Alternatives to SonarQube logo

Alternatives to SonarQube

ReSharper, Checkmarx, Codacy, FindBugs, and Veracode are the most popular alternatives and competitors to SonarQube.
1.7K
2K
+ 1
52

What is SonarQube and what are its top alternatives?

SonarQube provides an overview of the overall health of your source code and even more importantly, it highlights issues found on new code. With a Quality Gate set on your project, you will simply fix the Leak and start mechanically improving.
SonarQube is a tool in the Code Review category of a tech stack.
SonarQube is an open source tool with 8.9K GitHub stars and 2K GitHub forks. Here’s a link to SonarQube's open source repository on GitHub

Top Alternatives to SonarQube

  • ReSharper
    ReSharper

    It is a popular developer productivity extension for Microsoft Visual Studio. It automates most of what can be automated in your coding routines. It finds compiler errors, runtime errors, redundancies, and code smells right as you type, suggesting intelligent corrections for them. ...

  • Checkmarx
    Checkmarx

    It is a provider of state-of-the-art application security solution: static code analysis software, seamlessly integrated into development process. ...

  • Codacy
    Codacy

    Codacy automates code reviews and monitors code quality on every commit and pull request on more than 40 programming languages reporting back the impact of every commit or PR, issues concerning code style, best practices and security. ...

  • FindBugs
    FindBugs

    It detects possible bugs in Java programs. Potential errors are classified in four ranks: scariest, scary, troubling and of concern. This is a hint to the developer about their possible impact or severity. ...

  • Veracode
    Veracode

    It seamlessly integrates application security into the software lifecycle, effectively eliminating vulnerabilities during the lowest-cost point in the development/deployment chain, and blocking threats while in production. ...

  • SonarLint
    SonarLint

    It is an IDE extension that helps you detect and fix quality issues as you write code. Like a spell checker, it squiggles flaws so that they can be fixed before committing code. ...

  • JaCoCo
    JaCoCo

    It is a free code coverage library for Java, which has been created based on the lessons learned from using and integration existing libraries for many years. ...

  • ShiftLeft
    ShiftLeft

    ShiftLeft CORE provides fast and accurate application security findings built directly into the development workflow. ...

SonarQube alternatives & related posts

ReSharper logo

ReSharper

240
263
24
A Visual Studio extension for .NET and web developers
240
263
+ 1
24
PROS OF RESHARPER
  • 6
    Refactor also using different code
  • 6
    Early discover bugs
  • 5
    IDE Integration
  • 4
    Highlighted //todo //bug
  • 3
    Spell checking
CONS OF RESHARPER
  • 8
    Visual studio become slower

related ReSharper posts

Meikel Philipp
Software Developer at Interboden GmbH & Co. KG · | 5 upvotes · 20.3K views

JetBrains Rider massively improves production speed and value. It's hard to find a tool/IDE that is so well designed like Rider (especially for Unity).

The folks at ReSharper do an awesome job with resharper-unity plugin. They even have a more in depth explanation of common issues in Unity than Unity itself.

See more
Lana Grant
Sr Software Developer at Intellibridge · | 3 upvotes · 78.1K views
Shared insights
on
SonarQubeSonarQubeReSharperReSharper

I need to compile a comparative analysis of the differences between ReSharper and SonarQube features. Please share your experience/knowledge.

See more
Checkmarx logo

Checkmarx

81
135
0
Unify your application security into a single platform
81
135
+ 1
0
PROS OF CHECKMARX
    Be the first to leave a pro
    CONS OF CHECKMARX
      Be the first to leave a con

      related Checkmarx posts

      Codacy logo

      Codacy

      296
      549
      248
      Automate and Standardize Code Reviews for 40+ languages
      296
      549
      + 1
      248
      PROS OF CODACY
      • 45
        Automated code review
      • 35
        Easy setup
      • 29
        Free for open source
      • 20
        Customizable
      • 18
        Helps reduce technical debt
      • 14
        Better coding
      • 13
        Best scala support
      • 11
        Faster Employee Onboarding
      • 10
        Duplication detector
      • 10
        Great UI
      • 9
        PHP integration
      • 6
        Python inspection
      • 5
        Tools for JVM analysis
      • 5
        Many integrations
      • 4
        Github Integration
      • 3
        Must-have for Java
      • 3
        Easy Travis integration
      • 3
        Items can be ignored in the UI
      • 3
        Asdasdas
      • 2
        Gitlab
      • 0
        Asdas
      CONS OF CODACY
      • 6
        No support for private Git or Azure DevOps git

      related Codacy posts

      Ganesa Vijayakumar
      Full Stack Coder | Technical Architect · | 19 upvotes · 5M views

      I'm planning to create a web application and also a mobile application to provide a very good shopping experience to the end customers. Shortly, my application will be aggregate the product details from difference sources and giving a clear picture to the user that when and where to buy that product with best in Quality and cost.

      I have planned to develop this in many milestones for adding N number of features and I have picked my first part to complete the core part (aggregate the product details from different sources).

      As per my work experience and knowledge, I have chosen the followings stacks to this mission.

      UI: I would like to develop this application using React, React Router and React Native since I'm a little bit familiar on this and also most importantly these will help on developing both web and mobile apps. In addition, I'm gonna use the stacks JavaScript, jQuery, jQuery UI, jQuery Mobile, Bootstrap wherever required.

      Service: I have planned to use Java as the main business layer language as I have 7+ years of experience on this I believe I can do better work using Java than other languages. In addition, I'm thinking to use the stacks Node.js.

      Database and ORM: I'm gonna pick MySQL as DB and Hibernate as ORM since I have a piece of good knowledge and also work experience on this combination.

      Search Engine: I need to deal with a large amount of product data and it's in-detailed info to provide enough details to end user at the same time I need to focus on the performance area too. so I have decided to use Solr as a search engine for product search and suggestions. In addition, I'm thinking to replace Solr by Elasticsearch once explored/reviewed enough about Elasticsearch.

      Host: As of now, my plan to complete the application with decent features first and deploy it in a free hosting environment like Docker and Heroku and then once it is stable then I have planned to use the AWS products Amazon S3, EC2, Amazon RDS and Amazon Route 53. I'm not sure about Microsoft Azure that what is the specialty in it than Heroku and Amazon EC2 Container Service. Anyhow, I will do explore these once again and pick the best suite one for my requirement once I reached this level.

      Build and Repositories: I have decided to choose Apache Maven and Git as these are my favorites and also so popular on respectively build and repositories.

      Additional Utilities :) - I would like to choose Codacy for code review as their Startup plan will be very helpful to this application. I'm already experienced with Google CheckStyle and SonarQube even I'm looking something on Codacy.

      Happy Coding! Suggestions are welcome! :)

      Thanks, Ganesa

      See more

      It is very important to have clean code. To be sure that the code quality is not really bad I use a few tools. I love SonarQube with many relevant hints and deep analysis of code. codebeat isn't so detailed, but it can find complexity issues and duplications. Codacy cannot find more bugs then your IDE. The winner for me is SonarQube that shows me really relevant bugs in my code.

      See more
      FindBugs logo

      FindBugs

      491
      100
      0
      An open-source static code analyser
      491
      100
      + 1
      0
      PROS OF FINDBUGS
        Be the first to leave a pro
        CONS OF FINDBUGS
          Be the first to leave a con

          related FindBugs posts

          Joshua Dean Küpper
          CEO at Scrayos UG (haftungsbeschränkt) · | 1 upvote · 378.3K views

          We use PMD alongside Checkstyle and FindBugs (Spotbugs) for our static code analysis, as a standard stage in all of our pipelines. PMD offers us insight into various optimization possibilities, best-practice alignment, coding convention compliance and general problems with our code.

          See more
          Veracode logo

          Veracode

          62
          125
          0
          A simpler and more scalable way to increase the resiliency of your global application infrastructure
          62
          125
          + 1
          0
          PROS OF VERACODE
            Be the first to leave a pro
            CONS OF VERACODE
              Be the first to leave a con

              related Veracode posts

              Shared insights
              on
              VeracodeVeracodeBlack DuckBlack Duck

              Hi Everyone, I am using Black Duck for my project...I need some advantages on Blackduck as compared to Veracode and other tools..... I don't have any idea about other tools, So I am not able to compare practically.. Please help me.

              See more
              SonarLint logo

              SonarLint

              171
              350
              16
              An IDE extension to detect and fix issues as you write code
              171
              350
              + 1
              16
              PROS OF SONARLINT
              • 13
                IDE Integration
              • 3
                Free
              CONS OF SONARLINT
              • 3
                Non contextual warnings
              • 3
                Not Very User Friendly

              related SonarLint posts

              JaCoCo logo

              JaCoCo

              115
              82
              0
              A code coverage library for Java
              115
              82
              + 1
              0
              PROS OF JACOCO
                Be the first to leave a pro
                CONS OF JACOCO
                  Be the first to leave a con

                  related JaCoCo posts

                  ShiftLeft logo

                  ShiftLeft

                  4
                  5
                  0
                  Static code analysis, Secrets detection, Software composition analysis, and Security training in one platform
                  4
                  5
                  + 1
                  0
                  PROS OF SHIFTLEFT
                    Be the first to leave a pro
                    CONS OF SHIFTLEFT
                      Be the first to leave a con

                      related ShiftLeft posts