aicoolies logo
SonarQube logo

SonarQube

Code quality and security analysis platform

Share
open-sourceOpen Source
Visit Website →

SonarQube is an open-source code quality and security platform with 10K+ GitHub stars that inspects code for bugs, vulnerabilities, code smells, and security hotspots. It enforces quality gates in CI/CD pipelines, supports 30+ languages in Team plans and 40+ in Enterprise, and remains the industry standard for static code quality management.

We have a review for this tool

A detailed review by the aicoolies team — click to read

SonarQube is the industry standard for continuous code quality and security inspection, used by over 400,000 organizations worldwide. It analyzes source code for bugs, vulnerabilities, code smells, and security hotspots across 30+ programming languages.

Quality gates define pass/fail criteria for code quality metrics. When integrated with CI/CD pipelines, they prevent code that does not meet quality standards from being merged. This shift-left approach catches issues at the earliest possible stage.

SAST scanning identifies security vulnerabilities including injection flaws, authentication issues, and cryptographic weaknesses. Code smell detection highlights maintainability issues and technical debt. Duplicate code analysis identifies copy-paste patterns that increase maintenance burden.

SonarQube Community Edition is free and open-source. SonarQube Developer Edition adds branch analysis and PR decoration. Enterprise and Data Center editions provide governance, portfolio management, and high availability. SonarCloud offers a hosted version.

Pricing

Community Build free / Cloud Team from $32/mo for 100K LOC / Enterprise and Server custom or LOC-based

Platforms

Self-hosted, Docker, CI/CD, SonarCloud

Categories

Tags

Use Cases

Alternatives

Steel logo

Steel

Open-source browser infrastructure for AI agents at scale

Steel is an open-source browser API purpose-built for AI agents, providing managed headless browser sessions with anti-bot bypass, proxy rotation, CAPTCHA solving, and session persistence. It handles the infrastructure layer that browser automation agents like Browser Use and Stagehand run on top of. Self-hostable or available as a cloud service. Over 6,000 GitHub stars.

open-sourceOpen Source
Trigger.dev logo

Trigger.dev

Open-source background jobs and AI workflows for TypeScript

Trigger.dev is an open-source platform for building and deploying background jobs, AI agents, and long-running workflows in TypeScript. It eliminates serverless timeouts with durable task execution, automatic retries, queue-based concurrency control, and elastic scaling. Used by 30,000+ developers at companies like MagicSchool and Icon.com, it processes hundreds of millions of agent runs monthly. Backed by a $16M Series A led by Dalton Caldwell's Standard Capital fund.

freemiumOpen Source

Dokploy

Open-source PaaS alternative to Vercel, Heroku, and Netlify

Dokploy is a free open-source platform-as-a-service for self-hosting applications without cloud vendor lock-in. It provides automated deployments from Git repositories, built-in SSL certificates, database provisioning, Docker and Docker Compose support, and a clean web dashboard for managing multiple applications on your own servers. With 18,000+ GitHub stars, it fills the gap for teams wanting Vercel-like deployment simplicity on their own infrastructure.

open-sourceOpen Source
reviewdog logo

reviewdog

Automated code review for any linter on CI

reviewdog is an open-source automated code review tool that integrates any linter or static analysis tool with GitHub, GitLab, Bitbucket, and Gitea pull requests. Parses output in errorformat, Checkstyle XML, SARIF, and JSON formats to post inline review comments on changed lines only. Works with GitHub Actions, Travis CI, CircleCI, GitLab CI, and Jenkins. Supports 40+ languages through universal linter adapter architecture.

open-sourceOpen Source

Related Tools

Claude Code logo

Claude Code

Top Pick

Anthropic's agentic coding CLI

Anthropic's agentic CLI coding tool that delegates complex tasks to Claude directly from the terminal. Understands entire codebases via automatic context gathering, edits multiple files, runs shell commands, and manages Git workflows autonomously. Supports CLAUDE.md for persistent project instructions, integrates with VS Code and JetBrains, and uses Claude Opus/Sonnet with extended thinking for complex architectural decisions. Built for terminal-first developers.

paidOpen Source
Cursor logo

Cursor

Top Pick

The AI-first code editor

AI-first code editor built as a VS Code fork that deeply integrates LLMs into every part of the development workflow. Features Tab autocomplete with multi-line predictions, Cmd+K inline editing, AI chat with full codebase awareness, and Agent mode for autonomous multi-file edits with terminal execution. Supports GPT-4, Claude, and more with automatic context from project files and docs. Includes privacy mode for SOC 2 compliance. The leading AI-native IDE with 100K+ paying users.

freemiumTelemetry
OpenCode logo

OpenCode

Top Pick

Open-source AI coding agent for the terminal

Open-source terminal-based AI coding agent built in Go by the SST team, with a rich TUI (Bubble Tea) supporting 75+ model providers including OpenAI, Anthropic, Gemini, Bedrock, Groq, and OpenRouter. Features vim-like editing, persistent SQLite sessions, and LSP integration for 40+ languages. Fully free with no vendor lock-in, it has rapidly grown to 95k+ GitHub stars.

open-source
Codex logo

Codex

Top Pick

OpenAI coding agent for app, editor, terminal, and cloud work

Codex is OpenAI's coding agent for software development across the Codex app, editor, terminal, and cloud tasks. It helps write, review, debug, refactor, and automate code, with ChatGPT plan access for managed surfaces and API-key usage for CLI, SDK, and IDE workflows. The open-source CLI and SDK support local repository work, while cloud features add GitHub review, Slack/Linear integrations, worktrees, skills, MCP, and automations.

freemiumOpen Source

Accomplish Coworker

Open-source desktop AI coworker for browsing and code execution.

Accomplish Coworker is an MIT-licensed open-source AI coworker that runs on the desktop, combining computer-use style browsing with code execution so agents can research, implement, run, and debug workflows in one local environment.

open-sourceOpen SourceTelemetry

KubeAI

Kubernetes operator for serving AI inference workloads

KubeAI is an Apache-2.0 Kubernetes operator for deploying and scaling AI inference workloads, including LLMs, embeddings, reranking, and speech-to-text. It gives platform teams OpenAI-compatible endpoints, model proxy/controller primitives, model caching, scale-from-zero behavior, and cluster-native resource management for self-hosted inference on Kubernetes.

open-sourceOpen Source

Used in Stacks

Comparisons