Sonar's latest blog posts
The Coding Personalities of Leading LLMs
Make smarter AI adoption decisions with Sonar's latest report in The State of Code series. Explore the habits, blind spots, and archetypes of the top five LLMs to uncover the critical risks each brings to your codebase.
9 Steps to a Successful SonarQube Cloud Team Plan Trial
To maximize the benefits of your SonarQube Cloud Team Plan trial, it's essential to approach your free 14 days with a clear plan. Discover helpful tips to learn more about the product and get familiar with SonarQube Cloud Team Plan capabilities.
Read article >
Scripting Outside the Box: API Client Security Risks (2/2)
Continuing on API client security, we cover more sandbox bypasses, this time in Bruno and Hoppscotch, as well as JavaScript sandboxing best practices.
Read article >
Get new blogs delivered directly to your inbox!
Stay up-to-date with the latest Sonar content. Subscribe now to receive the latest blog articles.
7 Guidelines for Federal Agencies Adopting AI for Software Development
With the release of two new Artificial Intelligence (AI) policies, The White House has provided clear direction for federal agencies regarding how to embrace AI to improve efficiency, effectiveness, and overall service delivery.
Read article >
Scripting Outside the Box: API Client Security Risks (1/2)
Discover hidden risks in API testing tools like Postman and Insomnia. We dive into scripting vulnerabilities and explore JavaScript sandbox security pitfalls.
Read article >
Seven Habits of Highly Effective AI Coding
Massive codebases can hugely benefit from developers using AI coding tools, but they must be harnessed in a responsible way. Sonar CEO, Tariq Shaukat, shares what coding "habits" organizations should adopt.
Read article >
Data in Danger: Detecting Cross-Site Scripting in Grafana
Learn how SonarQube detected a Cross-Site Scripting (XSS) vulnerability in Grafana, a popular open-source data observability platform.
Read article >
Introducing support for Rust in SonarQube
The popularity of the Rust programming language is growing. Rustaceans have been asking for SonarQube to support Rust and now it's here!
Read article >
MISRA C++:2023 Compliance for Auto Safety and Reliability
MISRA coding guidelines are a standard for automotive and other safety critical systems. SonarQube helps C++ developers deliver MISRA C++:2023 compliant apps with MISRA Compliance Early Access available in SonarQube Server Enterprise and Data Center.
Read article >
New! Architecture as Code in SonarQube
Sonar recently introduced new architecture as code functionality in SonarQube. You can now formally define the architecture of your projects and SonarQube will automatically verify when code strays from your defined architecture preventing architectural drift.
Read article >
New Spring framework rules in SonarQube
SonarQube has introduced new rules to improve code quality and enforce best practices in Spring Framework applications. These rules focus on various aspects of Spring development, including event handling, scheduling, data and MVC, caching, dependency injection, and testing.
Read article >
SonarQube Server 2025 Release 2 Announcement
The new SonarQube Server 2025 Release 2 contains significant enhancements across code quality, code security, and issue remediation with AI CodeFix. Read on to learn more about these great new capabilities.
Read article >