Sonar Blog

Home

Sonar's latest blog posts

Featured Post

Building Confidence and Trust in AI-Generated Code

To tackle the accountability and ownership challenge accompanying AI-generated code, we are introducing Sonar AI Code Assurance

Read More
AI generated code is detected in project
Image for AI-based coding tools are thriving, and maintainers have some valid concerns about the impact on their work
Blog post

AI-based coding tools are thriving, and maintainers have some valid concerns about the impact on their work

One of the biggest AI-related headlines of 2024 has been the rapid growth and acceptance of AI-based coding tools.

Read article >

Bad code doesn’t just disappear and the consequences of overlooking it can be costly. 
Blog post

Bad code costs more than just your money

Bad code doesn’t just disappear and the consequences of overlooking it can be costly. 

Read Blog post >

Get new blogs delivered directly to your inbox!

Stay up-to-date with the latest Sonar content. Subscribe now to receive the latest blog articles.

I do not wish to receive promotional emails about upcoming SonarQube updates, new releases, news and events.

By submitting this form, you agree to the storing and processing of your personal data as described in the Privacy Policy and Cookie Policy. You can withdraw your consent by unsubscribing at any time.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

The Rule of Three was coined back in 1991. That expanded to the Rule of Five with C++11's move semantics - and even that was then subsumed by The Rule of Zero. But what are all these rule...
Blog post

The Rules of Three, Five and Zero

The Rule of Three was coined back in 1991. That expanded to the Rule of Five with C++11's move semantics - and even that was then subsumed by The Rule of Zero. But what are all these rules? And do we have to follow them?

Read Blog post >

Image for Five SonarQube Cloud features for developers that want Clean Code
Blog post

Five SonarQube Cloud features for developers that want Clean Code

Whether you’re working on a new project or an existing one, you might think of Clean Code as an ideal, somewhere far out of reach. Let’s go over 5 key features that make SonarQube Cloud the perfect tool for developers and development teams to deliver Clean Code consistently and efficiently, without disrupting the existing development workflow.

Read Blog post >

What is your worst supply chain nightmare and why is it somebody that could take over all the PHP packages at once? Let's deep dive into how we could demonstrate it!
Blog post

Securing Developer Tools: A New Supply Chain Attack on PHP

What is your worst supply chain nightmare and why is it somebody that could take over all the PHP packages at once? Let's deep dive into how we could demonstrate it!

Read Blog post >

Image for Our journey toward accessibility
Blog post

Our journey toward accessibility

When you think about your typical workday, how much time do you spend working on a computer? How hard would it be for you to perform your job if you did not have access to a computer?

Read Blog post >

We recently discovered several vulnerabilities in OneDev 7.2.9 that allowed attackers to fully compromise a server and even break out of a Docker environment.
Blog post

Securing Developer Tools: OneDev Remote Code Execution

We recently discovered several vulnerabilities in OneDev 7.2.9 that allowed attackers to fully compromise a server and even break out of a Docker environment.

Read Blog post >

Curious about life as a Developer at SonarSource? Join us as we discuss changes in the world of programming, the importance of Security, and writing code with SonarCloud Backend Developer...
Blog post

Interview with a SonarSource Developer

Curious about life as a Developer at SonarSource? Join us as we discuss changes in the world of programming, the importance of Security, and writing code with SonarQube Cloud Backend Developer Claire Villard.

Read Blog post >

Image for The evolving landscape of open source licensing: What you need to know
Blog post

The evolving landscape of open source licensing: What you need to know

In this post we will cover why it’s important to know what licenses accompany the open source in use at your organization

Read article >

Power of Clean Code on a computer screen with gears turning around lines of code.
Blog post

The Power of Clean Code

Clean Code—a term you may have casually used or heard before but may not have synthesized or internalized its true essence. In this post, learn what Clean Code is and why it matters. 

Read Blog post >

Our security researchers were surprised to discover a low-hanging code vulnerability in WordPress Core that we will discuss in this blog post.
Blog post

WordPress Core - Unauthenticated Blind SSRF

Our security researchers were surprised to discover a low-hanging code vulnerability in WordPress Core that we will discuss in this blog post.

Read Blog post >