Cloud based and hence no need to install on any server.
Integrates into various version control systems using CI/CD pipelines.
Has a huge database of various rules per coding platform.
Helps in scanning large quantities of code efficiently. Also, provides insights into possible security misconfigurations. Review collected by and hosted on G2.com.
Initial setup is a little difficult, but manageable.
Can give a lot of false positives.
If the number of lines cross a particular threshold the overall scan is taking a very long time. Review collected by and hosted on G2.com.
Video Reviews
Versatile static code analysis tool. Makes ensuring code quality easy.
14 out of 15 Total Reviews for SonarQube Cloud (formerly SonarCloud)
Overall Review Sentiment for SonarQube Cloud (formerly SonarCloud)
Log in to view review sentiment.
SonarCloud is easy to use and integrates seamlessly into existing projects and nearly all CI/CD pipelines. We integrated almost all of our codebases and used it along with the Sonar cloud extension, which made it more powerful. Review collected by and hosted on G2.com.
The downside with sonar is that it requires us to make at least one change in a file to get it scanned. Because of this, sometimes, issues slip into production. Review collected by and hosted on G2.com.
SonarCloud is a cloud-based code analysis service that helps in detecting and fixing bugs, vulnerabilities, code issues, and other quality issues in your code.
One of the best feature i like about it is its integration with various CI/CD tools like GitLab, GitHub etc. Review collected by and hosted on G2.com.
As sonar cloud is used on-the-go cloud analysis tool for the code. So, just like any other tool in the market in this particular category, it increases the complexity of the programming for the first-time, and later on some minor maintenance is needed which is fine. Review collected by and hosted on G2.com.
The Pull Request Analysis is our best option to keep your code clean of bugs and reduce manual work, increase test coverage and in the overall align the code quality across all your repositories in the most automated way possible by entirely using Github Actions, in our days it has become an indispensable tool for all software engineer team. Review collected by and hosted on G2.com.
The software fully does what it says it does; there is nothing to complain about. Fair price, has awesome features, 100% availability. the only added feature I believe it can be added is the ability to produce reports using multiple repos. Review collected by and hosted on G2.com.
Supports major Cloud Providers/Cloud Platforms and Many popular Programming Languages. We are in the age of the Security left shift. The integration of SonarLint with IDE brings security even when code is pushed to source control. Review collected by and hosted on G2.com.
Data Privacy, Data Sovereignty(Some countries/organizations don't allow your data to go outside your network even if it's an analysis result data). Cost is another factor. Sometimes it produces a large number of false positives. Review collected by and hosted on G2.com.
SonarCloud is one of the top most vulnerabilitie and security tool which inspect bug in code which is used to build pipeline.its has ability to identify error in code. Review collected by and hosted on G2.com.
although it's has many advantages but some big advantage about it price so as it it the product of Microsoft. so while you run with private devops with external tools you have to purchase its license extra. Review collected by and hosted on G2.com.
SonarCloud is one of the indispensable tools to improve the quality of the code and in our continuous integration model gives us that peace of mind in each release to production, also SonarCloud is one of the tools that help us with compliance in some items of our SOC2 certification. Review collected by and hosted on G2.com.
Scanning at coding time with the help of the agent is a bit slow in very large projects. And I think a way to globally configure the Long-lived branches pattern should be enabled. Review collected by and hosted on G2.com.
SonarCloud makes it easy to set your own rules when doing a code scan and to notify you so you can stop pushing a product if any of those rules aren't satisfied. It integrates well with other products as well. Review collected by and hosted on G2.com.
It integrates well but takes quite a bit of work to get set up. Overall it's not the quickest tool and there are definitely more robust options for scanning out there. Review collected by and hosted on G2.com.
Easy code quality and security checks at real time with the usage of plugins is one of the best features that sonarcloud offers. Review collected by and hosted on G2.com.
Inability to detect runtime code flaws is something that can be improved. Review collected by and hosted on G2.com.
Integration is easy in CI/CD pipelines
Helped a lot at the time of code push!
UI interface is really good and easy to go!
It helped a lot in code duplicate! Review collected by and hosted on G2.com.
It took too long to setup and move forward! Review collected by and hosted on G2.com.
