BLOG
Sonar's latest blog posts
Building Confidence and Trust in AI-Generated Code
To tackle the accountability and ownership challenge accompanying AI-generated code, we are introducing Sonar AI Code Assurance
Weird Python: 5 Unexpected Behaviors in the Python Interpreter
Five ways in which Python's interpreter behaves in ways that you wouldn't expect.
Read Blog post >
Reflections from DevNexus, the largest Java conference in the U.S.A.
Reflections from DevNexus, the largest Java conference in the U.S.A.
Read Blog post >
Interview with Sonar Python Developers Part 2
Latest Python developments. Interview with Python developers from Sonar.
Read Blog post >
Odoo: Get your Content Type right, or else!
What do we need content types for anyway? Let's look into how an incorrect content type led to a real-world vulnerability in Odoo, CVE-2023-1434.
Read article >
Interview with Sonar Python Developers Part 1
Why should I learn Python language? When should I use Python? Is tooling around Python development mature?
Read Blog post >
Sonar ❤️ Compiler Explorer: Write clean C++ code inside your browser
Sonar ❤️ Compiler Explorer: Write clean C++ code inside your browser
Read Blog post >
Pretalx Vulnerabilities: How to get accepted at every conference
We recently discovered two vulnerabilities in pretalx and found a generic technique to gain code execution from a file write.
Read article >
Another 9 reasons to upgrade to SonarQube Server 9.9 LTS
SonarQube Server 9.9 LTS is here! We're back with another 9 reasons you should prioritise upgrading as soon as possible.
Read article >
How bad code destroys developer velocity
When bad code gets overlooked, it can create lasting problems and ultimately impact developer productivity and velocity.
Read Blog post >
Announcing SonarQube Server 10.0
Learn what features - like faster first analysis and better user management with SCIM - are available to you and your teams in SonarQube Server 10.0!
Read article >
It’s a (SNMP) Trap: Gaining Code Execution on LibreNMS
Our researchers discovered a vulnerability in LibreNMS, which could be exploited by attackers to gain RCE by sending a single SNMP trap.
Read article >