Static code analysis tools for PL/I

Utilize static code analysis to find issues in PL/I such as bugs, code smells & security vulnerabilities. Use the Sonar language analyzer with hundreds of rules to evaluate your code and ensure the security, reliability and maintainability of your software.

Get started for free

TRUSTED BY OVER 7M DEVELOPERS WORLDWIDE

Code Smarter

Sonar finds the issues while you focus on the work

It all comes from a powerful analysis engine that we constantly refine. Sonar employs advanced rules along with smart, exclusive analysis techniques to find the trickiest, most elusive issues.

See all the PL/I rules

Precise static analysis

Deep static analysis of your code through symbolic execution, path sensitive analysis & cross-function/cross file taint analysis.

Fast issue resolution

Issue contextualization with secondary locations highlighted and clear remediation guidance helps you understand and construct a fix.

Minimal distractions

Automatic pull request analysis with results displayed in the comments of your favorite DevOps platform so you stay in the zone.

The best way to code PL/I better

Produce secure, reliable and maintainable software

Sonar brings Code Quality to where your code lives. Sonar is tightly integrated with your IDE and CI/CD workflow to feed you the right info at the right time and place.

SonarQube for IDE

Real‑time, in‑editor feedback highlights issues as you type with inline rule descriptions and guidance.
Contextual help and Quick Fixes accelerate resolution for many issues, directly in your editor.
Connected Mode alignment with SonarQube (Server, Cloud) applies shared quality profiles and settings in the IDE.
Available in IDE marketplaces: Visual Studio, VS Code, JetBrains IDEs, and Eclipse.

Explore SonarQube for IDE Link Arrow

sonar working with jetbrains, eclipse, vs and vs code

Start cleaning your PL/I code now

Self-managed SaaS

SonarQube Cloud

SonarQube Server

SonarQube for IDE

Advanced Security

GitarNew

MCP Server

SonarSweepEarly access

Agentic Analysis

Context Augmentation

Remediation Agent

SonarQube Cloud

SonarQube Server

SonarQube for IDE

Advanced Security

GitarNew

MCP Server

SonarSweepEarly access

Agentic Analysis

Context Augmentation

Remediation Agent

AI code quality

Developer-led security

Automated code review

Platform engineering

Compliance & reporting

SDLC governance

Secrets detection

Supply chain security

All use cases

Agent Centric Development Cycle (ACDC)

AI solutions

Architecture management

Security solutions

Code quality solutions

ROI calculator

LLM leaderboard

SonarQube vs GitHub Code Quality

Healthcare

Financial services

Retail

Federal government

Our customers

Customer stories

AI code quality

Developer-led security

Automated code review

Platform engineering

Compliance & reporting

SDLC governance

Secrets detection

Supply chain security

All use cases

Agent Centric Development Cycle (ACDC)

AI solutions

Architecture management

Security solutions

Code quality solutions

ROI calculator

LLM leaderboard

SonarQube vs GitHub Code Quality

Healthcare

Financial services

Retail

Federal government

Our customers

Customer stories

Developer hub

Learning center

Commitment to open source

Community

Developer guides

SonarQube Server

SonarQube Cloud

SonarQube for IDE

Sonar Vulnerability database

GitHub

Bitbucket

Azure DevOps

GitLab

See all