Sonar Blog

Home

BLOG

Sonar's latest blog posts

Featured Post

Building Confidence and Trust in AI-Generated Code

To tackle the accountability and ownership challenge accompanying AI-generated code, we are introducing Sonar AI Code Assurance

Read More
https://assets-eu-01.kc-usercontent.com:443/7630306f-9a2f-018d-2726-3ef76ef712f4/0bd6c0bc-c921-485b-8570-8de7e1384983/AI%20Code%20Assurance_square-index%402x.png
The SonarQube and React logos
Blog post

Lessons learned upgrading to React 18 in SonarQube Server

We share the biggest three issues we faced and the lessons we learned as we upgraded SonarQube Server to React 18.

Read blog post >

https://assets-eu-01.kc-usercontent.com:443/7630306f-9a2f-018d-2726-3ef76ef712f4/64df6ab9-c247-4c0d-b62e-3bb168077339/vulnerability_research_highlights_blog_index.webp
Blog post

Vulnerability Research Highlights 2023

Our Vulnerability Research team looks back at a great year and summarizes the highlights of 2023.

Read article >

Get new blogs delivered directly to your inbox!

Stay up-to-date with the latest Sonar content. Subscribe now to receive the latest blog articles.

By submitting this form, you agree to the storing and processing of your personal data as described in the Privacy Policy and Cookie Policy. You can withdraw your consent by unsubscribing at any time.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

https://assets-eu-01.kc-usercontent.com:443/7630306f-9a2f-018d-2726-3ef76ef712f4/13294037-5b6b-404a-8593-5751003436e3/c_sast_benchmarks_blog_index.webp
Blog post

Sonar's Scoring on the Top 3 Python SAST Benchmarks

We're excited to share not only how Sonar performs on Python benchmarks but also the ground truth corresponding to the list of expected and not-so-expected issues.

Read article >

https://assets-eu-01.kc-usercontent.com:443/7630306f-9a2f-018d-2726-3ef76ef712f4/5bf25ac4-d412-48eb-a98f-1de2363ffeab/devops_predictions_blog_index.webp
Blog post

2024 DevOps Predictions from the Sonar Developer Advocate Team

The Developer Advocate team shares their predictions on what they foresee for DevOps trends and hot topics in 2024.

Read article >

https://assets-eu-01.kc-usercontent.com:443/7630306f-9a2f-018d-2726-3ef76ef712f4/5c31ddcb-0f0b-45f6-9ef6-dbd445f6025a/2024_security_predictions_blog_index.webp
Blog post

2024 Security Predictions from the Sonar Research Team

Reflecting on changes in the industry over the past year, as well as the research we’ve published, the Sonar Vulnerability Research team came together and compiled our thoughts on what we foresee for cybersecurity in 2024.

Read Blog post >

https://assets-eu-01.kc-usercontent.com:443/7630306f-9a2f-018d-2726-3ef76ef712f4/1617c8c9-0faa-4f13-9d13-05721dd7ef2a/sonar_at_blackhat_eu_blog_index.webp
Blog post

Sonar @ Black Hat Europe!

Last week, several SonarSourcers traveled to London to attend our third Black Hat event of the year. Here's what happened!

Read article >

https://assets-eu-01.kc-usercontent.com:443/7630306f-9a2f-018d-2726-3ef76ef712f4/bf453bc7-6980-489e-9b4d-09ff939c983d/pfsense_code_vulnerabilities_blog_index.webp
Blog post

pfSense Security: Sensing Code Vulnerabilities with SonarQube Cloud

Our Clean Code solution SonarQube Cloud discovered multiple vulnerabilities leading to remote code execution on pfSense CE 2.7.0. Let's see how SonarQube Cloud found them and how it can keep your code clean.

Read blog post >

https://assets-eu-01.kc-usercontent.com:443/7630306f-9a2f-018d-2726-3ef76ef712f4/0618970f-52b3-4a04-9014-53fee3f88588/spring_boot_coding_pitfalls_blog_index.webp
Blog Post

Spring framework pitfalls

Spring framework offers a lot of help in the development, but we still have to pay attention and make the right use of it in order to avoid some issues.

Read blog post >

An artistic impression of nested code with a big red cross over the top right corner.
Blog post

Stop nesting ternaries in JavaScript

Nesting ternary operators makes code more complex and less clear. Let's investigate other ways to write conditional expressions.

Read article >

https://assets-eu-01.kc-usercontent.com:443/7630306f-9a2f-018d-2726-3ef76ef712f4/f520b31d-6cc5-4f3f-80e4-d85628182c31/costly_consequences_blog_index.webp
Blog post

Unraveling the Costs of Bad Code in Software Development

Not only does bad code cost companies millions of dollars, but countless hours of lost time, productivity, and brand reputation too. By acknowledging the existence of bad code and implementing proactive measures to mitigate its impact, developers and organizations can steer software toward success.

Read blog post >

Image of preventing secrets in code
Blog post

Sonar keeps your secrets from leaking … unlike that "trusted" friend from grade school

What are hard coded secrets? Why do you care if secrets are hidden in your code? How does Sonar help prevent secrets from getting into your code, entering your repository, and leaking out from your CI/CD pipeline? In this post, Product Manager, Alex Gigleux, answers all your questions.

Read blog post >

Go to SonarSource homepage
sonar logo
  • Legal documentation
  • Trust center
  • Follow SonarSource on Twitter
  • Follow SonarSource on Linkedin

© 2008-2024 SonarSource SA. All rights reserved. SONAR, SONARSOURCE, SONARQUBE, and CLEAN AS YOU CODE are trademarks of SonarSource SA.