USA / Canada 866-503-1471
International +972-722-405-222
SonarQube fournit des tests de qualité de code, une analyse de code statique, un code propre et la vérification du niveau de sécurité du code développé dans l'entreprise - et de manière continue et régulière.
Le système SonarQube permet à tous les développeurs d'écrire du code plus propre et plus sûr, en utilisant des méthodes de travail pratiques et modernes.
SonarQube offre les fonctionnalités suivantes :
ALM-Toolbox est un distributeur officiel de SonarQube et se spécialise également dans la fourniture de solutions supplémentaires à SonarQube,
comprenant:
Feature \ Product Edition | Community (Free) Edition | Developer Edition
Get a Quote |
Enterprise Edition
Get a Quote |
Data Center Edition
Get a Quote |
---|---|---|---|---|
Customer Support & SLA | ||||
Download updates | ||||
Email support | - | |||
Priority support
Get the support you need. Highly-skilled support engineers are available to help you with all of your support needs.
|
- | |||
Features | ||||
SonarQube & 60+ plugins
Library of plugins: SonarQube experience can be augmented by plugins. More than 60 community and commercial plugins are available for SonarQube, making it easy to enhance your experience with extra languages, metrics, pages. Plugins can also be developed to meet specific needs within an organization
| ||||
SonarLint
Get real-time code notifications from SonarQube in your IDE as you work. Track release status and keep abreast of issues you introduce. Integrated with Visual Studio, VS Code, IntelliJ and Eclipse.
| ||||
Branch Analysis
Track the quality of all feature and maintenance branches, to make sure only safe and secure code makes it in production.
With GitHub Enterprise, Bitbucket Server or Microsoft Azure DevOps, SonarQube can directly comment in Pull Requests
| master (main) only | |||
Pull Request Decoration for GitLab, Bitbucket, GitHub and Azure DevOps
Pull reques analysis: Use SonarQube pull request analysis and decoration to make sure your code is top-notch before you merge - and maybe even before you ask for human review.
| - | |||
Detection of injection flaws
With detection of Injection Flaws, untrusted user input can be detected within the code, and sanitized before it compromises your application.
| - | |||
SonarLint notifications
With GitLab CI/CD you can create a new environment for each one of your branches, speeding up your development process. Spin up dynamic environmeSmart notifications allow developers using Connected Mode in SonarLint to receive in-IDE notifications from SonarQube when the Quality Gate status (failed / success) of a project /solution open in the IDE changes or a SonarQube analysis raises new issues introduced by this developer in a project /solution open in the IDEnts for your merge requests with the ability to preview your branch in a live environment.
| - | |||
Decorate GitLab Merge Requests
Quality Gate status in GitLab pipelines and merge request comments
| - | |||
MISRA compliance
Compliant with MISRA C 2004, MISRA C 2012 and MISRA C++ 2008 standards for C, C++ , Java and Kotlin
| - | |||
Support for GitHub Checks & BitBucket Code Insights
| - | |||
Portfolio Management
Organize a large portfolio of applications and projects the way you like. Create your own hierarchy and define category trees to the number and depth that works best for you
| - | - | ||
Security Reports
OWASP / SANS Security Reports: Built-in security reports, with developer friendly language, shorten the vulnerability feedback loop and get developers fixing security holes quickly.
| - | - | ||
Executive Reporting
Gain visibility into health factors such as operational risks and security risks. Generate, export and schedule reports in PDF format to ensure visibility of key metrics to all stakeholders. Get fast reporting and up-to-date information, no matter the number of projects.
|
- | - | ||
Project Transfer
Consolidate projects from multiple SonarQube servers into a central instance where you can track your overall software portfolio.
|
- | - | ||
Component Redundancy
Deploy SonarQube as a cluster of applications to avoid any interruption of the service: You can deploy SonarQube as a cluster of applications and search nodes to ensure that if a node fails, the other ones will take the lead to keep the service up and running. The SonarQube cluster will automatically recover from the unexpected situation and restore data resiliency.
|
- | - | - | |
Data Resiliency
Deploy SonarQube as a cluster of applications to avoid any interruption of the service: You can deploy SonarQube as a cluster of applications and search nodes to ensure that if a node fails, the other ones will take the lead to keep the service up and running. The SonarQube cluster will automatically recover from the unexpected situation and restore data resiliency.
|
- | - | - | |
Horizontal Scalability
Data Center Edition is designed for organizations running a very large deployment of SonarQube requiring maximum application uptime. High availability is achieved by adding redundancy to every node in the system. When combined with the Horizontal Scalability feature, Data Center Edition ensures rapid, reliable code analysis reporting - even when your instance grows to global proportions hosting thousands of users and projects.
|
- | - | - | |
Customer support
Search globally through the API
|
- | Extra charge | Extra charge | Included |
Supporting Java | ||||
Supporting JavaScript | ||||
Supporting C# | ||||
Supporting TypeScript | ||||
Supporting Kotlin | ||||
Supporting Ruby | ||||
Supporting Go | ||||
Supporting Scala | ||||
Supporting Flex | ||||
Supporting Python | ||||
Supporting PHP | ||||
Supporting HTML | ||||
Supporting CSS | ||||
Supporting XML | ||||
Supporting VB.NET | ||||
Supporting C | - | |||
Supporting C++ | - | |||
Supporting Objective-C | - | |||
Supporting PL/SQL | - | |||
Supporting ABAP | - | |||
Supporting TSQL | - | |||
Supporting Swift | - | |||
Supporting Apex | - | - | ||
Supporting Cobol | - | - | ||
Supporting PL/1 | - | - | ||
Supporting RPG | - | - | ||
Supporting VB6 | - | - | ||
Pricing and available licenses | Free | Subscription
Starts at $150 Get a Quote |
Subscription
Starts at $20,000 Get a Quote |
Subscription
Get a Quote |
Besoin d'aide pour décider? Envoyez-nous un e-mail ou utilisez le chat ci-dessous
Note this is a partial list. We wrote a comprehensive comparison article and made a smart, fully and updated comparison list - contact us.Nous offrons ce qui suit :
Contactez-nous pour en savoir plus: training@almtoolbox.com
SonarQube is very easy to use, and it is integrated in Jenkins to manage the jobs. It fits with ThalesRaytheonSystems needs, since we have many components, and many work packages, in different languages, and the notion of ‘portfolios’ is essential.
Josiane Denis , ThalesRaytheonSystems
“One of the best things about SonarQube is its powerful dashboards. These enable our project managers and developers to view available metrics in different contexts, based on their role in the development process. By unifying this data and making it visible to all concerned, SonarQube has significantly improved the quality and depth of internal discussions about code quality.”
Siemens SonarQube Service manager, Siemens
“we were doing tedious, manual code reviews of all the new code, every release version,” Zitro R&D Director Xavi Albors said.
Zitro R&D Director Xavi Albors
SonarQube : Témoignages