Alle Bewertungen zu SonarQube Filter anwenden
Nutzerbewertungen zu SonarQube durchsuchen
Alle Bewertungen zu SonarQube Filter anwenden
- Branche: Computer-Software
- Unternehmensgröße: 10.000+ Mitarbeiter
- Wöchentlich für Mehr als 2 Jahre genutzt
-
Quelle der Bewertung
Mehr Details anzeigen
SonarQube for static code analysis
Vorteile
Best feature of SonarQube is that it can be integrated with most of the applications, and it provides static code Analysis for both frontend and backend code. I am using SonarQube for my APIs and Web code and for each build, I can see how many code smells i have inserted, how many are solved, What is the additional development time i have added. Now i can see the security status of the Web app as well like Cross Site issues etc. All these features are awesome
Nachteile
I cannot find any cons for this as of now
- Branche: Informationstechnologie & -dienste
- Unternehmensgröße: 51–200 Mitarbeiter
- Täglich für Mehr als 2 Jahre genutzt
-
Quelle der Bewertung
Mehr Details anzeigen
Keeps ur code intact with less grammar mistake
Vorteile
it allows us to correct the grammatically wrong code , unused imports ,variables etc. It Helps us to optimize the code with the rules specified for that project. Allows us to remove the duplicate code as well.
Nachteile
Integration with visual studio code and binding with project is tad difficult . Duplicate code block appears only after the build , so we have to wait till the build is completed to view whether any duplicate is present in our code.
- Branche: Telekommunikation
- Unternehmensgröße: 1.001–5.000 Mitarbeiter
- Wöchentlich für Mehr als 1 Jahr genutzt
-
Quelle der Bewertung
Mehr Details anzeigen
SonarQube
Overall very easy to use and thus very helpfull tool.
Vorteile
We have SonarQube implemented in our company develop environment and it's very easy to use.
Nachteile
Constantly annoying me with my code smells :-) (just a joke!)
- Branche: Fotografie
- Unternehmensgröße: 501–1.000 Mitarbeiter
- Wöchentlich für 6-12 Monate genutzt
-
Quelle der Bewertung
Mehr Details anzeigen
Simple static analysis out of the box
SonarQube provides some grest feedback on code quality to stop preventable bugs from geting to production.
Vorteile
The ability to run up a Docker container with SonarQube and run static analysis on our codebase within half an hour was superb. Built in support for multiple languages enabled a quick start and got us looking at potential bugs, hotspots and code smells in no time. Integration with VSCode using SonarLint is awesome. Integration into a CI/CD pipeline provides a good code quality gate.
Nachteile
Some of the setup documentation was a little lacking and could be improved. Time was wasted initially trying to pass parameters into the cli command that had no effect. It turned out that some properties had to be set in a sonar-project.properties in the source repository.
Antwort von SonarSource
Thank you for your review!
- Branche: Informationstechnologie & -dienste
- Unternehmensgröße: 5.001–10.000 Mitarbeiter
- Täglich für Mehr als 2 Jahre genutzt
-
Quelle der Bewertung
Mehr Details anzeigen
SonarQube Usage review
Cheap and good for Code Vulnerability scans.
Vorteile
The vulnerability scans that it uses encompasses a lot of languages. It also has ability where user can define custom profiles and rules. Dashboards created are easy to use and decipher.
Nachteile
Technical support is very expensive and need to use their community forums to get support.
Antwort von SonarSource
Thank you for your review, kiruthiga!
- Branche: Computer-Software
- Unternehmensgröße: 2–10 Mitarbeiter
- Wöchentlich für 6-12 Monate genutzt
-
Quelle der Bewertung
Mehr Details anzeigen
Clean code the right way
Vorteile
Code review automation, in addition to analyzing the code details that sometimes goes unnoticed, increases the degree of confidence and security of your code.
Nachteile
I find it a bit complicated to implement.
- Branche: Informationstechnologie & -dienste
- Unternehmensgröße: 1.001–5.000 Mitarbeiter
- Täglich für Mehr als 1 Jahr genutzt
-
Quelle der Bewertung
Mehr Details anzeigen
SonarQube - Used to improve the code quality and security
SonarQube is a great tool to maintain code quality. Issues are divided into different categories like Bug, Major, Minor etc.
Vorteile
All the vulnerabilities and possible exceptions are flagged which becomes easy for developer. Rules can be customized as per the requirement. Provides the examples of compliant and non-compliant code.
Nachteile
Sometimes there are false positive issues
- Branche: Computer-Software
- Unternehmensgröße: 201–500 Mitarbeiter
- Wöchentlich für Mehr als 1 Jahr genutzt
-
Quelle der Bewertung
Mehr Details anzeigen
Code Coverage and Issue Check
My overall experience with sonar is good. It helps me a lot. Because our acceptance criteria are that there should be no blocker, critical or major issues, and the coverage should be a minimum of 95%.
Vorteile
We use sonarqube to get the code coverage of our spring projects. It is easy to use and free to use. You can easily run that locally or using Jenkins Pipelines. It will scan your project to whether your test cases are covering your code or not and whether there are blockers, major, minor, or critical issues in your app that can affect your app. It helps a lot to write proper test cases and fix code quality issues.
Nachteile
There are no cons to using sonarqube. It will now only improve your code quality but help you write proper test cases.
- Branche: Informationstechnologie & -dienste
- Unternehmensgröße: 201–500 Mitarbeiter
- Täglich für Kostenlose Testversion genutzt
-
Quelle der Bewertung
Mehr Details anzeigen
Code Inspection Tools
Clearing dead code, following coding standards, identifying security threats, etc
Vorteile
The best feature I liked about this tool is it even suggests relevant code be changed. So just a copy-paste will do the job. Less time consuming
Nachteile
Initial setup. Have to setup multiple items separately. Would have been good if it was a complete installation as a EXE
Antwort von SonarSource
Thank you for your review & feedback, Philip!
- Branche: Informationstechnologie & -dienste
- Unternehmensgröße: 10.000+ Mitarbeiter
- Wöchentlich für Mehr als 1 Jahr genutzt
-
Quelle der Bewertung
Mehr Details anzeigen
Ease of Using SonarQube
Excellent to work with
Vorteile
Deployment Features and the ease of access
Nachteile
Customer support sometimes get delayed
Antwort von SonarSource
Thank you for your review, Puneet!
I am sorry to hear that you're experiencing a delay with support. Do you have Commercial Support or do you use the SonarSource Community forum?
Visit: https://community.sonarsource.com/
- Branche: Informationstechnologie & -dienste
- Unternehmensgröße: 5.001–10.000 Mitarbeiter
- Täglich für 1-5 Monate genutzt
-
Quelle der Bewertung
Mehr Details anzeigen
SonarQube
Vorteile
The tool that got us better code. The integration of libraries and the amount of languages is enough to work with and integrate with other DevOps applications which is easy. Everything is very intuitive including the initial setup. Setting up multiple rules for languages is included as well as security. The static code scanning feature is good. The only thing is that the UI integration could be improved.
Nachteile
The only thing is that the UI integration could be improved, maybe even better documentation, but otherwise I am satisfied with the application, deployment without problems, integration with other applications as well.
- Branche: Finanzdienstleistungen
- Unternehmensgröße: 51–200 Mitarbeiter
- Täglich für 1-5 Monate genutzt
-
Quelle der Bewertung
Mehr Details anzeigen
A Senior partner of development team
It is a life saver in the development. It acts as a primary reviewer for every commit and the suggestions it provide are also very good thus saving time in code review . It helps in increasing the code quality and also supports self learning by providing the reviews.
Vorteile
- It catches bugs very easily and classifies them into errors, bugs, code smells etc. based on their impact on the code.
- It can be integrated with git and can be configured to automatically run on every commit
Nachteile
- It is somewhat messy as if there are linting changes in the code then it also picks that previous changes and provide insights on it which sometimes creates ruckus on large code base
- Branche: Rundfunkmedien
- Unternehmensgröße: 5.001–10.000 Mitarbeiter
- Monatlich für Mehr als 2 Jahre genutzt
-
Quelle der Bewertung
Mehr Details anzeigen
SonarQube is a very good tool
Vorteile
I like how code duplication, smell code and cognitive complexity are detected
Nachteile
I wish that SonarQube would work on a multi module project, the way it works for a single module one.
Antwort von SonarSource
Thank you for your review, Houssem!
- Branche: Informationstechnologie & -dienste
- Unternehmensgröße: 10.000+ Mitarbeiter
- Täglich für 6-12 Monate genutzt
-
Quelle der Bewertung
Mehr Details anzeigen
SonarQube for Static Code Analysis & Code review
SonarQube: The go-to tool for code quality
Vorteile
Security Hotspot feature
Code Smells
Multi language support
Nachteile
The free version has limitations on development languages and support.
Setup process
Would require a UI / CX refresh
Antwort von SonarSource
Thank you for your review, Srinivashan!