Product Debt Index vs SonarQube
SonarQube tells you how many code smells you have. PDI tells you when technical debt will bankrupt your engineering capacity. They measure different things at different layers.
| Dimension | PDI | SonarQube |
|---|---|---|
| What it measures | Economic impact of debt in dollar terms | Code quality (bugs, smells, duplications) |
| Output | Technical Insolvency Date, PDI score, dollar cost | Quality gate pass/fail, ratings A-E |
| Audience | CTOs, CFOs, board members, investors | Developers, tech leads |
| Question answered | "When will debt consume all capacity?" | "How many code quality issues exist?" |
| Cost | Free (richardewing.io/tools/pdi) | Free (Community) / $150+/mo (Enterprise) |
| AI features | AI-powered analysis via LLM | AI Code Assurance (Enterprise) |
| Board-ready? | ✅ Produces executive-ready reports | ❌ Developer-focused dashboards |
| Integration | Standalone web tool | CI/CD pipeline integration |
Why SonarQube Misses the Risk of AI-Generated Code
1. Static Rules vs. Probabilistic Failures
SonarQube uses deterministic rules to scan syntax patterns, naming conventions, and code duplication. However, AI-generated code (often written via vibe-coding) typically passes syntax checks but suffers from deep architectural logic flaws. PDI models the probability of runtime errors, context mismatches, and edge-case failures inherent to non-deterministic systems.
2. The Hallucination Debt Blind Spot
SonarQube is blind to hallucination debt. An LLM-generated function might compile cleanly and contain no static "smells," yet fail under specific production workloads because it hallucinated API behaviors, error rates, or data structures. PDI evaluates your system's exposure to AI-generated risk, giving you a clear view of your software's integrity.
3. Cost-of-Goods-Sold (COGS) Impact
SonarQube evaluates code quality as a developer aesthetic metric. It cannot measure how code complexity or library sprawl impacts your hosting bill or engineering maintenance capacity. PDI translates technical complexity directly into financial metrics, showing you the exact dollar cost of your debt on SaaS gross margins.
4. Codebase Intimacy Degradation
As developer teams rely more on AI copilots, their direct understanding of the codebase (codebase intimacy) degrades. SonarQube cannot measure this cognitive disconnect. PDI tracks developer sentiment and codebase familiarity, warning you when your team is no longer capable of refactoring the systems they supposedly own.
The Verdict
Use both. SonarQube is excellent at catching code-level issues in your CI/CD pipeline. PDI answers the question SonarQube can't: "What is this debt costing us in dollars, and when will it consume all engineering capacity?"
SonarQube is a microscope. PDI is a financial statement. CTOs need both. Boards only care about the financial statement.
Try the Free PDI Calculator →Need the full picture?
Book a $2,500 Insolvency Diagnostic →Need an expert verdict?
30-minute rapid-fire evaluation. You describe the problem, I tell you which approach wins — and why.
Richard Ewing — AI Economist & Capital Auditor