One Product, One Price

ALL SOLUTIONS 

Open Source

$0

For Open Source software development projects    

  

  • Basic access to all solutions
  • Public repos
  • Best effort analysis time

No credit card required

Pro

$15

Smaller  teams with fewer projects that need to automate code quality and security.

Per developer / month billed annually
or $18 billed monthly (up to 30 seats)

  • All solutions
  • Public & private repos
  • Fast analysis time
  • Basic integrations
  • Limited amount of repos

 

 

No credit card required

Business

Contact Sales

For large teams that scan lots of projects for quality and security issues.

Per developer/month billed annually

  • Everything in Pro, and
  • More than 30 seats
  • Fastest, prioritized analysis time
  • Advanced integrations & reporting
  • Service Level Agreements (SLA)
  • Dedicated CSM & training
  • Priority support
  • Audit logs
  • Roadmap assurance
  • Unlimited repos
  • DAST

Features Included

logo_codacy
Codacy_Quality_logo_col (1)
Style=Primary, Type=Horizontal, Theme=Security 2
Style=Primary, Type=Horizontal, Theme=Coverage 1
logo_codacy_pulse-1
open Source
Pro & Business
Public cloud-based repositories
Limited
Up to 100 repos Pro, Over 100 repos Business
Private cloud-based repositories
Limited
Up to 100 repos Pro, Over 100 repos Business
Faster analysis processing
---
GitHub, Bitbucket and GitLab integration
IDE integration
Pull request workflow integration
Customizable quality gates
API access
Slack & Jira integration
Organization reporting
---
Shareable reporting
---
SOC2 Report
---
Audit log
---
Business only
Static IP addresses for allowlisting Codacy
---
Additional Cost
Customer support (email & chat)
Service Level Agreement (SLA)
---
User training
---
Dedicated customer success manager
---
open Source
pro & business
Languages & frameworks supported
40+
40+
Static analysis for Infrastructure-as-code (IaC)
No configuration onboarding
Automatic linter config file detection
Enforce coding styles across teams
1-click autofixes for GitHub
Codacy AI - Auto suggested fixes
Performance issues
Duplication issues
Error Prone issues
Complexity issues
Compatibility issues
Unused Code issues
Documentation issues
Style issues
Open source & Pro
Business
Static Code Analysis (SAST)
Language and frameworks supported
31+
31+
Supply Chain Security (SCA)
Per commit
Language and frameworks supported
13+
13+
Hard Coded Secrets (SECRETS)
Language and frameworks supported
19+
19+
Infrastructure-as-code (IaC)
Language and frameworks supported
8+
8+
Penetration Testing as a Service (PENTEST)
---
Dynamic Application Security Testing (DAST)
---
Business only
Cloud Security Posture Management (CSPM)
---
Coming soon
Open source
Pro & Business
Coverage report formats supported
12+
12+
Line coverage
Diff coverage
Variation
Policies
Minimum Coverage Gated on PRs
open Source
pro & Business
DORA metrics
Pull request lifecycle metrics
Lead and cycle time metrics
Annotate decisions and actions in time
Integration events/month (extra events for more)
10,000
10,000
Data retention
1 Year
1 Year
Historical data import
3 Months
1 Year

Want to talk?

FAQS

How does Codacy work?

Codacy is the easiest way for engineering teams to maintain a clean and secure codebase without any pipeline integrations, ready to go with a few clicks:

  1. Log in with your GitHub, Bitbucket or GitLab account to add your organization or workspace (requires org admin permissions)
  2. Add your repositories with the click of a button. Codacy scans the entire codebase for quality and security violations within minutes. Easily browse all findings, and tackle the most critical risks before they cause damage.
  3. As the codebase evolves, every new Pull/Merge Request is scanned in real time, catching new quality and security violations before they get merged, built and released.

On top of code scanning, Codacy tracks test coverage results across files and Pull Requests, preventing untested critical code from being merged.

Why does Codacy not require any CI/CD pipeline integration for code scanning?

Codacy's code scanning as-a-service allows businesses to reduce hosting and maintaining complex, dynamic and costly pipeline integrations while ensuring full quality and security coverage across all projects and languages.

As a 100% cloud-based GitHub, Bitbucket and GitLab app, Codacy uses webhooks to keep track of all code changes in real time, and performs all scans on its own AWS infrastructure, while seamlessly updating the latest coding conventions and scan rules for you to keep up with industry trends and evolving programming languages.

For more details on how Codacy keeps your source code safe, see here.

What sort of quality issues can Codacy detect?

Codacy scans source code in 49 languages across a range of common violations, including error prone code, performance problems, complex code, duplications and code style deviations. Learn more about issue categories here.

What sort of security issues does Codacy detect?

Codacy detects a wide range of security vulnerability types through a curated collection of analysis tools built into the Codacy platform:

  • Static Application Security Testing (SAST)
  • Hardcoded Secrets and Passwords
  • Infrastructure-as-code (IaC scanning)
  • Software Composition Analysis (SCA) / Dependency checks
  • Dynamic Application Security Testing (DAST)
  • Penetration Testing (manual testing via Bulletproof)
  • License scanning (coming soon)

Learn more about security categories here.

Does Codacy support projects versioned on self-hosted GitHub, GitLab or Bitbucket?

No, Codacy currently does not support projects hosted on any on-premise Git deployments.

The supported Git providers are GitHub Cloud, Bitbucket Cloud, and GitLab Cloud.

Does Codacy support projects versioned on Azure Repos?

No, Codacy currently does not support integrations with projects hosted on Azure Repos.

The supported Git providers are GitHub Cloud, Bitbucket Cloud, and GitLab Cloud.

Does Codacy support my programming language?

Codacy supports 49 popular programming languages and frameworks across back-end, front-end, infrastructure-as-code, mobile code, and everything in between. See a full list of supported languages here.

Can I use Codacy locally in my IDE?

Yes, Codacy provides plugins for Jetbrains IDEs and VSCode (requires GitHub, Bitbucket or GitLab integration on codacy.com)

The Codacy plugin shows all scan results and fix suggestions for every open Pull Request right inside the IDE for more seamless code reviews, faster remediation, and to help avoid context switching.

While real-time scanning within the IDE (outside the Pull Request flow) is not supported yet, make sure to stay tuned for a major update to our IDE plugin in 2025! 🤫

Is my code secure?

As we provide cloud solutions for leading enterprises around the world, keeping our customers' data protected at all times is the highest of all priorities. Codacy has implemented bulletproof cloud security measures in accordance with the latest industry standards, and certified by SOC2.

For details on Codacy's security measures, visit https://security.codacy.com.

Is my personal data secure?

Codacy is compliant with the General Data Protection Regulation (GDPR). The purpose of GDPR is to protect the private information of EU citizens and give them more control over their personal data.

For any further questions about personal data privacy, contact us at security@codacy.com.

 

What is the right plan for me?

Open Source (free): For individuals and teams working exclusively on public projects.

Pro: For individuals and teams of up to 30 contributors working on up to 100 private projects.

Business: For engineering organizations with more than 30 contributors or more than 100 private projects, as well as teams with advanced security, reporting, and support requirements (see comparison table above)

 

How does Codacy count user seats?

Codacy requires a seat for every Git contributor who commits code changes to a private repo added to Codacy. Typically, the required number of seats reflects the total size of the development team.

What is a 14-day trial?

Simply sign up with your Git provider (no credit card required), and enjoy full access to the Codacy platform for 14 days, free of charge.

After the trial period, you can upgrade to a paid plan to continue using Codacy with private repositories, or keep scanning your public repositories for free on the Open Source plan.

Which payment methods do you accept?

Codacy accepts credit cards by Visa, Mastercard, American Express, and Discover. Wire transfers and ACH are accepted only for annual Pro and Business plans.

If your preferred payment method is not supported, please contact us at billing@codacy.com.

Can I change or cancel my plan anytime?

Yes, you can change or cancel your plan at any time. If you choose to cancel your annual subscription before the conclusion of the 12 months, your account will continue to work for the remainder of the annual billing period.