top of page
Sep 30, 2025

​

September 30, 2025:

Updates to TeamCity On-Premises Renewal Pricing

We’re committed to continuously improving TeamCity and providing high-quality support. To reflect that ongoing investment, we’re updating our renewal pricing and grace period policies, effective November 3, 2025.

At the same time, we’re ensuring that all existing licenses purchased before November 3, 2025, will continue to benefit from the current renewal discounts.

What’s changing?

  • Starting November 3, 2025, the 50% renewal discount will no longer apply to new TeamCity On-Premises licenses (TeamCity Enterprise server or TeamCity agent). New licenses purchased from that date will be renewed annually at the full standard price.

  • Previously, TeamCity On-Premises licenses could be renewed within 12 months of the expiry date and still be eligible for the renewal discount. Now, for existing TeamCity On-Premises licenses (purchased before November 3), licenses must be renewed within one month of the expiry date to benefit from the 50% renewal discount.

Next steps

We recommend you review your current TeamCity On-Premises licenses and, if you are planning to buy a new license, consider purchasing the license before November 3, 2025, to lock in the discounted renewal rates.

Renewing TeamCity licenses on time each year ensures uninterrupted access to our technical support team, as well as to all new TeamCity versions and updates released during the maintenance period. 

​

September 12, 2025:

​

Achieve Effortless GitHub Releases With a New Plugin for TeamCity

 

GitHub releases are fantastic for distributing your open-source projects, as they let you turn any code revision into ready-to-go assets with a detailed version history. What makes them particularly popular, though, is that they give users a proper Download button (because not everyone dreams of compiling source code).

In TeamCity, the traditional approach for publishing GitHub releases is to run custom scripts via the Command Line build step. While certainly viable, this approach comes with a catch: You need to write and maintain that script and handle authentication on your own. Even more frustrating, TeamCity already has a perfectly good authentication token tucked away in your VCS root – an authentication token that you cannot directly reuse.

The new GitHub Releases Support plugin aims to eliminate this inconvenience once and for all. No more guesswork, no more custom scripting. With just a few clicks, you can publish your builds as GitHub releases and focus on shipping features instead of wrangling scripts.

Install

This is an unbundled plugin, which means you’ll need to download it from our Marketplace and install it on your server. To do this, click the Get button in the top right corner of the plugin page, or go directly to the Admin | Plugins page of your TeamCity server and click Browse plugins repository.

See also: Installing Additional Plugins

Configure

Once the plugin is installed, you can add the GitHub Release step to build configurations as you would any other build step.

Here’s a quick overview of the key settings:

  • Release Repository – The GitHub repository where your release will be published. TeamCity automatically lists repositories based on the VCS roots attached to the parent build configuration.

  • Release Tag – The unique tag to label your new release. Use a parameter reference (%teamcity_parameter_name%) to fetch this value from a TeamCity parameter. You can provide this value before the build starts (via the Run Custom Build dialog) or calculate it during a build.

  • Release Title and Release Notes –  Additional details that are optional, but highly recommended. Your users will appreciate a concise description and some context. You can import the content for these fields from TeamCity parameters and let GitHub append its own auto-generated notes to your custom ones.

  • Asset Paths – Files you want to publish as release assets. If you’ve run the build before, you can simply browse and select files using the folder browser instead of typing paths manually.

  • Release Options – A field where you can mark the release as a draft or pre-release, or flag it as the latest release.

 

The plugin supports multiple authentication methods, seen in the Commit Status Publisher or similar TeamCity build features.

  • Use VCS root credentials — Reuse the same authentication method your VCS root already uses.

  • Access Token — Provide a personal GitHub access token, issued on your GitHub profile settings page.

  • GitHub App access token — Use an existing GitHub App token, or create a new one, directly from TeamCity. See this documentation article for more information.

Kotlin DSL

For those who enjoy configuration as code, here’s how the step settings look in the Kotlin DSL:

gitHubRelease {

name = "Publish release"

targetVcsRootId = "${myVcsRoot.id}"

githubUrl = "https://api.github.com"

tagName = "v%release.version.number%" // Supports parameter references

releaseName = "Release %release.version.number%" // Optional, uses 'tagName' if omitted

releaseNotes = """

## Changelog:

%release.changelist%

""".trimIndent()

// Optional, specified files will be uploaded as release assets.

// Paths are relative to the checkout directory, files should be present when this step runs

assetPaths="""

library/build/libs/library-1.0-SNAPSHOT.jar

app/build/libs/app-1.0-SNAPSHOT.jar

""".trimIndent()

latest = true // Optional, labels the published release as the latest one

authType = vcsRoot()

}

Run

Once everything is set up, hit that big blue Run button.

When the build finishes, you’ll see a Release Details section on the Build Results page. From there, click the provided link to open your freshly minted GitHub release. (Cue a sigh of relief, and maybe a small celebration.)

​​

September 11, 2025:

Software Composition Analysis vs. Static Code Analysis: What’s the Difference?

​

Modern software development relies on speed, reuse, and integration. Teams not only write their own code but also depend heavily on third-party libraries, frameworks, and open-source packages. To ensure security and quality in this environment, developers often turn to two different but complementary practices: software composition analysis (SCA) and static code analysis (SAST).

Although the names sound similar, these approaches have different purposes. Understanding the differences is key to building a good software quality and security strategy, improving developer experience and creating better products!

What is software composition analysis?

Brian Beckmann from Meta Reality Labs said “Compositionality is THE way to control complexity” which is relevant to SCA. Software composition analysis focuses on dependencies and third-party components in your codebase. Instead of analyzing the custom code written by your team, it scans for:

  • Open-source libraries and frameworks included in your project

  • Known vulnerabilities in those components, using databases like the National Vulnerability Database (NVD)

  • License compliance issues, ensuring that dependencies don’t create legal or contractual risks

  • Outdated or risky versions that could expose your application to exploits

SCA is most effective when used continuously in the development pipeline. It answers the question: “Is the software I’m building on top of safe and compliant?”

What is static code analysis?

Static code analysis, sometimes called SAST, looks at the custom code your team writes. Without executing the program, these tools scan source code or bytecode to find:

Code quality issues such as dead code, unused imports, and style violations, security vulnerabilities like SQL injection risks, improper input validation, or unsafe deserialization, Maintainability concerns such as overly complex methods, code duplication, or poor naming and performance pitfalls including inefficient loops or resource leaks.

Static code analysis integrates into IDEs and CI/CD pipelines, giving developers feedback early in the development process and can improve developer experience. It answers the question: “Is the code my team is writing safe, efficient, and maintainable?”

Software composition analysis vs. static code analysis: the differences

When comparing software composition analysis vs static code analysis, the distinction comes down to scope:

Software Composition Analysis looks outward: at external packages, libraries and dependencies. 

Static Code Analysis looks inward: at the source code written by developers. 

​

How SCA and static code analysis work together

The most effective organizations don’t choose static code analysis vs software composition analysis, they use both. This is because both tools flag issues early, but they operate on very different parts of the software system. Each covers gaps the other leaves open:

  • SCA ensures that external code is safe, up-to-date, and license-compliant.

  • Static code analysis ensures that internal code meets quality and security standards.

  • Combined, they create a holistic defense: identifying risks in your own work and in the ecosystem you rely on.

For example, Qodana integrates static code analysis with checks for vulnerabilities and license issues, giving teams a unified view of risks across both custom and third-party code.

Is Qodana a SCA or SAST?

Qodana is mostly a SAST (static application security testing) tool, also called static code analysis. It analyzes your own source code without running it, flagging:

  • Code quality issues (dead code, unused imports, maintainability problems)

  • Security vulnerabilities (unsafe input handling, SQL injection risks, etc.)

  • Compliance concerns (license checks, potential policy violations)

That said, Qodana also includes some SCA-like capabilities, such as detecting license incompatibilities and known issues in dependencies. So it’s best described as a static code analysis platform with extended features that overlap into software composition analysis.

TL;DR

When comparing software composition analysis vs static code analysis, it is not an either/or choice. SCA focuses on external dependencies, while static code analysis focuses on internal code. Together, they improve overall code quality, reduce security risks, and make compliance more manageable.

By integrating both into your development workflow, you give your team the guardrails to build software that is not only functional, but secure, reliable, and sustainable.

​

September 10, 2025:

TeamCity 2025.07.2 Is Available

​

Today we are releasing our second bug-fix release for the 2025.07 major release —TeamCity On-Premises 2025.07.2. This update ships a considerable number of bug fixes, including the following:

  • Multiple issues related to the recently introduced pipelines.

  • Builds that process changes from pull requests run for the default configuration branch.

  • Hanging builds remain stuck in a build queue, ignoring the timeout settings.

  • Inability to download a JDBC driver.

Apart from resolving regular bugs, all TeamCity bug-fix updates also include performance and security improvements. For that reason, we recommend that you never ignore bug-fix releases and update your On-Premises servers whenever possible. See TeamCity 2025.07.2 Release Notes for the complete list of resolved issues.

Why update?

Staying up to date with minor releases ensures your TeamCity instance benefits from the following:

  • Performance improvements.

  • Better compatibility with integrations.

  • Faster, more stable builds.

  • Enhanced security for your workflows.

Compatibility

TeamCity 2025.07.2 shares the same data format as all 2025.07.x releases. You can upgrade or downgrade within this series without the need for backup and restoration.

How to upgrade

  1. Use the automatic update feature in your current TeamCity version.

  2. Download the latest version directly from the JetBrains website.

  3. Pull the updated TeamCity Docker image.

​​

August 22, 2025: ​

Google Drive Integration, Python 3.11 in Conda Environments, and Security improvements in Datalore 2025.4

​

Datalore 2025.4 is now available, bringing support for Google Drive folders as data connections, Python 3.11 in conda environments, and a dozen of small behind-the-scenes enhancements and bug fixes.

These updates are already available for Datalore Cloud users, and Datalore On-Premises users can get them by updating their Datalore instance.

Google Drive integration

At Datalore, we strive to help all data teams make the most of their data – no matter where it is stored. That’s why we’ve expanded our set of database and cloud storage connectors to include Google Drive folders. Even if your team doesn’t store data in cloud buckets and prefers Google Workspace, your notebooks can always point to the latest version of CSV, JSON, Parquet, and other files without manual exports and re-uploads. 

Learn more about connecting to Google Drive from Datalore.

Python versions in conda environments

The default Python interpreter in conda environments now uses Python 3.11, so that you can benefit from better performance, security, and support for library compatibility. 

If your project in Datalore On-Premises depends on older or custom packages, you can build and use a custom image tailored to your exact needs. In Datalore Cloud, you can select the Python version that best fits your stack requirements when creating a notebook.

Security

In this release, we made Datalore even more secure. We introduced multiple security improvements, including fixes for CSRF- and XSS-related vulnerabilities, ensuring stronger protection for your Datalore instances. We also resolved a rare issue that could prevent interactive tables from displaying correctly and addressed problems affecting Plotly chart rendering.

More features are on the horizon, so keep an eye out for what’s next!

​

​August 14, 2025:

New Quarter, New Qodana 2025.2 Release Highlights 

​

Following the recent rollout of our new Insights dashboardNative modeSelf-Hosted Lite version, SSO functionality, and Visual Studio plugin, our Qodana 2025.2 update promises another round of improvements and extensions. Take a look at what we’ve been doing as we focus on providing greater access to code quality and security in your organization, and let us know what you’d like to see on the roadmap. 

Native mode is now available for Go and Python linters

We’ve expanded Native mode to three more linters:

  • qodana-go

  • qodana-python

  • qodana-python-community


To learn more about the difference between Native mode and Dockerized execution, how the choice can be important for setting up the right environment, and how Native mode simplifies the use of Qodana throughout the development lifecycle, take a look at this blog post. It details how you don’t need to use Docker images anymore.

Now qodana-cli supports scans like:

```

qodana scan --linter qodana-go --within-docker false

```

Check out the documentation for details on how to specify a virtual environment for analysis, with qodana-python, for example.

​

Security analysis has a new look with a redesigned Taint Trace Explorer

Version 2025.2 brings enhancements to the Taint Trace Explorer interface in the Security Analysis by Qodana plugin for IntelliJ IDEA. The updates are designed to improve trace readability, make navigation more efficient, and provide more information about traces.

We’ve redesigned the interface to offer you a more structured and informative layout. The updated UI simplifies the navigation of complex, multi-step traces, and a clearer visual hierarchy makes it easier to understand the results of the analysis.

The interface now provides descriptions for trace steps 

Each step in a taint trace now includes a contextual description explaining its role in the data propagation chain. The description clarifies the semantics of each transition, like variable assignments, method calls, and the propagation of tainted data through parameters. This simplifies understanding how tainted data moves through the application.

Additionally, taint traces now feature summary-level descriptions that provide quick overviews of the flow from source to sink. These summaries help show the significance of each trace at a glance, making it easier to assess the impact of a vulnerability and prioritize which issues to fix during large-scale reviews.

View highlighted steps in the main editor

Each step of a taint trace is now directly highlighted in the code editor. As you navigate through the trace, the corresponding step in the source code is highlighted. This allows you to easily context switch between trace and code, improving your understanding of the code as you go.

What does this mean for you and your team? 

✓ Faster trace analysis through improved UI clarity and contextual insight.

✓ Better trace triaging, with high-level context available up front.

✓ Greater scalability for analyzing applications with complex or overlapping data flows.

✓ Enhanced usability for both application security specialists and developers.

 

Taint analysis is faster and more accurate

Taint analysis has become much faster thanks to the ability to pre-filter.

A lightweight interprocedural finite distributive subset analysis (IFDS) now runs as a preprocessing step. It checks whether there are any potential paths from sources to sinks within the current scope.

If no paths exist through certain functions, those functions are eliminated from further analysis.

The IFDS algorithm operates in linear time and is field-sensitive, call-sensitive, and flow-sensitive thanks to SSA transformation.

Analysis is also more precise

After filtering, the original, more precise taint analysis runs on the reduced scope, focusing only on potentially relevant paths.

This allows Qodana to analyze codebases of 7 million lines of code in just under half an hour.

IFDS also makes the reported paths linear and unambiguous.

We’ve also increased accuracy by fixing a number of false positives and false negatives. And on top of all that, none of these improvements compromise analysis speed. 

​

OWASP Top 10 coverage for Java and Kotlin has been enhanced

Qodana 2025.2 Owasp updates

Not long ago, we announced that Qodana would increase its number of OWASP Top 10 checks. This release brings key improvements to Java and Kotlin support, with stronger detection across critical OWASP Top 10 categories. These updates help you dive deeper into your code, catch more issues, and work more reliably with large codebases.

Expanded taint modeling for Java collections: We’ve added support for all standard Java collections, so taint information now flows more accurately through the data structures you use every day.

Coverage for Kotlin collection APIs: With support for Kotlin’s standard collection APIs, you and your team can now surface more issues related to data flow and security in your Kotlin code.

Kotlin string taint propagation: We’ve added tracking for Kotlin string APIs to help you catch injection risks and data exposure problems in string operations.

Kotlin engine stability improvements: We fixed several behind-the-scenes issues to make Kotlin analysis more stable and consistent, especially in bigger projects.

Improved field-sensitive data flow in Java: Taint tracking now follows data through class fields more effectively, giving you better visibility into complex object graphs and helping reduce missed issues.

​

CMake preset support in qodana-cpp

Qodana for C++ (EAP) now supports CMake presets, giving you greater control over compilers and environments. You can use the new cpp section in qodana.yaml to specify a CMake preset for your project:

version: "1.0"

cpp:

cmakePreset: my-qodana-preset

What is a CMake preset?

Introduced in version 3.19,  CMake presets allow for a structured way of versioning, modifying, and sharing various configuration options you would usually specify on the command line. They are defined in a CMakePresets.json file inside your project, which should be committed to VCS. In the context of Qodana, when we talk about “presets”, we are referring to “configuration presets” – those specified in the eponymous field inside the JSON file.

Each preset allows you to specify options you would usually write in the command line when configuring CMake: target build directory, cache variables, preferred generator, compilers, etc. You can check out the CMake documentation for more information.

How do you use a CMake preset to customize analysis?

First, you need to make some decisions about the environment you want to run your analysis in, for instance:

  • Do you want the analysis to run when your project is configured for debugging or release?

  • Do you care which compiler is used (GNU Compiler Collection, Clang, cross-compiler, etc.)?

  • Do you want to set any CMake -D… variables?

Now, create a CMakePresets.json file in the root of your project and specify this environment. Below is an example with comments added for clarity. Note that comments are not allowed in actual JSON files.

{

"version": 3,

"configurePresets": [

{

"name": "my-qodana-preset",

// Specify generator.

"generator": "Ninja",

"binaryDir": "build",

"cacheVariables": {

// Specify build type.

"CMAKE_BUILD_TYPE": "Release",

// Use a specific C and C++ compiler.

// Check out the `bootstrap` secion in qodana.yaml to install your own compiler!

"CMAKE_C_COMPILER": "clang-16",

"CMAKE_CXX_COMPILER": "clang++-16",

// Set project-specific variables.

// Equivalent to `cmake ... -DUSE_OPENGL=1`

"USE_OPENGL": true,

"BUILD_EXTENSION": false

}

}

]

}

What is the difference between a CMake preset and a CLion profile?

CLion profiles perform a similar function to CMake presets, but are specific to the CLion IDE. 

When working in CLion, the IDE scans your CMake presets and creates an equivalent profile with the same name. Keep in mind that a CLion profile with the same name as a preset will override it. Using CLion profiles for analysis is not explicitly supported.

What if I don’t use a preset? What happens to my current configuration?

If the cmakePreset field is missing from qodana.yaml, Qodana will try its best to analyze the project with the default settings. However, for best results, it’s recommended to use a preset.

​

CLI parameter updates for smoother setup

In this release, we reorganized the parameters available for configuring linter behavior. We’ve introduced two new parameters (--image and --within-docker), changed the available values for the --linter parameter, and deprecated the –ide parameter.


We’ve also simplified the --linter parameter. So, instead of writing:

qodana scan --linter jetbrains/qodana-jvm:2025.2

you should use:

qodana scan --image qodana-jvm

If the linter should be executed in Native mode, the only difference is that you need to add `--within-docker false` . So instead specifying it the old way:

qodana scan --ide QDJVM

use this instead:

qodana scan --linter qodana-jvm --within-docker false

Here’s another example, this time of a case where the linter should be executed with a specific Qodana Docker image. In this case, you no longer need to use:

qodana scan --linter %some-repo%/qodana-jvm:2025.2

You should instead use the –image parameter, like so:

qodana scan --image %some-repo%/qodana-jvm:2025.2

For more detailed information, read the documentation or take a look at the qodana-cli repo on GitHub.

​

What to do next

Those are the key updates for this release. If you’re using the latest release tag, you don’t need to do anything to enjoy the benefits of our new Qodana 2025.2 release. Otherwise, please switch from 2025.1 to 2025.2 to update. Users of GitHub Actions, Azure DevOps, and Circle CI can find the latest version of the extension here.

For more information, including detailed setup instructions for each feature, please refer to our official documentation.

​

August 14, 2025:

TeamCity 2025.07.1 Is Here

​

TeamCity On-Premises 2025.07.1, the first bug-fix for the recently released TeamCity 2025.07, is ready to be installed on your On-Premises servers. This update addresses a significant number of issues, including:

  • Commit status publisher throws exceptions if its authentication settings are specified using parameters instead of raw values;

  • If multiple authentication modules are used, a user profile can display an incorrect OAuth account connected;

  • TeamCity servers behind an IIS proxy may fail to show builds on the Project Overview page;

  • Multiple Pipelines-related issues.

Bug-fix updates also include performance and security improvements, so we recommend installing them promptly. See TeamCity 2025.07.1 Release Notes for the complete list of resolved issues.

Why update?

Staying up to date with minor releases ensures your TeamCity instance benefits from the following:

  • Performance improvements.

  • Better compatibility with integrations.

  • Faster, more stable builds.

  • Enhanced security for your workflows.

Compatibility

TeamCity 2025.07.1 shares the same data format as all 2025.07.x releases. You can upgrade or downgrade within this series without the need for backup and restoration.

How to upgrade

  1. Use the automatic update feature in your current TeamCity version.

  2. Download the latest version directly from the JetBrains website.

  3. Pull the updated TeamCity Docker image.

​

July 31, 2025:

Introducing TeamCity Recipes: Reusable CI/CD Building Blocks

​

Build steps are often repeated over and over – within a single project or team, or even across a whole organization. These patterns tend to get copy-pasted, manually adapted, and maintained in parallel. This can lead to inconsistencies and extra maintenance work.

With the latest TeamCity release, we’re addressing that problem head-on. Say hello to TeamCity recipes: customizable build steps that can be reused, versioned, and published on the JetBrains Marketplace (or used internally in your organization).

Whether you’re managing dozens of pipelines or just want to save time setting up repeatable build logic, recipes are designed to streamline your CI/CD workflows. Let’s take a closer look at what recipes are about.

What are TeamCity recipes?

Recipes are build steps you can save and reuse whenever you need to repeat the same setup. They help you avoid reinventing the wheel by letting you define and reuse common build logic.

TeamCity recipes on JetBrains Marketplace

Recipes can be:

Each recipe can include configurable parameters, documentation, and versioning, making them easy to integrate and maintain.

For more information about what recipes are and how they’re different from meta runners, please refer to our documentation.

What’s new in this release?

Public contributions via the JetBrains Marketplace

For the first time, external users can publish their own recipes to the JetBrains Marketplace. This opens the door to a community-driven ecosystem of reusable build logic, maintained and shared by TeamCity users around the world.

To upload your own recipes to the Marketplace, follow these steps.

Redesigned recipe installation UI

Our new interface provides a more user-friendly installation experience:

  • View author details and recipe versions.

  • Install specific versions.

  • Preview source code before installing.

Example of a TeamCity recipe

This transparency ensures that users can review and trust third-party contributions.

YAML support for private recipes

Previously known as meta runners, private recipes can now be written in YAML. This modern syntax improves readability and maintainability. While XML is still supported for backward compatibility, YAML is now the recommended format.

Unified UI for recipe management

Manage both public and private recipes from a single interface:

  • Upload and organize private recipes at the project level.

  • View usage across build configurations and templates (including private recipes).

  • Detect outdated or unavailable recipes that could break builds.

Why use TeamCity recipes?

Whether you’re reusing steps within your organization or using recipes created within your organization or outside of it, this feature offers a practical way to reduce duplication and simplify maintenance.

Public recipes give you access to a growing library of build steps created by the TeamCity community. Because each recipe is a small, self-contained file with visible source code, you can review what it does before using it. 

Private recipes, on the other hand, help teams standardize their internal workflows. Written in YAML, they’re easier to read, edit, and debug compared to older XML-based meta runners. And because they’re scoped to your TeamCity project or organization, they stay private and secure.

Both public and private recipes are easier to create and share than full-fledged plugins, lowering the barrier to contribution.

Built for safety

The idea behind recipes might feel familiar: many CI tools offer reusable build logic. But with TeamCity Recipes, we’ve taken a more opinionated approach to how they’re configured, shared, and executed, focusing strongly on security, transparency, and ease of use.

Unlike some other ecosystems, TeamCity doesn’t default to using floating versions like latest, which can introduce unintentional changes into your builds. When you install a recipe, you choose a specific version, giving you more control and predictability.

When a new version becomes available, TeamCity will notify you, but won’t auto-upgrade anything without your knowledge and permission.

Every public recipe comes with visible source code you can inspect directly from the TeamCity UI before installing and from the overview page after the installation. Once installed, the build step editor automatically adapts to the Recipe’s parameters, presenting clear controls and descriptions instead of relying on manual text input. 

This makes Recipes not only easier to trust, but also easier to configure and debug, especially for teams that value visibility and safety.

How to publish a recipe

Publishing a recipe is simple:

  1. Log in to the JetBrains Marketplace.

  2. Choose “TeamCity Recipes” as the plugin type.

  3. Upload your recipe with metadata and namespace (to avoid naming collisions). Namespaces allow multiple users to publish recipes with the same name under different scopes.

​

Give it a try

Recipes are now live in TeamCity. Browse the Marketplace, experiment with public recipes, or create your own to simplify and supercharge your CI/CD pipelines.

We believe this feature will help foster a more vibrant, collaborative TeamCity community, and we can’t wait to see what you build 🚀

Stay tuned for upcoming tutorials and videos showcasing what’s possible with recipes!

​

July 17,2025:

Qodana Cloud vs. Self-Hosted Lite: Which Is Best for Your Team? 

​

Onboarding development teams with new tools can be difficult. People disagree about what’s best, and different organizations have different pains, needs, and regulations. Which option is the best for you? How do you find consensus in your team? How much control do you need over your data? There are many considerations, and it can feel overwhelming. 

One size won’t ever fit all, but as software development teams increasingly adopt DevOps practices and shift-left testing, we want to make integrating static code analysis tools like Qodana into your workflows easy and efficient. 

With this in mind, we want to help you identify which setup is right for your team when it comes to deployment: Qodana Cloud or Self-Hosted Lite.

Each option brings its own set of benefits and trade-offs. Whether you prioritize speed of adoption, data sovereignty, or infrastructure control, Qodana has a deployment path tailored to your needs. Below, we’ll walk through the key differences to help you make an informed decision.

​

Qodana Cloud: Fast, scalable, and genuinely easy to set up and use

Qodana Cloud is the simplest way to get started with static code analysis. Hosted and managed by JetBrains, it’s ideal for teams that want to minimize overhead and focus on code quality without worrying about infrastructure.

From what we’ve seen, it’s best for teams that want zero setup and automatic updates, startups or mid-sized companies, and organizations that don’t have strict compliance needs. The Ultimate plan can be ideal for small-to-medium businesses that want to hit the ground running, but Ultimate Plus is universally the best option for code quality and security from Qodana. 

Qodana Cloud is especially useful for organizations without dedicated DevOps resources or infrastructure constraints. For teams focused on speed and productivity, especially those in the early or rapid growth stages, Cloud can provide the shortest path to value.

Go for Cloud if you want:

  • Low maintenance, with super easy setup.

  • To stay up to date with the latest Qodana features.

  • Good integration with JetBrains IDEs and popular CI/CD pipelines.

  • SSO support and ID integration for easy access.

Qodana Self-Hosted Lite: Lightweight, quick to deploy, and fully self-hosted

Qodana Self-Hosted Lite is our newest offering. It’s a Docker-based, self-hosted package designed for quick setup and full feature parity with Ultimate Plus. 

It’s perfect for teams that need data control without the complexity of full-scale infrastructure engineering, like enterprises and teams in regulated industries (such as healthcare, finance, or government). It’s also good for teams that need fast proof-of-concept or production installations or that operate in environments with limited or no internet access. 

​

Self-Hosted Lite benefits:

  • One-command installation using the Qodana Installer CLI.

  • Works on Linux, macOS, and Windows (via WSL).

  • Runs on Docker Swarm (with Kubernetes support coming in Q4).

  • Full feature-completeness, except for SSO in the cloud trial version.

Cloud vs. Self-Hosted Lite in a nutshell

FeatureQodana CloudSelf-Hosted Lite

Setup timeNearly instantVaries (can be quick)

InfrastructureJetBrains-managedCustomer-managed (Docker)

Compliance readinessModerateHigh

SSO supportYes (Cloud Trial excluded)Yes

Kubernetes supportN/AComing Q4 2025

Ideal use caseStarting quickly, small teamsProof of concept, secure environments

Update modelAutoRe-pull Docker image

Air-gapped supportNoYes (via mirrored images)

Qodana Cloud versus Qodana Self-Hosted Lite

Choosing the right option for your team

At the risk of oversimplifying, there are a few easy ways to determine which version of Qodana will be most useful for your team. While our product experts will help you assess them more deeply, the following considerations can serve as a starting point.

Cloud

While enterprises make up about 70% of static code analysis users, smaller teams who use linters are becoming more competitive. Many of the teams we’ve spoken to say Qodana Cloud gives them simplicity and speed, so they can focus on the code and start fixing issues quickly.

With fast onboarding and no specific infrastructure required, it’s a great choice for high levels of functionality, learning, and collaboration, as well as for getting quick insights into code quality.

Self-Hosted Lite

Self-Hosted Lite offers privacy and control over your data without the complexity of managing a full infrastructure. It’s a lightweight solution that helps you get the most out of Qodana’s capabilities, especially in sectors like government, finance, and healthcare, where a self-hosted option is preferred by around 45% to 50% of the market, according to Verified Market Reports.

The rest of your options will be determined by the license you opt for, like Ultimate versus Ultimate Plus. 

​

Qodana has a dedicated team to help you decide!

No matter your team size or technical requirements, Qodana offers a way to integrate powerful static code analysis into your workflow. Speak to us directly or join our LinkedIn Community. 

We would be happy to offer you more information, and we can even set up a dedicated session to look at your use case specifically. The session will be confidential, and you’ll speak directly with members of our team. Keep in mind that businesses that move from a comparable solution are eligible for a 25% discount, so don’t miss out. 

​

July 8, 2025:

YouTrack Adds More Design Improvements

​

The new YouTrack 2025.2 release brings further design updates to make working on your projects easier. You also get a shared default dashboard and a growing set of useful apps. Here’s what’s new:

  • Project overview pages have been redesigned to increase clarity, with clickable hierarchy paths to help you move between project contexts.

  • New project templates improved the project creation wizard for general task management needs, advanced project management, and marketing.

  • A default dashboard for all users and external guests to use as a central hub for your organization.

  • New free apps can be found on JetBrains Marketplace to extend YouTrack’s functionality in various ways.

Redesigned project page for all users

Navigate to project information in one place

Project overview pages now offer an advanced project-centric navigation, with all project information closer to the main YouTrack menu. Using the left-hand sidebar, you can access issues, articles, and boards related to the project. To return to the overview or switch to other project content, you can use the new project icon, which provides quick access to the sidebar.

Additionally, you can now create new tasks and articles directly within the selected project from the project overview page.

Switch between multiple projects

When you are working within one project context but need to switch to another, you can now do so quickly from the project overview pages. A project drop-down list has been added to the clickable hierarchy paths, so you no longer need to return to the project list.

Improved project configuration for administrators

Create projects using new project templates

The improved project creation wizard helps project administrators create projects more easily and now includes new templates tailored to specific team needs, in addition to the existing Helpdesk and Scrum or Kanban software development templates.

Template for general task management needs

The Task Management template is ideal if you need a simplified way to track tasks. It enables any team to manage tasks by priority, state, assignee, and due date. You can work with the default setup, moving tasks between To do, In Progress, and Done states, or customize the project configuration to suit your work.

Template for advanced project management

​​For tracking various work types and managing more complex task states, the Project Management template can be selected. The default setup helps classify tasks by general types, such as Milestone, Task, or Subtask, which can be easily adjusted by project administrators. This template also comes pre-configured for time tracking, allowing users to log time spent and add estimations.

Template for launching marketing activities

The new Marketing template is a starting point for setting up a project to track activities across various marketing functions. It allows marketers to classify their work, whether it’s a campaign, content creation, paid advertising, or something else. 

Next, they can fill in the task with additional details such as activity focus, channel, budget, performance metrics, etc. Many of these fields come with pre-filled values adjusted to marketing processes. For example, in the Focus field, users can select a goal ranging from Product Launch to Customer Retention, or add other custom values. If your Marketing team has their own unique processes, the template can be easily changed to suit them; for example, you can adjust it for use by the Digital Marketing team only.

Manage project settings more intuitively

Project administrators can now manage project settings directly from the left-hand sidebar on the project overview pages. We’ve also made minor updates to the settings structure to make it more intuitive. You can now find the General Info settings in the page header for easier access.

Configure conditions for field values

In addition to conditional fields, administrators can now specify which values are displayed for a given field based on previously submitted task information. For example, let’s say a user selects Germany in the Country field when creating a task to organize a trip. You can configure the Location field to display only options in Germany. If USA is selected instead, only USA-based offices will appear, and so on. You can define conditions for multiple values of a single field, allowing for a more tailored task creation process.

YouTrack’s new design becomes standard

We hope the new YouTrack look has become more familiar and comfortable for you over time. As it is now the standard interface, we will continue to improve it going forward. Please note that the option to switch back to the legacy menu is no longer available.

New functionality for dashboards

Display information for all users on the default dashboard

Every YouTrack now includes a single default dashboard that is visible to all users in your organization (as well as external guests, provided that administrators have made YouTrack accessible to them in the settings). You can use the default dashboard as a central hub for your organization, displaying notes, reports, and other useful information on one page. Only global administrators have permission to edit the default dashboard, including renaming it or adding widgets. 

Clone dashboards and articles

Creating new dashboards and articles in YouTrack just got faster. Administrators (and users with access to the dashboard) can now clone an existing dashboard and tailor it to fit their personal, team, or customer needs. We’ve also added a Clone Article workflow that you can either attach to your projects as-is or customize as needed. For example, you can add a custom action that clones articles into a predefined project. Articles will be cloned automatically as drafts first and can be published anytime.

New apps on JetBrains Marketplace 

The collection of free apps from our certified consulting partners and third-party providers is growing! Check out the new apps below. 

Apps that expand your work on projects 

Issue Dependencies by Marcus Christensson for visualizing complex projects with graphs by displaying hierarchical dependencies of issue links.

Better Backlog by Adeptask simplifies development processes by helping to manage multiple sprints in one place. 

Embedded Sites by J&J Ideenschmiede for embedding iframe-based websites as dashboard widgets or within Markdown content.

Apps for those who track time 

Worklog Controller by MSP helps you easily move logged time from one task to another and classify whether this time is billable or not.

Time Tracker by SWNetwork adds a timer to tasks, allowing you to flexibly track and log the time you spend on your work.

Apps to make your work with specific tasks easier

Issue Reminder by twenty20 sends email reminders for one-time alerts or recurring task actions for yourself and selected teams.

Custom Printout by twenty20 for customizing and sharing task content by printing or exporting it as a PDF file.

Apps for better work with articles in Knowledge Base

Article Actions by twenty20 helps to copy and move articles along with their sub-articles.

Article Presentations by Adeptask presents article content as automatically formatted slideshows.

Other improvements 

YouTrack Server can now be installed and upgraded via Docker images for both Linux and Windows. We’ve also implemented support for Azure Repos and Azure Pipelines and enhanced the Microsoft Entra ID authentication module and integration with Microsoft Graph. Other enhancements include UI/UX improvements for the Issues page settings, plus further small updates.

 

Check out the release notes for the full technical details and a comprehensive list of this release’s bug fixes and improvements. For more details on configuring the latest features, see the documentation.

If you use YouTrack Cloud, you’ll automatically be upgraded to YouTrack 2025.2 in accordance with our Maintenance Calendar.

If you have an active YouTrack Server subscription, you can upgrade to YouTrack 2025.2 today.

If you don’t have an active YouTrack subscription, you can use the free YouTrack for up to 10 users to test out the new version before you commit to buying!

​​

Sep 10, 2025
Aug 22, 2025
Aug2 14, 2025
Aug1 14, 2025
July 31, 2025
July 17, 2025
July 8, 2025
Sep 11, 2025
Sep 12, 2025
bottom of page