Technology Radar TemplateTechnology Radar Template
Adopt

SonarQube remains a good choice for checking your code quality. However, when using GitLab pipelines, it can be replaced with the built-in functionality provided by GitLab.

Adopt

To track code quality of our projects and check for security issues (Static Application Security Testing), we recommend SonarQube. At AOE we use it in CI pipelines to scan our code against the quality gate. If possible we even check each merge request to prevent degrading code quality before adding it to our code basis.

Trial

At AOE, we are using SonarQube to get a historical overview of the code quality in our Projects. With SonarQube, you can get a quick insight into the condition of your code. It analyzes many languages and provides numerous static analysis rules. SonarQube is also being used for Static Application Security Testing (SAST) which scans our code for potential security vulnerabilities and is an essential element of our Secure Software Development Lifecycle.

Assess

At AOE, we're evaluating SonarQube to get an historical overview of the code quality of our Projects. With SonarQube, you can get a quick hint about the condition of your code. It analyzes many languages and provides numerous static analysis rules.