| Feature | Free | Team | Enterprise | Note |
|---|---|---|---|---|
| General | ||||
| Analysis of public projects: unlimited number of projects | | | | See projects |
| Analysis of private projects | Up to 50k LOC | Up to 1.9M LOC | Unlimited (ideal from 5M LOC for the whole enterprise) | The maximum number of lines of code (LOC) in a plan restricts the analysis of private projects in your organization or enterprise. See #loc-based-pricing below. |
| Maximum number of organization members | 5 | Unlimited | Unlimited | |
| Enterprise-level hierarchy | | You can group several organizations into an enterprise. | ||
| DevOps platform binding (GitHub, Bitbucket Cloud, GitLab, Azure DevOps) | | | | |
| Organization onboarding from multiple DevOps platforms (except Bitbucket) | | As an enterprise member, you can import a DevOps organization using any of your DevOps accounts or SSO account (except for a Bitbucket workspace which can only be imported using a Bitbucket account). | ||
| Automatic GitHub repo import | | | | See auto-import-new-repos |
| Bulk import of all repositories (in beta, only for GitHub) | | | | See #bulk-import |
| Code analysis | ||||
| Branch analysis | Only main branch analysis | Unlimited | Unlimited | See branch-analysis |
| Pull request analysis | Only if the target branch is the main branch | Unlimited | Unlimited | See pull-request-analysis |
| Custom quality profiles | | | See understanding-quality-profiles | |
| Custom quality gates | | | See introduction-to-quality-gates | |
| Report of security alerts in GitHub | | SonarQube Cloud automatically provides feedback about security vulnerabilities inside the GitHub interface itself. See GitHub code scanning alerts. | ||
| AI code analysis | ||||
| AI Code Assurance | | | | See ai-code-assurance |
| Advanced security analysis | ||||
| Software Composition Analysis (SCA) | Add-on1 | See #sca | ||
| Advanced SAST (Static Application Security Testing) | Add-on1 | See #advanced-sast | ||
| AI-powered code remediation | ||||
| AI CodeFix | | | See ai-codefix | |
| Remediation Agent (on GitHub only) | | See ai-agents | ||
| Management reporting | ||||
| Portfolios | | See viewing-portfolios | ||
| Security reports | | See project-security-reports | ||
| Project PDF reports | | See project-pdf-reports | ||
| Integrations | ||||
| Jira Cloud | | | See jira-cloud | |
| Slack | | | | See integration-overview |
| JFrog Evidence Collection | | See jfrog | ||
| Webhooks | | | SonarQube Cloud supports the configuration of webhooks, allowing you to send automatic notifications to external services of analysis activity. See webhooks. | |
| User authentication and provisioning | ||||
| GitHub member synchronization | | | SonarQube Cloud synchronizes automatically organization members with GitHub. See GitHub member synchronization in devops-platform-authentication | |
| DevOps platform authentication | | | | See devops-platform-authentication |
| SSO authentication | | See sso | ||
| Enterprise security | ||||
| Scoped Organization Token (SOT) | | | #about-scoped-organization-tokens | |
| Audit logs | | See audit-logs | ||
| IP allow list restriction | | See ip-allow-lists | ||
| Administration | ||||
| Groups | | | As an organization admin, you can manage custom groups and change the permissions of any group. See user-group-concept | |
| Permission templates | | | As an organization admin, you can use permissions templates to manage the default permissions applying to new projects. See templates | |
| Organization-wide project configurations | | As an organization admin, you can define the long-lived branch name pattern, the analysis scope adjustment, and the automatic analysis disabling for new projects at the organization level. See introduction to Performing global analysis setup. | ||
| Projects Management page | | As an organization admin, you can manage the projects of your organization on a centralized page: the Projects Management page. See projects-management-page | ||
| Delegation of the quality profile management permission | | With the Administer Quality Profiles permission, you can authorize users or groups to manage a specific custom quality profile. See authorizing-other-users-to-manage-quality-profile |
| Feature | Description |
|---|---|
| Maximum number of organization members | Unlimited. |
| Code analysis | |
| Languages | All languages supported in the Team plan. See overview. |
| Branch analysis | Unlimited. For more information about the feature, see branch-analysis. |
| Pull request analysis | Unlimited. For more information about the feature, see pull-request-analysis. |
| Custom quality profiles | See understanding-quality-profiles. |
| Custom quality gates | See introduction-to-quality-gates. |
| Advanced SAST (Static Application Security Testing) | See #advanced-sast. |
| Integrations | |
| Webhooks | SonarQube Cloud supports the configuration of webhooks, allowing you to send automatic notifications to external services of analysis activity. See webhooks. |
| User administration | |
| Projects Management page | As an organization admin, you can manage the projects of your organization on a centralized page: the Projects Management page. See projects-management-page. |
| GitHub member synchronization | SonarQube Cloud synchronizes automatically organization members with GitHub. See github-member-synchronization. |
| DevOps platform authentication | See devops-platform-authentication. |
| Groups | As an organization admin, you can manage custom groups and change the permissions of any group. See user-group-concept. |
| Permission templates | As an organization admin, you can use permissions templates to manage the default permissions applying to new projects. See templates. |