DevOps
Intermediate
What is SonarQube?
A platform for continuous code quality inspection that detects bugs, vulnerabilities, and code smells through static analysis.
SonarQube analyzes source code for quality issues across 30+ programming languages. It identifies bugs, security vulnerabilities, code smells (maintainability issues), duplications, and test coverage gaps.
Quality Gates define pass/fail criteria for builds. Integration with CI/CD pipelines blocks deployments that do not meet quality standards. SonarCloud offers a hosted version for open-source projects.