Sonar's latest blog posts
Announcing SonarSweep: Improving training data quality for coding LLMs
Recent research from Anthropic has shown that even a small amount of malicious or poor quality training data can have a massively negative impact on a model’s performance, exposing users to significant security and quality issues.
Technical debt’s impact on development speed and code quality
By acknowledging the impact of technical debt and embracing proactive solutions like Sonar, development teams can mitigate its effects and build software that is resilient, reliable, and scalable.
Read article >
Digital Operational Resilience Act (DORA) Compliance for Financial Entities
Leveraging Sonar solutions to ensure code security by design
Read article >
Get new blog posts delivered directly to your inbox!
Stay up-to-date with the latest Sonar content. Subscribe now to receive the latest blog articles.
Micro Services, Major Headaches: Detecting Vulnerabilities in Erxes' Microservices
Our vulnerability researchers discovered critical vulnerabilities in Erxes with the help of SonarQube Cloud. Learn about the details and how to triage such issues in your own code!
Read article >
__dirname is back in Node.js with ES modules
Node.js is reducing friction when using ES modules by making it easier to get the current module directory name
Read blog post >
#CleanCodeTips: Unlock Your Coding Potential
As software development evolves, keeping up with best practices, the latest trends, and ensuring your code remains top-notch can feel like sailing uncharted waters. Sonar has the Code Quality tips for you!
Read article >
Reply to calc: The Attack Chain to Compromise Mailspring
Learn how an attacker can combine multiple security vulnerabilities to achieve arbitrary code execution on a victim that tries to reply or forward a malicious mail in Mailspring.
Read article >
Are You Ready For PCI DSS 4.0?
PCI DSS 3.2.1 is being retired on March 31, 2024. Are you ready for the new standard, PCI DSS 4.0?
Read article >
Increase readability with Java's Pattern Matching
Increase readability, reduce cognitive complexity, and avoid bugs that are hard to spot with Java's Pattern Matching.
Read blog post >
OpenNMS Vulnerabilities: Securing Code against Attackers’ Unexpected Ways
Learn which unexpected ways attackers may take to exploit code vulnerabilities and how to secure against them.
Read article >
White House emphasizes need for proactive coding practices to counter cyber attacks
The ONCD recent report puts a spotlight on one of the most foundational issues that result in insecure software. Sonar applauds the administration’s call for addressing software vulnerabilities at the programming language and source code levels.
Read blog post >
Sonar Reaffirms Strength of its Information Security Management Systems by Earning The Latest ISO Certification, ISO27001:2022
As part of our continuously advancing and improving security practice, we are pleased to announce that Sonar and its products are now certified to the latest version of the ISO72001 standard.
Read article >