SonarQube carries out a continuous scanning of code to ensure the quality and security of code. It is a cross-platform static code analysis tool that automatically reviews the code for bugs, security-related vulnerabilities, and code smells. It helps in keeping the code clean, besides easy to read and understand. SonarQube provides reports on its dashboard regarding: Duplicate Code Standard, complexity, and coverage of code Possible bugs Unit Tests Comments Security-related vulnerabilities Features of SonarQube Set Different rules for Different Projects SonarQube allows you to set a different set of rules for different projects by creating Quality Profiles. Each project can have its own specific set of rules depending upon the project’s needs. Execution Pathways Bug Detection If the project involves data flow or interaction between different modules, SonarQube is capable of detecting and reporting the bugs in these execution pathways. Smoother Workflow SonarQube can continue to work in the background to identify and report errors during the development phase. It can be integrated with deployment tools and/or integration tools.