Sonar Logo
Start for FreeExplore Pricing

Sonar Blog

Home

Blog

Sonar's latest blog posts

Featured Post

What is Clean Code?

If you’ve followed us for a while, you most likely noticed that we changed the way we describe what we do: from “code quality” to “continuous code inspection,” then “code quality and code security”… to Clean Code.


But what is Clean Code, and what does it encompass?

Read More
https://assets-eu-01.kc-usercontent.com:443/a50ea1f1-f62f-0105-db14-5c090004974b/ddb995eb-cb89-4435-82fb-1b937cdf11dc/what_is_clean_code_blog_feature.webp
https://assets-eu-01.kc-usercontent.com:443/a50ea1f1-f62f-0105-db14-5c090004974b/df8129f1-a500-413f-83e5-f954486d9ae6/Five%20Key%20Features%20of%20SonarCloud_blog%20header.png
Blog post

Five SonarCloud features for developers that want Clean Code

Whether you’re working on a new project or an existing one, you might think of Clean Code as an ideal, somewhere far out of reach. Let’s go over 5 key features that make SonarCloud the perfect tool for developers and development teams to deliver Clean Code consistently and efficiently, without disrupting the existing development workflow.

Read Blog post >

What is your worst supply chain nightmare and why is it somebody that could take over all the PHP packages at once? Let's deep dive into how we could demonstrate it!
Blog post

Securing Developer Tools: A New Supply Chain Attack on PHP

What is your worst supply chain nightmare and why is it somebody that could take over all the PHP packages at once? Let's deep dive into how we could demonstrate it!

Read Blog post >

Get new blogs delivered directly to your inbox!

Stay up-to-date with the latest Sonar content. Subscribe now to receive the latest blog articles.

By submitting this form, you agree to the storing and processing of your personal data as described in the Privacy Policy and Cookie Policy. You can withdraw your consent by unsubscribing at any time.

https://assets-eu-01.kc-usercontent.com:443/a50ea1f1-f62f-0105-db14-5c090004974b/9b48b8b7-1632-4607-8321-bc8d583524af/SonarQube%20Accessibility_Banner_%402x.png
Blog post

Our journey toward accessibility

When you think about your typical workday, how much time do you spend working on a computer? How hard would it be for you to perform your job if you did not have access to a computer?

Read Blog post >

We recently discovered several vulnerabilities in OneDev 7.2.9 that allowed attackers to fully compromise a server and even break out of a Docker environment.
Blog post

Securing Developer Tools: OneDev Remote Code Execution

We recently discovered several vulnerabilities in OneDev 7.2.9 that allowed attackers to fully compromise a server and even break out of a Docker environment.

Read Blog post >

Curious about life as a Developer at SonarSource? Join us as we discuss changes in the world of programming, the importance of Security, and writing code with SonarCloud Backend Developer...
Blog post

Interview with a SonarSource Developer

Curious about life as a Developer at SonarSource? Join us as we discuss changes in the world of programming, the importance of Security, and writing code with SonarCloud Backend Developer Claire Villard.

Read Blog post >

Power of Clean Code on a computer screen with gears turning around lines of code.
Blog post

The Power of Clean Code

Clean Code—a term you may have casually used or heard before but may not have synthesized or internalized its true essence. In this post, learn what Clean Code is and why it matters. 

Read Blog post >

Our security researchers were surprised to discover a low-hanging code vulnerability in WordPress Core that we will discuss in this blog post.
Blog post

WordPress Core - Unauthenticated Blind SSRF

Our security researchers were surprised to discover a low-hanging code vulnerability in WordPress Core that we will discuss in this blog post.

Read Blog post >

https://assets-eu-01.kc-usercontent.com:443/a50ea1f1-f62f-0105-db14-5c090004974b/4ddd2c5b-e797-448d-b264-bac59f9717d1/3%20min%20away%20from%20clean%20Java%20PRs_blog%20header.png
Blog post

You’re 3 minutes away from clean Java pull requests!

In this blog, we demonstrate how you can get started with SonarCloud in less than 3 minutes and ensure all new Java pull requests are clean, every time.

Read Blog post >

Knowing if your latest release candidate is built with clean code doesn’t have to be a guessing game. With Sonar at your side, you’ll know that every new line, every PR and every build is...
Blog post

Sonar Streamlines the Race to Release

Knowing if your latest release candidate is built with clean code doesn’t have to be a guessing game. With Sonar at your side, you’ll know that every new line, every PR and every build is clean.

Read Blog post >

In the third part of our Securing Developer Tools series, we look at a critical vulnerability that affects one of the most popular code editors: Visual Studio Code.
Blog post

Securing Developer Tools: Argument Injection in Visual Studio Code

In the third part of our Securing Developer Tools series, we look at a critical vulnerability that affects one of the most popular code editors: Visual Studio Code.

Read Blog post >

https://assets-eu-01.kc-usercontent.com:443/a50ea1f1-f62f-0105-db14-5c090004974b/7d95cc85-890e-4e05-b17e-ae2e7b004b74/dfa97c39-b3be-4481-a555-e348f7c23a14_WHATWG%2BVs%2BRFC_Blog%2BHeader%402x.png
Blog post

Security Implications of URL Parsing Differentials

Our security research led to the discovery of a flaw in a popular Apache2 authentication module. We come back on this case of parsing differential and how various languages behave when working with URLs.

Read Blog post >