Blog
Sonar's latest blog posts
What Code Issues Caused the CrowdStrike Outage?
This blog post takes a look at the potential code issues behind the recent global CrowdStrike outage.
![https://assets-eu-01.kc-usercontent.com:443/275a16f7-9b36-0172-ed6f-fce50dc34f53/7b69d1cd-74f7-4610-a793-6bd3e35737fa/crowdstrike_blog_featured_2x.webp](https://assets-eu-01.kc-usercontent.com:443/275a16f7-9b36-0172-ed6f-fce50dc34f53/7b69d1cd-74f7-4610-a793-6bd3e35737fa/crowdstrike_blog_featured_2x.webp?w=1201&h=1201&auto=format&fit=crop)
![https://assets-eu-01.kc-usercontent.com:443/275a16f7-9b36-0172-ed6f-fce50dc34f53/7b69d1cd-74f7-4610-a793-6bd3e35737fa/crowdstrike_blog_featured_2x.webp](https://assets-eu-01.kc-usercontent.com:443/275a16f7-9b36-0172-ed6f-fce50dc34f53/7b69d1cd-74f7-4610-a793-6bd3e35737fa/crowdstrike_blog_featured_2x.webp?w=325&h=200&auto=format&fit=crop)
What Code Issues Caused the CrowdStrike Outage?
This blog post takes a look at the potential code issues behind the recent global CrowdStrike outage.
Read article >
![Deliver High-Quality ASP.NET Web Apps with Sonar](https://assets-eu-01.kc-usercontent.com:443/275a16f7-9b36-0172-ed6f-fce50dc34f53/98b71ee5-74ab-4fdb-8030-2bd3cfb193af/asp_net_core_web_apps_landscape_blog_header.webp?w=325&h=200&auto=format&fit=crop)
Deliver high-quality ASP.NET Core web apps with Sonar.
Sonar recently added new rules for ASP.NET WebAPI and ASP.NET MVC. In this blog post, we discuss the details of these frameworks within ASP.NET Core and how Sonar’s solutions help keep your ASP.NET web apps clean and free of issues.
Read article >
![https://assets-eu-01.kc-usercontent.com:443/275a16f7-9b36-0172-ed6f-fce50dc34f53/2ae4d572-5445-4b1c-80ef-a8b978edabf1/g2-review-static-code-analysis-2024-summer-blog-feature.webp](https://assets-eu-01.kc-usercontent.com:443/275a16f7-9b36-0172-ed6f-fce50dc34f53/2ae4d572-5445-4b1c-80ef-a8b978edabf1/g2-review-static-code-analysis-2024-summer-blog-feature.webp?w=325&h=200&auto=format&fit=crop)
G2 Grid Report for Static Code Analysis: Sonar Named a Leader for Sixteenth Consecutive Quarter
G2 has once again ranked Sonar #1 in Static Code Analysis in the Summer 2024 Grid Report. In addition to leading the pack in each of the Enterprise, Mid-Market, and Small Business segments for Static Code Analysis, Sonar was also named a leader in the Static Application Security Testing (SAST) category.
Read article >
![AutoConfig for C and C++ Projects Image](https://assets-eu-01.kc-usercontent.com:443/275a16f7-9b36-0172-ed6f-fce50dc34f53/9324d669-31db-4ae0-a549-9561d94dc352/autoconfig_c_landscape_blog_header.webp?w=325&h=200&auto=format&fit=crop)
AutoConfig: C++ Code Analysis Redefined
Abbas Sabra covers a groundbreaking technology: AutoConfig for C and C++. It automates the normally complex setup process, making project setup a breeze. AutoConfig is designed to make code analysis free of complications bringing Clean Code to the fingertips of every C and C++ developer.
Read article >
![https://assets-eu-01.kc-usercontent.com:443/275a16f7-9b36-0172-ed6f-fce50dc34f53/71e5f88e-922e-42dc-91ba-b0b704fadc32/charset_matters_landscape_blog_header.webp](https://assets-eu-01.kc-usercontent.com:443/275a16f7-9b36-0172-ed6f-fce50dc34f53/71e5f88e-922e-42dc-91ba-b0b704fadc32/charset_matters_landscape_blog_header.webp?w=325&h=200&auto=format&fit=crop)
Encoding Differentials: Why Charset Matters
The absence of charset information seems to be a minor issue for a web application. This blog post explains why this is a false assumption and highlights the critical security implications.
Read article >
![https://assets-eu-01.kc-usercontent.com:443/275a16f7-9b36-0172-ed6f-fce50dc34f53/8c8293e0-1982-4dee-98ad-8ee089ea9f0b/gogs_vulnerability_square%20%281%29.webp](https://assets-eu-01.kc-usercontent.com:443/275a16f7-9b36-0172-ed6f-fce50dc34f53/8c8293e0-1982-4dee-98ad-8ee089ea9f0b/gogs_vulnerability_square%20%281%29.webp?w=325&h=200&auto=format&fit=crop)
Securing Developer Tools: Unpatched Code Vulnerabilities in Gogs (2/2)
Learn about critical code vulnerabilities we discovered in Gogs, a source code hosting solution. This follow-up covers how less severe flaws can still have a critical impact.
Read article >
![Code being analyzed and visualized using SonarQube for Code Coverage.](https://assets-eu-01.kc-usercontent.com:443/275a16f7-9b36-0172-ed6f-fce50dc34f53/034cfb37-269f-462d-9db8-465ba4cb5535/code-coverage-square.webp?w=325&h=200&auto=format&fit=crop)
Using and Understanding SonarQube for Code Coverage
One critical metric to gauge the effectiveness of your code testing efforts is code coverage. SonarQube, a powerful static code analysis solution, integrates seamlessly with code coverage tools, empowering developers to write cleaner, more secure, and thoroughly tested code.
Read article >
![https://assets-eu-01.kc-usercontent.com:443/275a16f7-9b36-0172-ed6f-fce50dc34f53/c56ed450-f769-40eb-b035-341c90716c4d/gogs_vulnerability_square.webp](https://assets-eu-01.kc-usercontent.com:443/275a16f7-9b36-0172-ed6f-fce50dc34f53/c56ed450-f769-40eb-b035-341c90716c4d/gogs_vulnerability_square.webp?w=325&h=200&auto=format&fit=crop)
Securing Developer Tools: Unpatched Code Vulnerabilities in Gogs (1/2)
We discovered 4 critical code vulnerabilities in Gogs, a source code hosting solution, which are still unpatched. Read about the details and how to protect yourself.
Read article >
![https://assets-eu-01.kc-usercontent.com:443/275a16f7-9b36-0172-ed6f-fce50dc34f53/767c21ed-a3e7-4277-b38b-ca6a02b63fd7/Cost%20of%20Bad%20Code_Landscape_Blog-Header.png](https://assets-eu-01.kc-usercontent.com:443/275a16f7-9b36-0172-ed6f-fce50dc34f53/767c21ed-a3e7-4277-b38b-ca6a02b63fd7/Cost%20of%20Bad%20Code_Landscape_Blog-Header.png?w=325&h=200&auto=format&fit=crop)
The True Cost of Bad Code in Software Development
Despite advances in technology and methodologies, the costs associated with fixing bad code continue to escalate, impacting businesses financially and operationally. But what is bad code, what are the clear markers of its negative impact, and how can organizations overcome it?
Read article >
![SonarQube 10.6 logo](https://assets-eu-01.kc-usercontent.com:443/275a16f7-9b36-0172-ed6f-fce50dc34f53/02649fe5-5531-4b8d-9e6a-0e410703dfe5/sq_10_6_blog_index.webp?w=325&h=200&auto=format&fit=crop)
SonarQube 10.6 Release Announcement
The 10.6 release of SonarQube includes some significant changes, such as autoscaling in Kubernetes, AutoConfig for C and C++ projects, support for running in a FIPS-enforced environment, set rule priority to uphold your coding standards, easy setup of monorepos, monitoring the time it takes to upgrade, and expanded library coverage for AI/ML developers.
Read article >
![https://assets-eu-01.kc-usercontent.com:443/275a16f7-9b36-0172-ed6f-fce50dc34f53/21b7a818-f820-4ea1-b883-36e1da9b4762/green_code_with_clean_code_blog_index.webp](https://assets-eu-01.kc-usercontent.com:443/275a16f7-9b36-0172-ed6f-fce50dc34f53/21b7a818-f820-4ea1-b883-36e1da9b4762/green_code_with_clean_code_blog_index.webp?w=325&h=200&auto=format&fit=crop)
Green Coding with Clean Code - A Recap of ecoCode Challenge Paris 2024
ecoCode Challenge Paris represents an opportunity to unite innovation and sustainable coding. As a proud sponsor, we are excited to see how SonarQube is empowering developers to prioritize environmental sustainability in their projects.
Read article >