Home

Sonar's latest blog posts

Featured Post

Solving the Engineering Productivity Paradox

Sonar CEO, Tariq Shaukat, shares how AI-generated code absolutely must be reviewed before it's merged into your codebase, and how SonarQube can help. 

Read More
https://assets-eu-01.kc-usercontent.com:443/55017e37-262d-017b-afd6-daa9468cbc30/ce96a6a2-8adf-4c7d-80d0-41124768484b/Engineering%20Productivity%20Paradox_blog-square%402x%20copy%202.png
Blog post

Securing Go Applications With SonarQube: Real-World Examples

Take a deep dive into some vulnerabilities in Go applications and understand how SonarQube Cloud helps developers detect and mitigate them during the development cycle.

Read article >

Blog post

SonarQube IDE: Announcing support for AI-Native IDEs 

As development velocity accelerates, so does the potential for introducing subtle bugs and new security vulnerabilities.

Read article >

Get new blogs delivered directly to your inbox!

Stay up-to-date with the latest Sonar content. Subscribe now to receive the latest blog articles.

I do not wish to receive promotional emails about upcoming SonarQube updates, new releases, news and events.

By submitting this form, you agree to the storing and processing of your personal data as described in the Privacy Policy and Cookie Policy. You can withdraw your consent by unsubscribing at any time.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog post

Java24: Go deeper on parsing Java class files and broader with Stream gatherers

Version 24 version introduces several new language features which collectively simplify code, and provide powerful tools for bytecode manipulation and advanced stream processing.

Read article >

Blog post

Sonar's Take: Software Development Under America's AI Action Plan

The White House's "America's AI Action Plan" aims to accelerate innovation, but for software development, speed must not compromise security. Nathan Jones, VP of Public Sector at Sonar, explores the recently published plan, risks of AI-generated code, and explains how static analysis tools help ensure AI adoption is both fast and secure.

Read article >

Blog post

AI CodeFix is now generally available

AI CodeFix seamlessly integrates AI-driven code fix suggestions into your development workflow with no additional cost for eligible SonarQube subscriptions.

Read article >

Blog post

SonarQube Server 2025 Release 4.1: Faster analysis, stronger security, better coverage

Our new 2025.4.1 release empowers developers with significant advancements to enhance code quality, security, and efficiency across multiple languages for your projects and while using open-source code.

Read article >

Publicación de blog

Ley de Ciberresiliencia: Navegando por la velocidad y la seguridad con codificación de IA

El desarrollo de software moderno se ve atrapado entre dos poderosas fuerzas. Por un lado, las herramientas de codificación de inteligencia artificial (IA) generativa aceleran el desarrollo a costa de una rigurosa revisión de seguridad.

Leer artículo >

Blog post

Java 23: Embrace the new era of code comments

We’ve covered Java 22, and are now getting into Java 23, which introduces several new language features. We’ll focus on enhancing documentation, and how to leverage the new features with simple examples.

Read article >

Blog post

What's the top bug in your language? Find out in The State of Code: Languages report

The State of Code report analyzes 7.9B lines of code, revealing top security risks like log injection and XSS and how to fix them.

Read article >

Blog post

How Sonar Helps Achieve a Strong SOC 2 Type II Report

An SOC 2 Type II report is a critical attestation for service organizations, demonstrating their commitment to securely managing customer data over time. Learn how SonarQube can streamline your SOC 2 compliance journey!

Read article >

Blog post

Protecting your AI code: How SonarQube defends against the "Rules File Backdoor"

This case highlights an issue where configuration files were manipulated through hidden Unicode characters, which is a vector now commonly referred to as the "Rules File Backdoor".

Read article >

  • Follow SonarSource on Twitter
  • Follow SonarSource on Linkedin
language switcher
Español (Spanish)
  • Documentación jurídica
  • Centro de confianza

© 2008-2024 SonarSource SA. Todos los derechos reservados. SONAR, SONARSOURCE, SONARQUBE, y CLEAN AS YOU CODE son marcas comerciales de SonarSource SA.