We have SonarCloud integrated into our pipeline. It is used as a tool for checking code quality, clean code, bugs, and security issues. It acts as a quality gate for production, helping decide if our code can be applied.
It serves as our primary tool for static code analysis, addressing various aspects such as code duplication, code smells, and security concerns. It stands out as an all-encompassing solution and it excels in security analysis and offers robust features for code optimization and duplication detection.
We are using SonarCloud for static analysis. We must utilize this tool for code analysis prior to deployment. For instance, it is necessary to check for bugs or inconsistencies in the code and rectify them. SonarCloud can assist in this regard by providing high-quality content.
We have several development streams, so we want to standardize our tooling and not necessarily restrict each tool to one specific purpose. We have CI/CD pipelines, with cloud solutions on one side and solutions like GitHub and Jenkins on the other. We use SonarCloud to scan code for vulnerabilities. The idea is to have that in a plan-do-check-act iterative way. Some development teams work in sprints with a scope of two weeks. For example, they define and finish their own user stories. Others work in Kanban, which means they work on one user story and only go on to the next when that one is finished. But the underlying thing is we are continuously using SonarCloud to clean out vulnerabilities in software that has been developed in-house. +
Learn what your peers think about SonarQube Cloud (formerly SonarCloud). Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
SonarCloud is used for application security testing. The use cases you can bring into the pull request level, you can eliminate the problem into the developer's feature branch itself. The largest use case is if developers are writing a code and if the code has any vulnerabilities or problems, you can receive the feedback at the pull request level.
SonarQube Cloud offers static code analysis and application security testing, seamlessly integrating into CI/CD pipelines. It's a vital tool for identifying vulnerabilities and ensuring code quality before deployment.SonarQube Cloud is widely used for its ability to integrate with tools like GitHub, Jenkins, and Bitbucket, providing critical feedback at the pull request level. It's designed to help organizations maintain clean code by acting as a quality gate. This service supports...
We have SonarCloud integrated into our pipeline. It is used as a tool for checking code quality, clean code, bugs, and security issues. It acts as a quality gate for production, helping decide if our code can be applied.
It serves as our primary tool for static code analysis, addressing various aspects such as code duplication, code smells, and security concerns. It stands out as an all-encompassing solution and it excels in security analysis and offers robust features for code optimization and duplication detection.
We use the product for code-based security scanning.
We are using SonarCloud for static analysis. We must utilize this tool for code analysis prior to deployment. For instance, it is necessary to check for bugs or inconsistencies in the code and rectify them. SonarCloud can assist in this regard by providing high-quality content.
We have several development streams, so we want to standardize our tooling and not necessarily restrict each tool to one specific purpose. We have CI/CD pipelines, with cloud solutions on one side and solutions like GitHub and Jenkins on the other. We use SonarCloud to scan code for vulnerabilities. The idea is to have that in a plan-do-check-act iterative way. Some development teams work in sprints with a scope of two weeks. For example, they define and finish their own user stories. Others work in Kanban, which means they work on one user story and only go on to the next when that one is finished. But the underlying thing is we are continuously using SonarCloud to clean out vulnerabilities in software that has been developed in-house. +
We are customers of SonarCloud.
SonarCloud is used for application security testing. The use cases you can bring into the pull request level, you can eliminate the problem into the developer's feature branch itself. The largest use case is if developers are writing a code and if the code has any vulnerabilities or problems, you can receive the feedback at the pull request level.
We use SonarCloud tools for all our 20 repositories and we are connecting the SonarCloud, from the Bitbucket pipeline.
The solution is a static code analysis tool. That's basically what we use it for in our organization.