Native IntelliJ PluginNo upload · Code stays local

Find what SonarQube misses
in your Java application

N+1 queries, memory leaks, circular dependencies, layer violations — detected in seconds inside IntelliJ. Works with Spring Boot, Quarkus, Micronaut, Wildfly, Jakarta EE and any Java project. No configuration. No upload required.

Your code never leaves your machine
Start free — no credit card 🧩 Install IntelliJ Plugin
80+ detection rules Full OWASP Top 10 coverage Works with any Spring Boot project AI-powered fix suggestions

Why JOptimize

What SonarQube doesn't catch

SonarQube is great for general code quality. JOptimize goes deeper on Java-specific patterns — JPA, Hibernate, concurrency, architecture — the issues that actually take your app down in production. Works with Spring Boot, Quarkus, Micronaut, Wildfly, Jakarta EE and any Java project.

Detection capabilityJOptimizeSonarQubePMD / SpotBugs
N+1 query detection (JPA/Hibernate)
@Transactional anti-patterns (JPA/Jakarta EE)
Spring AOP proxy self-invocation (@Cacheable bypass)
RestTemplate without timeout detection
Missing readOnly transaction on queries
Field injection anti-pattern detection
Unbounded queries without pagination
Architecture circular dependencies
Controller → Repository layer violation
God class / complex class detection
Hardcoded secrets & OWASP Top 10
AI-powered fix in IntelliJ (1-click)
Native IntelliJ Plugin
Code analyzed locally (never uploaded)

JOptimize complements SonarQube — it doesn't replace it. Use both.

IntelliJ Plugin

The only Java analyzer
built into your IDE

No context switch. No browser tab. Issues are highlighted directly in your code — with a ⚡ Fix button that calls Claude AI to explain and fix in one click. Works with any Java project regardless of framework.

  • Real-time highlights as you type
  • ⚡ Gutter icon → AI explanation + 1-click fix
  • Architecture audit tab (circular deps, layer violations)
  • Send results to dashboard for history & trends
  • Works with IntelliJ IDEA Community & Ultimate
🧩 Install from JetBrains MarketplaceGet API key
UserService.java
// UserRepository.java
public class UserService {
public List<User> getAll() {
em.createQuery("FROM User").getResultList();⚡ Fix
}
⚠ CRITICAL — Unbounded query
No pagination — loads ALL rows into memory.
Add setMaxResults() or use paginated API.

Three audits. One tool.

Pick what you need — or run all three.

Performance & Security

Deep static analysis targeting Java & JPA patterns that generic tools miss. Spring Boot, Quarkus, Wildfly, Jakarta EE — all supported.

  • N+1 queries, save()/deleteById() in loop, unbounded findAll()
  • Spring AOP proxy self-invocation (@Transactional, @Cacheable)
  • RestTemplate / @Scheduled blocking the scheduler thread
  • OWASP Top 10 — full Java coverage, hardcoded secrets
  • Regex/split in loop, List.contains() O(n²), mutable Date in beans
  • 80+ rules across 7 categories
FreeTry it
Most popular

Architecture Audit

Understand how your codebase is structured — before it becomes unmaintainable.

  • Pattern detection — Layered, Hexagonal, etc.
  • Circular dependencies between packages
  • Layer violations — Controller → Repo direct
  • God class / complex class detection
  • AI recommendation for target architecture
ProTry it

Live Profiling

A JVM agent attaches to your running app and reports what's actually slow at runtime.

  • Slowest methods — avg, max, total ms
  • SQL count per method — confirms N+1
  • Heap & thread monitoring — live
  • No code changes required
  • Live dashboard — updates every 5s
ProTry it

4 ways to analyze your code

Pick what fits your workflow.

🧩

Recommended

IntelliJ Plugin

Real-time highlights in your editor. Architecture tab. AI fix. No upload.

# IntelliJ → Plugins

Search "JOptimize"

Install → restart → done

Install from Marketplace

Easiest

GitHub or ZIP

Paste a GitHub URL or drop a ZIP file. No setup. Results in 30 seconds.

github.com/org/my-java-app

→ audit at joptimize.io

Most private

CLI — code stays local

Runs locally. Only results are sent — never your source code.

npm i -g @joptimize/cli

joptimize analyze .

✓ Score: 72 · 3 critical

Runtime

JVM Agent — live profiling

Attach a JVM agent to your running app. See what's slow in real time.

joptimize monitor \

--app "java -jar app.jar"

📡 Live session started

Full OWASP Top 10 Java Coverage

SQL injection · Hardcoded secrets · Broken access control · SSRF · Weak crypto · Vulnerable components · and more

A01 Broken Access ControlA02 Cryptographic FailuresA03 InjectionA04 Insecure DesignA05 MisconfigurationA06 Vulnerable ComponentsA07 Auth FailuresA08 Software IntegrityA09 Logging FailuresA10 SSRF

Privacy first

Your code stays private

We take code privacy seriously. Here's exactly how each method handles your code.

🧩

IntelliJ Plugin

100% local
  • Runs entirely on your machine
  • No code sent to any server
  • Only analysis results uploaded
  • AI fix uses isolated context only

CLI Tool

Results only
  • Analysis runs locally
  • Only issue metadata is sent
  • Source code never uploaded
  • Works offline (analysis step)
🌐

SaaS (ZIP / GitHub)

Deleted after analysis
  • Analyzed in isolated memory
  • Deleted immediately after scan
  • Never stored on disk
  • HTTPS-only transfer

Simple pricing

Two plans. No hidden fees. Cancel anytime.

Free

€0forever
  • Performance & Security analysis
  • IntelliJ Plugin (full access)
  • Dashboard & reports
  • CLI (basic)
  • Up to 3 analyses/month
Get started free
Recommended

Pro

€9.99/month
  • Everything in Free
  • Architecture audit (circular deps, layer violations)
  • Live JVM Profiling
  • AI summaries on every report
  • Ask Claude — 150 calls/month
  • Score history & trending
  • Unlimited analyses
  • PDF export
Get Pro

7-day money-back guarantee

Secure payment via Paddle · Java is a registered trademark of Oracle Corporation

Ready to find the issues SonarQube misses?

Install the IntelliJ plugin in 30 seconds — or upload your Java project and get a full report. Spring Boot, Quarkus, Wildfly, Jakarta EE — all supported.

Start free 🧩 Install Plugin