Looking for older editions of SonarQube Server? Check out our historical downloads here.
SonarQube is now known as SonarQube Server - Version 10.7 | Released October 2024
Community Build
Free and open source for productivity & code quality
All of the following features:
Static code analysis for 20 languages and frameworks: Java, C#, JavaScript, TypeScript, CloudFormation, Terraform, Docker, Kubernetes, Helm Charts, Kotlin, Ruby, Go, Scala, Flex, Python, PHP, HTML, CSS, XML, VB.NET, and Azure Resource Manager- Detect issues in AI generated code
- SonarQube server runs in a FIPS environment
- Detect bugs & basic vulnerabilities in code
- Review security hotspots
- Track and resolve technical debt
- Monitor code quality metrics and history of activity
- Secrets detection to prevent secrets from leaking
- Combine results from third-party tools with SARIF reports
- CI/CD integration with GitHub, GitLab, Bitbucket and Azure DevOps
- Extensible, with 50+ community plugins
Developer Edition
Essential capabilities for small teams & businesses
Community Build, plus:
- Additional languages: C, C++, Obj-C, Dart/Flutter, Swift, ABAP, T-SQL and PL/SQL
- AutoConfig for C and C++ projects
- Taint analysis with deeper SAST for Java, C#, JavaScript, and TypeScript
- Detection of advanced bugs causing runtime errors and crashes in Python & Java
- Analysis of feature branches, maintenance branches, and pull requests
- Display quality gate status in DevOps pull requests for GitHub, GitLab, Bitbucket, and Azure DevOps
- Autoprovision users and groups from GitHub and GitLab
- Permissions autosync with GitHub
- Display security vulnerabilities in GitHub and GitLab
- Collect multiple projects together as an Application for a single view
- Standard commercial support available
Enterprise Edition
Designed to meet Enterprise requirements
Developer Edition, plus:
- Additional languages: Apex, COBOL, JCL, PL/I, RPG and VB6
- Unlimited integrations with DevOps platforms
- Security engine custom configuration for more powerful taint analysis
- Custom rules to detect private secret patterns
- Aggregate projects and applications into a portfolio
- Project, application, and executive portfolio reports
- Security reports for common security standards
- Regulatory and audit reports to record state & quality of release
- Consolidate projects into a central instance
- Parallel processing of analysis reports
- Pull request decoration and guided setup for monorepos
- Additional licenses for testing and staging environments
- Automatic user and group provisioning through SCIM with Okta and Azure AD
- Standard commercial support
- 24/7 white glove premium support available
Data Center Edition
For high availability, scalability, & performance
Enterprise edition, plus:
- Autoscaling in a Kubernetes cluster
- Component redundancy
- Data resiliency
- Horizontal scalability
- High performance under extreme load
- Standard commercial support included
- 24/7 white glove premium support available
February 2023
SonarQube 9.9 LTA
Current Long Term Active version, offering something for everyone! Faster pull request analysis, Secure CloudNative development, Enhanced enterprise capabilities & so much more! SonarQube 9.9 LTA - better than ever!
Not sure whether you need the LTA or the latest version? See our decision guide.