Feature comparison table

The table below lists features relevant to comparing support in the different SonarQube deployments. For more information about the features supported in the SonarQube Cloud, see Subscription plans. For more information about features supported in SonarQube Server, see Community Build, Developer Edition, or Enterprise Edition.

Feature
SonarQube Community Build
SonarQube Cloud Free plan
SonarQube Server
SonarQube Cloud Team and Enterprise plans

Analysis

Branch analysis

Only main branch analysis

Only main branch analysis

Pull request analysis

Only if the target branch is the main branch

Languages: See Supported languages

Injection vulnerabilities detection

Injection vulnerabilities detection: security engine custom configuration

From Enterprise

Secret detection: Custom secret patterns

From Enterprise

AI code autodetection

Applications (aggregation of multiple projects)

Design and Architecture

Architecture verification

On Java

Cycle detection

On Java

Advanced security analysis

Software Composition Analysis (SCA)

From Enterprise

Advanced SAST (Static Application Security Testing)

From Enterprise

Quality standards

Code quality assurance for AI generated code (AI Code Assurance)

Prioritized rules

From Enterprise

Issue resolution

AI-generated fix suggestions (AI CodeFix)

Management reporting

Portfolios

From Enterprise

Enterprise only

Security reports

From Enterprise

Enterprise only

Project PDF reports

From Enterprise

Enterprise only

Regulatory reports

From Enterprise

System security

Audit logs

From Enterprise

Maximum lifetime for tokens

From Enterprise

From Team (Scoped Organization Tokens)

Inactive session timeout

Configurable

Not configurable (24 h)

Configurable

Not configurable (24 h)

Active session timeout

From Enterprise (configurable)

GitHub integration

User authentication

Just-in-Time user provisioning

Automatic provisioning

Groups, users, and project permissions

Users (GitHub member synch)

Quality gate status report on pull requests; Preventing merge when quality gate fails

GitHub Actions: Failing workflow when quality gate fails

Security alerts report in GitHub

Monorepo integration

From Enterprise

Multiple GitHub instances

From Enterprise

Bitbucket Cloud integration

User authentication

Just-in-Time provisioning

Quality gate status report on pull requests; Preventing merge when quality gate fails

Bitbucket Pipelines: Failing pipeline when quality gate fails

Monorepo integration

From Enterprise

Multiple Bitbucket instances

From Enterprise

GitLab integration

User authentication

Just-in-Time user provisioning

Automatic provisioning

Groups, users, and project permissions

Quality gate status report on pull requests; Preventing merge when quality gate fails

GitLab CI/CD Pipelines: Failing pipeline when quality gate fails

Security issues report in GitLab

Monorepo integration

From Enterprise

Multiple GitLab instances

From Enterprise

Azure DevOps integration

User authentication

Just-in-Time user provisioning

Quality gate and issues report on pull requests; Preventing merge when quality gate fails

Azure Pipelines: quality gate status report in Build Summary page

Monorepo integration

Multiple Azure DevOps instances

From Enterprise

Bitbucket Server and Bitbucket Data Center integration

Quality gate status report on pull requests; Preventing merge when quality gate fails

Multiple Bitbucket instances

From Enterprise

SAML authentication

Enterprise only

Just-in-time user provisioning

Enterprise only

Group synchronization

Enterprise only

Automatic provisioning

From Enterprise (with SCIM; Microsoft Entra ID and Okta): Users and groups

Last updated

Was this helpful?