Hello,
Today, Sonar has acquired Gitar, an AI-native code review product, built by the team behind Uber’s developer platform. Gitar automatically reviews pull requests, analyzes CI failures, and commits validated fixes directly to the branch.
SonarQube is a multilayered verification platform based on the principle that no single check catches everything. With Gitar, that stack now extends the PR layer to include: AI code review, CI failure analysis, and validated fixes committed directly to the branch before code merges.
AI coding tools are now generating up to 42% of committed code, but the review and CI workflows built for human-paced development cannot keep up. Pull request queues are growing, pipelines are filling with failures, and engineers are spending hours in logs instead of writing code.
What Gitar does
Gitar is an autonomous agent that gets your build to green.
Gitar sits right in your existing repository workflow to manage the post-generation review layer, with capabilities such as:
-
Code review with context: It reads the PR with full codebase awareness such as logic, data flows, dependencies, catching issues that go beyond the diff.
-
Automated CI triage: It parses pipeline failures, diagnoses bugs, and automatically retries flaky tests.
-
Autonomous remediation: It doesn’t just flag the issue—it generates, validates against your CI, and commits validated fixes directly back to the branch.
The end-to-end verification stack
Gitar works alongside SonarQube and brings AI-native intelligence to the entire verification workflow. It reads code the way AI reads it, with awareness of context, intent, and the logic of the change as a whole, extending coverage to functional bugs, logic errors, and behavioral issues by reviewing what the code is actually trying to do.
Together, the combination is greater than the sum of its parts. SonarQube’s deterministic precision and Gitar’s contextual intelligence reinforce each other. Issues one approach catches inform the other, and the coverage they provide jointly closes gaps neither could alone. A CI pass alone does not mean code is production-safe. Layering both approaches means more of what matters gets caught before it ships. Together, they provide a highly comprehensive and accurate review and verification of your code.
Resources
Explore the product details: Gitar product page
Join us June 11 at 10 a.m. CT for a live demo and Q&A session to learn more about Gitar: Register now
Pricing and plans: Contact our sales team
Please drop your questions, feedback, and thoughts in the thread below. We will be hanging out here to answer your questions!
John