Sonar Blog

Home

Sonar's latest blog posts

Featured Post

Building Confidence and Trust in AI-Generated Code

To tackle the accountability and ownership challenge accompanying AI-generated code, we are introducing Sonar AI Code Assurance

Read More
AI generated code is detected in project
Get the benefits of TypeScript without writing TypeScript
Blog post

Typing your JavaScript without writing TypeScript

TypeScript already understands JavaScript, but you can get more out of it when you add types to your JavaScript with JSDoc or TypeScript declaration files

Read blog post >

Image for Code Vulnerabilities Put Skiff Emails at Risk
Blog post

Code Vulnerabilities Put Skiff Emails at Risk

Our Research team discovered critical code vulnerabilities in Proton Mail, Skiff, and Tutanota. This post covers the technical details of the XSS vulnerability in Skiff.

Read article >

Get new blogs delivered directly to your inbox!

Stay up-to-date with the latest Sonar content. Subscribe now to receive the latest blog articles.

I do not wish to receive promotional emails about upcoming SonarQube updates, new releases, news and events.

By submitting this form, you agree to the storing and processing of your personal data as described in the Privacy Policy and Cookie Policy. You can withdraw your consent by unsubscribing at any time.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Image for Security Guy TV Interview - Going Deeper with SAST and Clean Code
Blog post

Security Guy TV Interview - Going Deeper with SAST and Clean Code

Sonar CEO, Olivier Gaudin, and Head of Research and Development, Johannes Dahse, meet with Security Guy TV’s Chuck Harold to discuss deeper SAST and the importance of Clean Code.

Read article >

Get the benefits of TypeScript without writing TypeScript
Blog post

Get the benefits of TypeScript in your JavaScript

Let's dive into what you can do to get more and more of TypeScript's benefits in your JavaScript projects.

Read blog post >

Image for Introducing SonarQube Server 10.2: Setting New Standards in Code Quality and Security
Blog post

Introducing SonarQube Server 10.2: Setting New Standards in Code Quality and Security

Discover the new features in SonarQube Server 10.2!

Read article >

Image for Code Vulnerabilities Put Proton Mails at Risk
Blog post

Code Vulnerabilities Put Proton Mails at Risk

The Sonar Research team discovered critical code vulnerabilities in Proton Mail, Skiff and Tutanota. This post covers the technical details of the XSS vulnerability in Proton Mail.

Read article >

Image for Playing Dominos with Moodle's Security (2/2)
Blog post

Playing Dominos with Moodle's Security (2/2)

Our security researchers recently discovered two critical vulnerabilities in Moodle that leverage the use of not impactful bugs.

Read article >

Image for Enhancing SAST Detection: Leveraging Benchmarks for Measuring Progress
Blog post

Enhancing SAST Detection: Leveraging Benchmarks for Measuring Progress

Enhancing Static Application Security Testing SAST, leverage benchmarks for tracking our progress.

Read blog post >

Image for Playing Dominos with Moodle's Security (1/2)
Blog post

Playing Dominos with Moodle's Security (1/2)

Our security researchers recently discovered two critical vulnerabilities in Moodle that leverage the use of not impactful bugs.

Read article >

Sonar at BlackHat blog image
Blog post

BlackHat 2023: Hackers, Casinos, and an Exciting Announcement

The Sonar team of developers are just returning from their trip to Las Vegas where they attended BlackHat USA 2023. If you were not able to make it, here is what you missed.

Read blog post >

Image for What is deeper SAST in JavaScript?
Blog post

What is deeper SAST in JavaScript?

What is SAST, what does deeper SAST mean, and how does this apply to your JavaScript and TypeScript applications?

Read blog post >