonarQube?

The community edition is pretty difficult to upgrade. All the available documentation is vague. Review collected by and hosted on G2.com.

Rene M.

Solution Architect

Outsourcing/Offshoring

Mid-Market (51-1000 emp.)

10/8/2025

"The best code testing platform for your web development and apps"

5/5

What do you like best about SonarQube?

I love that it is really easy to use, it can be integrated with GitHub, and it can review a wide array of code languages Review collected by and hosted on G2.com.

What do you dislike about SonarQube?

It can be overwhelming when you get your first review Review collected by and hosted on G2.com.

Richy A.

Director of technology

Mid-Market (51-1000 emp.)

10/22/2025

"Outstanding Code Quality Sets It Apart"

5/5

What do you like best about SonarQube?

Code quality and potential errors in code flows Review collected by and hosted on G2.com.

What do you dislike about SonarQube?

The inability to link issues reported in sonar to tickets in Gitlab Review collected by and hosted on G2.com.

Verified User in Hospitality

Mid-Market (51-1000 emp.)

5/7/2025

"Clean and fast performance"

5/5

What do you like best about SonarQube?

High quality , good response time are all involved in giving a high speed performance. Review collected by and hosted on G2.com.

What do you dislike about SonarQube?

SonarCube works without glitches . Nothing to dislike. Review collected by and hosted on G2.com.

Gourav S.

Technical Architect

Enterprise (> 1000 emp.)

7/4/2025

"Intuitive Dashboard for SAST and Seamless Integration with Azure DevOps pipeline by SonarQube"

5/5

What do you like best about SonarQube?

SonarQube is a very easy-to-use and effective tool for code coverage analysis and SAST. It integrates seamlessly with Azure DevOps pipelines. The intuitive Dashboard provides easy access to analysis reports with multiple filters. Review collected by and hosted on G2.com.

What do you dislike about SonarQube?

Seemed that getting a quotation takes time. Review collected by and hosted on G2.com.

What problems is SonarQube solving and how is that benefiting you?

Using SonarLint IDE plugin, developers get instant information about vulnerabilities. SonarQube helps us to restrict the developers to merge code into target releases where the Quality Gate is passed - making sure that no vulnerable code gets into the target branch. Also, SonarQube scan at CI build level ensures that the build happens using secure code only. Review collected by and hosted on G2.com.

Danilo M.

SRE & Platform Manager

Mid-Market (51-1000 emp.)

7/16/2025

"Seems to have potential in a near future"

4/5

What do you like best about SonarQube?

It's was fast and easier to implement and get things done, the IDE plugin works very well and is easy to understand the rules. Review collected by and hosted on G2.com.

What do you dislike about SonarQube?

I struggling to understand metrics and how AI Code features can really help the business. Review collected by and hosted on G2.com.