
Detect bugs, vulnerabilities and code smells right in your PRs - SonarQube empowers all developers to write clean, safe code
Detect bugs, vulnerabilities and code smells right in your PRs - SonarQube empowers all developers to write clean, safe code
Detect bugs, vulnerabilities and code smells right in your PRs - SonarQube empowers all developers to write clean, safe code
SonarQube neatly hooks into your existing Bitbucket workflow to automatically analyze and decorate your Pull Requests with code quality issues.
SonarQube analyzes branches and Pull Requests so you spot and resolve issues BEFORE you merge to the main branch. Take control of your code quality!
Devs should own any security issues they create. SonarQube detects tricky security vulnerabilities, including injection flaws, explains their nature and gives you appropriate next steps for a fix.
More details
SonarQube™ is the leading tool for continuously inspecting the Code Quality and Security™ of your codebases, all while empowering development teams. Covering 27 programming languages including C#, VB.Net, JavaScript, TypeScript and C++; SonarQube easily pairs up with your Bitbucket environment and tracks down Bugs, Security Vulnerabilities and Code Smells.
SonarQube Commercial Editions tightly integrate with your Bitbucket environment and analyze branches and Pull Requests so your team spots and resolves issues before you merge to master. Analysis results are published right in your build summary! Quality Gate and clean code metrics are visible to the entire team. You’re always getting the right Code Quality & Security info, at the right time and in the right place.
With over 225,000 worldwide deployments helping small development teams as well as global organizations, SonarQube provides the means for teams and companies around the world to own and impact their Code Quality & Security.
Reviews for cloud
(0)Sign in to write a reviewReviews for server
(0)Sign in to write a reviewReviews for Data Center
(0)Sign in to write a reviewCloud Pricing
Server Pricing
Data Center Pricing
This app is sold by a third-party vendor.
Let us know that you'd like to manage this app's billing on your Atlassian invoice.Pricing FAQ
- What does 'paid-via-vendor' mean?
Paid-via-vendor apps are licensed and purchased directly through the vendor who makes this app.
Payment for paid-via-vendor apps is not handled by Atlassian.
- Will paid-via-vendor transactions be on my Atlassian invoice?
Paid-via-vendor transactions are not managed by Atlassian. This means transactions for paid-via-vendor apps will not be on your Atlassian invoice.
SonarSource provides support for this app.
Vendor support resources
Find out how this app works.
Community discussions connect you to the vendor and other customers who use this app.
Atlassian-hosted discussions connect you to other customers who use this app.
Versions
Version 1.0.0 • Bitbucket Server 5.15.0 - 7.9.1 • Released 2019-06-11
Summary
Detect Code Quality and Security issues in your Pull Requests
Installation
- Download SonarQube (note: Bitbucket Pull Request analysis requires the Developer Edition)
- Follow documentation about Pull Request Analysis