SonarQube is developed by SonarSource, a company founded in 2008 by Olivier Gaudin, Freddy Mallet, and Simon Brandhof in Geneva, Switzerland. The tool started as an open-source project focused on Java code quality and has since grown into a multi-language static analysis platform used by over 400,000 organizations.
SonarQube performs continuous inspection of code to detect bugs, code smells, security vulnerabilities, and duplicated code. It supports 30+ programming languages, including Java, JavaScript, TypeScript, Python, C#, C++, Go, and PHP. Analysis results are displayed in a web dashboard with metrics on code quality gates, technical debt, and coverage.
The product comes in several editions: Community (free and open-source), Developer, Enterprise, and Data Center. SonarCloud is the hosted SaaS version for teams that don’t want to run their own server. The paid editions add features like branch analysis, pull request decoration, and portfolio management.
SonarSource raised $412 million from Advent International in 2022, valuing the company at $4.7 billion. This was the company’s first significant outside investment after being bootstrapped and profitable for over a decade.
SonarQube integrates with major CI/CD tools (Jenkins, GitHub Actions, Azure DevOps, GitLab CI) and IDEs (through SonarLint). Its “Quality Gate” concept — a pass/fail threshold for new code — has become an industry-standard practice for maintaining code standards in larger teams.
Headquartered in Geneva with offices in Austin, Paris, Singapore, and other cities, SonarSource employs around 600 people. The company has been doubling down on security analysis to complement its established code quality capabilities.
