Sonar's latest blog posts

Featured Post

State of Code Developer Survey report: The current reality of AI coding

Sonar analyzes over 750 billion lines of code every day. This gives us a unique, high-level view of the state of code quality and security across the globe.

Read article
https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/7ab133c1-b3f7-4652-82a1-3376b953d6bd/soc_survey_report_featured_blog_article_2x.webp
Image for Empowering weak primitives: file truncation to code execution with Git
Blog post

Empowering weak primitives: file truncation to code execution with Git

Let's dive into how a seemingly minor code vulnerability can hide a critical impact!

Read Blog >

Image for Code Quality: The Best Approach to Writing Secure Cloud Native Apps
Blog post

Code Quality: The Best Approach to Writing Secure Cloud Native Apps

With Sonar and the Clean as You Code methodology, developers can directly impact the security of the cloud native apps they create.

Read Blog >

Get new blog posts delivered directly to your inbox!

Stay up-to-date with the latest Sonar content. Subscribe now to receive the latest blog articles.

I do not wish to receive promotional emails about upcoming SonarQube updates, new releases, news and events.

By clicking “Sign up”, you consent to receive email communications from SonarSource containing blog updates, product news, and other relevant content. We will store and process your personal data for this purpose as described in our Privacy Policy. You can withdraw your consent at any time by clicking the unsubscribe link in our emails or by contacting us in accordance with the Privacy Policy.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Image for Common TypeScript Issues Nº 3: unused local variables and functions
Blog post

Common TypeScript Issues Nº 3: unused local variables and functions

We crunched the data from SonarQube for IDE to discover the top 5 most common TypeScript issues. In this 5 part series, we outline each issue and how to avoid it.

Read Blog >

Person's-fingers-typing-really-fast-on-a-keyboard-to-increase-developer-velocity.
Blog post

Increase developer velocity today with Clean as You Code

The Clean as You Code methodology allows developers to keep working on new and interesting projects without sacrificing quality or getting bogged down in refactoring legacy code.

Read Blog >

Image for We are Sonar!
Blog post

We are Sonar!

Culture is a key aspect of working at Sonar. It is our binding agent; it is what we value, what we believe in, the way we work, and the way we interact. It is what makes us SonarSourcers!

Read Blog >

Common mistake in Typescript #5
Blog post

Common TypeScript Issues Nº 4: Don't create and drop objects immediately

We crunched the data from SonarQube for IDE to discover the top 5 most common TypeScript issues. In this 5 part series, we outline each issue and how to avoid it.

Read Blog >

SonarQube LTS 9.9
Blog post

Announcing SonarQube Server 9.9 LTS!

Big year, big announcement – the most anticipated SonarQube Server 9.9 Long-Term-Support release is here! Check out this post for all details.

Read Blog >

Common mistake in Typescript #5
Blog post

Common TypeScript Issues Nº 5: Optional property declarations

We crunched the data from SonarQube for IDE to discover the top 5 most common TypeScript issues. In this 5 part series, we outline each issue and how to avoid it.

Read Blog >

Image for OpenEMR - Remote Code Execution in your Healthcare System
Blog post

OpenEMR - Remote Code Execution in your Healthcare System

We recently discovered three vulnerabilities that allow arbitrary code execution on OpenEMR. Let’s see what we can learn from them and discuss their patches!

Read Blog >

Image for Vulnerability Research Highlights 2022
Blog post

Vulnerability Research Highlights 2022

Our research team looks back at a great year and summarizes the highlights of their vulnerability research in 2022.

Read Blog >

Image for Level up your team's skills as they code
Blog post

Level up your team's skills as they code

Clear context and specific education for why an issue occurs and how to fix it should be by the developers’ side without leaving the development workflow. Sonar has your answer.

Read Blog >