{"data":{"allKontentItemArticlePage":{"nodes":[{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Supply chain attacks are spreading through dependencies and pipelines. Learn how attackers operate and how to protect your software early."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/4bfe3426-3602-4115-8108-3d4a5abf7928/supply-chain-landscape.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Why your supply chain attack surface is expanding"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"c3cce2ef-a505-4753-80d5-b174e55e9d42","codename":"blogpost___an_architecture_review_of_gctoolkit_wit"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"Discover how vulnerability scanning protects software by identifying CVEs, misconfigurations, and code flaws early with automated security testing tools."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/4768b75a-51b7-4645-a87b-3fbf056068c7/learn-page-graphic-03-index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"What is Vulnerability Scanning?"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"5ccf1486-a0d4-4e5c-b65d-62fff39af3ca","codename":"fix_pull_request_with_sonarqube_remediation_agent__5ccf148"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"AI coding assistants and AI-powered code review tools have changed how fast teams can ship software. But speed without verification can quickly introduce outages, vulnerabilities, and long-term technical debt."},"index_image":{"value":{"description":"A magnifying glass with a checkmark icon overlaid on a code editor, representing automated code review and quality analysis","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/910852a7-9e5e-46fa-8224-bd69748b0830/code-review-page-graphic.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"SonarQube vs. other AI code review tools"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"c0e24f89-0e2c-4ee5-bad5-59090d733108","codename":"what_is_vulnerability_scanning____learn__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Learn how SonarQube reveals architectural insights in GC Toolkit, highlighting tight coupling, dependency drift, and ways to improve modularity."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/37e7613a-8a1a-40e3-881f-969a277a814c/gc-toolkit-blog-index-2x.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"An architecture review of GCToolkit with SonarQube"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Cloud"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"4ef2b1e4-c88e-4514-894f-51bae72c95ea","codename":"blogpost___the_future_of_software_development_is_a"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Verify AI code in real-time to stop security risks before PRs. Use the trusted SonarQube engine to find & fix agent errors in seconds. Join the beta now."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/ef73883b-0a3b-447e-9e54-29b4a66c8f48/agentic_analysis_beta_1399_blog_hero_social_landscape_2x.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"SonarQube Agentic Analysis: Verify AI code as it is generated"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"2c4ab5f8-ed6e-495c-8a62-ac9dbd832a2c","codename":"blogpost___code_architecture_management_general_av"}},{"value":{"index_subheadline":{"value":"Step-by-step guide"},"index_perex":{"value":"Learn how to set up Sonar Context Augmentation with Claude Code. Inject project guidelines & architecture awareness into your AI agent for cleaner, enterprise-ready code."},"index_image":{"value":{"description":"Illustration for Sonar Context Augmentation guide for Claude Code and SonarQube, showing a code editor with highlighted lines, automated issue detection, and security shield to represent AI-assisted code analysis with project guidelines and architecture awareness for cleaner enterprise-ready code","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/b6d3438c-4afd-4223-90d0-38e1ef7e238d/cag-blog-index-2x.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Get started with Sonar Context Augmentation and Claude Code integration"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Cloud"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube MCP Server"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"11df1a9d-11b8-489f-9dcf-4653e6d9aafd","codename":"blogpost___introducing_base_support_for_code_verif"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"As AI agents write more code, ensuring code quality and security becomes critical. Explore Sonar’s approach to code verification and technical debt reduction."},"index_image":{"value":{"description":null,"height":1257,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/9984a518-1a7e-44c6-80c0-8f249538d73b/ACDC-Blog-Hero_2x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"The Future of Software Development is AC/DC"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"ae119ee6-6cee-471d-a8be-53670803a626","codename":"blogpost___introducing_base_support_for_code_verif_ae119ee"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Sonar Context Augmentation injects SonarQube into AI agents like Cursor and Claude Code for fewer errors, lower costs, and better AI code review."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/1f5eb40d-66b1-4b46-98f4-62c9f9c97c85/sonar_context_cag_blog_hero.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Introducing Sonar Context Augmentation"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Cloud"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"584ca14f-ce99-47fc-b73e-925093173785","codename":"blogpost___sonarqube_agentic_analysis_beta_program"}},{"value":{"index_subheadline":{"value":"Step-by-step guide"},"index_perex":{"value":"Learn how to run CI-grade code quality and security analysis inside Claude Code using SonarQube Agentic Analysis for faster, quality commits."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/0c3e6b8f-6ddd-4811-a4f0-a1d4f010fa0c/agentic_analysis_blog_square_2x.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"SonarQube Agentic Analysis using Claude Code"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"How-to guide"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Cloud"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube MCP Server"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"17e5e284-370c-45c8-9cee-2f54eea32726","codename":"fix_pull_request_with_sonarqube_remediation_agent__17e5e28"}},{"value":{"index_subheadline":{"value":"Step-by-step guide"},"index_perex":{"value":"Learn how SonarQube Cloud’s Remediation Agent detects issues, generates verified fixes, and delivers them as PRs you control and review."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/407c214f-68cc-412c-8aeb-582c1a8e26ea/remediation-agent-index-image.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Fix pull request issues with the SonarQube Remediation Agent"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"How-to guide"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Cloud"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"cd630319-f4f6-4cb6-8879-621e7e9ff198","codename":"what_is_software_verification____learn__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"The biggest bottleneck in any modern CI/CD pipeline isn’t writing the code—it’s the “review-fix-verify” loop that happens when a quality gate fails. Today, we’re taking a step toward closing that loop by opening sign-ups for the SonarQube Remediation Agent Beta."},"index_image":{"value":{"description":null,"height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/601612a0-bc6e-4919-86b3-d5e7138fd58f/sq_remediation_agent_blog_featured.webp","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"Join the SonarQube Remediation Agent Beta"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Company news"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"bcdc2981-08e2-4efa-a7ec-6688896b3048","codename":"blogpost___join_us_at_sonar_summit__copy_"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"Master software verification in 2026. Learn the 4 essential techniques, the difference between verification vs validation & how to verify AI-generated code."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/fdb440b7-5e7c-4b9b-89db-020d5dc4725f/learn-page-graphic-05-index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"What is software verification? Definition & Methods"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"9cffdabe-2faf-4cc3-9fc8-fa1d84c0f1fd","codename":"get_started_with_sonar_context_augmentation___lear"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"A redesigned interface, AI fix suggestions powered by your own model, expanded language support, and unified security reporting."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/3c138d18-bff3-4fc1-9fa9-2471abb82ace/sonarqube_server_2026_2_blog_header.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Announcing SonarQube Server 2026.2"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Server"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"94fdf40e-a7b1-4ac3-8ee5-a17a5a4c047c","codename":"blogpost___from_intent_extra_to_rce__argument_inje_94fdf40"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Accelerate code quality and security with SonarQube Base Support. Explore free training, documentation, and onboarding tools for better software reliability."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/63e9e2b4-b2ac-4c79-b880-99ac7028263b/base-support-blog-index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Introducing Base Support: Free resources to accelerate your code verification journey"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"074ad3dd-bcfd-41cc-a7d2-790df0c628b0","codename":"blogpost___customer_managed_keys__byok__in_sonarqu"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Discover a vulnerability our researchers found in the Android app YTDLnis, allowing attackers to execute code on victim devices."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/6f2f9805-2959-48e7-b193-f5f6502b2fe3/ytdlnis_social_landscape_2x.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Argument injection in YTDLnis via Android intent"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Vulnerability research"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"de2aa1f0-7223-4655-9a60-2da7692b2776","codename":"blogpost___from_intent_extra_to_rce__argument_inje"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"Learn how to implement code verification to manage AI-generated code volume. Explore static analysis, quality gates, and how to maintain code health in 2026."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/58681670-b3e8-41b8-9d6c-fc31b94713bd/code-verification-index-image.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Code Verification in Software Development: Close the AI Verification Gap"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"31de1eb8-2a1b-42f9-9903-d2a140cc84e6","codename":"refactoring___learn__copy__31de1eb"}},{"value":{"index_subheadline":{"value":"Solution brief"},"index_perex":{"value":"PCI DSS 4.0 marks a critical evolution from annual compliance checklists to a culture of continuous, always-on security. The standard’s expanded Requirement 6 now mandates that organizations \"develop and maintain secure systems and software,\" explicitly requiring security controls to be embedded throughout the software development lifecycle (SDLC) rather than validated at the end."},"index_image":{"value":null},"index_icon":{"value":null},"index_headline":{"value":"Strengthen your PCI DSS 4.0 compliance with SonarQube"},"index_cta":{"value":"Download brief"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b17a74b6-dd65-4a0a-b279-62ed8d972f76"},"elements":{"name":{"value":"Solution briefs"},"url_slug":{"value":"solution-briefs"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code compliance"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"13b67e2a-f2fe-4052-a01f-633ae696e386","codename":"solution_brief___integrated_code_quality_and_secur"}},{"value":{"index_subheadline":{"value":"Solution brief"},"index_perex":{"value":"The Cyber Resilience Act (CRA) mandates that organizations deliver secure-by-design software, holding manufacturers legally responsible for vulnerabilities in their products. As the velocity of AI\u0002assisted development increases, manual peer review becomes a physical bottleneck."},"index_image":{"value":null},"index_icon":{"value":null},"index_headline":{"value":"Streamline your codebase compliance with CRA using SonarQube"},"index_cta":{"value":"Download brief"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b17a74b6-dd65-4a0a-b279-62ed8d972f76"},"elements":{"name":{"value":"Solution briefs"},"url_slug":{"value":"solution-briefs"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code compliance"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"62351b9d-f1a1-4f6f-bba6-5f3ece882842","codename":"solution_brief___strengthen_your_codebase_complian"}},{"value":{"index_subheadline":{"value":"Solution brief"},"index_perex":{"value":"Healthcare organizations operate under a zero-failure imperative: the need to accelerate digital transformation while maintaining life-critical legacy infrastructure and strict regulatory standards. Sonar provides the essential code verification layer that empowers teams to modernize systems and deploy AI with confidence, ensuring innovation never comes at the cost of compliance."},"index_image":{"value":null},"index_icon":{"value":null},"index_headline":{"value":"Leading healthcare organizations use SonarQube"},"index_cta":{"value":"Download brief"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b17a74b6-dd65-4a0a-b279-62ed8d972f76"},"elements":{"name":{"value":"Solution briefs"},"url_slug":{"value":"solution-briefs"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"8cfd9424-4274-49ac-a169-87bc1eaab5b5","codename":"solution_brief___strengthen_your_misra_c___codebas"}},{"value":{"index_subheadline":{"value":"Solution brief"},"index_perex":{"value":"The Digital Operational Resilience Act (DORA) mandates a unified framework for managing ICT risk, requiring financial entities to build resilience into their systems from the ground up. This regulation emphasizes proactive risk management, supply chain security, and continuous testing to withstand operational disruptions."},"index_image":{"value":null},"index_icon":{"value":null},"index_headline":{"value":"Strengthen your codebase compliance with DORA using SonarQube"},"index_cta":{"value":"Download brief"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b17a74b6-dd65-4a0a-b279-62ed8d972f76"},"elements":{"name":{"value":"Solution briefs"},"url_slug":{"value":"solution-briefs"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code compliance"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"957fe091-5b58-44f7-9dfc-4e509aebe07e","codename":"solution_brief___strengthen_your_pci_dss_4_0_compl"}},{"value":{"index_subheadline":{"value":"Solution brief"},"index_perex":{"value":"Modern safety-critical development, particularly in automotive, aerospace, and medical devices, increasingly relies on the performance features of C++17. However, adopting modern C++ introduces complexity that must be managed to ensure functional safety."},"index_image":{"value":null},"index_icon":{"value":null},"index_headline":{"value":"Strengthen your MISRA C++ codebase compliance with SonarQube"},"index_cta":{"value":"Download brief"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b17a74b6-dd65-4a0a-b279-62ed8d972f76"},"elements":{"name":{"value":"Solution briefs"},"url_slug":{"value":"solution-briefs"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code compliance"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"180c9d21-1468-436c-9421-008decc3df0d","codename":"solution_brief___streamline_your_codebase_complian"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"As AI code improves, bugs become harder to spot. Learn Java 25 risks and how SonarQube identifies critical issues before they ship."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/91050b94-d8c0-4569-9869-ced8b853f6e6/java_blog_index_2x.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Your AI can write Java 25 right with SonarQube"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Languages & frameworks"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"dcdb8b62-4ea8-41d2-b1ec-e9711ab19d29","codename":"blogpost___sonarqube_wiz_integration__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"AI-generated code is growing faster than humans can review it. See how automated code review and governance protect code quality and application security."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/60f794da-bda8-4025-acbc-412ac5b64b66/scale_code_review_social_landscape_2x.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"How to scale code review when AI writes code faster than you can understand it"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"35227145-dfbb-4b31-bd02-2e8b8ac3e469","codename":"blogpost___your_ai_can_write_java_25_right_with_so"}},{"value":{"index_subheadline":{"value":"Press Release"},"index_perex":{"value":"SonarQube platform now includes malicious package detection and a strategic integration with Wiz, closing the verification loop from a developer’s local machine to the cloud."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/162b5d9a-7d6e-4396-801b-1b856e724995/rsac-pr-2x.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Sonar Delivers Enhanced Code Security Offering for the Agent Centric Development Cycle"},"index_cta":{"value":"Learn More"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"1afea4e1-e61f-485b-8a1b-49a9d96e8724"},"elements":{"name":{"value":"Press Releases"},"url_slug":{"value":"press-releases"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"09224ee4-71a3-4483-b850-0a56b3ea4b1b","codename":"press_release___sonar_introduces_the__agent_centri"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Bridge the gap between Dev & Sec with the new SonarQube and Wiz integration. Gain unified visibility of SAST findings in your Wiz dashboard to prioritize risks from code to cloud."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/54b3325f-1d32-4e15-8ddd-eb40dcdf1ff3/sonar_wiz_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"SonarQube Wiz Integration: Unified Code-to-Cloud Security"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Partner integrations"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"aec651a3-e017-488e-a45a-4f3674ec64e5","codename":"blogpost___announcing_native_mcp_server_in_sonarqu"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"The rise of AI-assisted software development has introduced a new bottleneck: code verification. While AI can generate code at unprecedented speeds, manually verifying that code for quality and security often breaks a software developer's flow."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/701e1b3b-29d9-45cb-9636-038c81a19ed1/mcp_server_in_sonarqube_cloud_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Announcing native MCP Server in SonarQube Cloud"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Cloud"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube MCP Server"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"5f5a1541-4090-40d7-8375-25648f382f68","codename":"blogpost___cyber_resilience_act_ai_automated_verif"}},{"value":{"index_subheadline":{"value":"Learn article"},"index_perex":{"value":"Learn what code remediation is, how it differs from patching, and how to build a workflow that fixes vulnerabilities without slowing your team down."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/dd72882b-20a5-400d-b14b-224207cb388b/code_remediation_learn_page_landscape.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"What is Code Remediation?"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"7285e44c-a26d-476e-9bc1-482bd97d4d29","codename":"code_remediation___learn_page"}},{"value":{"index_subheadline":{"value":"Learn article"},"index_perex":{"value":"AI tools generate code fast, but are they secure? Learn the 6 most common AI-generated vulnerabilities (SQLi, XSS, SSRF) and how to automate the fix."},"index_image":{"value":{"description":null,"height":628,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/d3b832b5-cad0-4106-8921-00261989d48f/top6-vulnerabilities_blog-index.png","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"Top 6 Security Vulnerabilities & Risks AI Coding Tools Introduce"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Cloud"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"c1acf470-82ce-4c2d-8f19-527c2841963c","codename":"codex_cli_with_sonarqube_mcp_server___learn_page__"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Ensure EU Cyber Resilience Act compliance without slowing down AI-assisted development. Use SonarQube for automated AI code verification, SAST & SBOM generation. Secure your SDLC today."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/09f35dc2-1874-4ef9-b3b6-bb718b36d26f/cyber_resilience_act_content_1391_blog_index_2x.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"The Cyber Resilience Act: Why AI velocity demands automated verification"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code compliance"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"6caf3d28-d9f8-428f-bbbb-07978190c0c8","codename":"blogpost___mastering_fastapi_quality_standards__co_6caf3d2"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Automate GitHub project onboarding with SonarQube Cloud. Automatically provision repositories to start code quality and security analysis."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/e60d192e-f692-45dc-9dcb-5232ef0ad7a4/github_sqc_social_landscape_2x.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Automate GitHub Project Onboarding with SonarQube Cloud"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Cloud"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"c2c0915c-0972-4944-adbd-c35dfee88893","codename":"blogpost___secure_the_ai_sdlc_with_sonarqube_cli___c2c0915"}},{"value":{"index_subheadline":{"value":"How-to guide"},"index_perex":{"value":"Connect Codex CLI to SonarQube MCP to automate code fixes. Fetch rules and resolve security issues in the terminal to pass quality gates. See the walkthrough."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/b0894d26-d459-41aa-bf2b-40f6c3de3cfe/sonar_mcp_open_ai_codex_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"How to use OpenAI Codex CLI with SonarQube MCP Server"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"How-to guide"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube MCP Server"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"4bf38bde-733a-4baa-8c42-7bf735f43b64","codename":"iac_security___learn_page__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Build resilient Flask APIs with strong code quality and security standards. Reduce technical debt and catch vulnerabilities early with SonarQube."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/b7889855-7549-42e2-9a2d-eec670af7d02/sonar_and_flask_applications_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Code standards for resilient Flask web applications"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Languages & frameworks"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"2882473a-7fb1-4337-80c1-636af5334048","codename":"blogpost___mastering_fastapi_quality_standards__co"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Learn how to master FastAPI quality standards with SonarQube to improve code quality and code security, reduce technical debt, and build secure Python APIs."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/08efc9a6-6901-4688-9410-521571058c50/fastapi_blog_index_2x.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Mastering FastAPI quality standards with SonarQube"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Languages & frameworks"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"0859eeb1-5c89-4e8e-bda9-39519dcdd5e1","codename":"blogpost___top_6_takeaways_from_sonar_summit_2026_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"The era of \"coding as we know it\" has reached a sharp inflection point. As the dust settles from Sonar Summit 2026, the central takeaway is clear: we have moved beyond simple AI assistance and entered a world of fully autonomous agents and high-velocity engineering."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/c10f2c6a-7d2f-4684-817d-574ea7c95857/sonarsummit_blog_2x.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Top 6 takeaways on the future of coding from Sonar Summit 2026"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Company news"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"6772d809-7d1e-487b-9e25-fa1279dec373","codename":"blogpost___secure_the_ai_sdlc_with_sonarqube_cli__"}},{"value":{"index_subheadline":{"value":"Definition and guide"},"index_perex":{"value":"Discover how to secure Infrastructure as Code with early scanning, policy as code, and effective remediation strategies to prevent cloud vulnerabilities."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/df329617-1921-41d2-9256-4bf2105409e2/iac_security_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"What is IaC Security?"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Vulnerability research"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"151df80f-9f1e-4b97-8977-0c52647c835d","codename":"iac_security___learn_page"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We are excited to announce the open beta of SonarQube CLI. It transforms this workflow by moving security from the end of the pipeline directly into the developer's agentic workflow."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5ddd4d93-fc90-4549-b046-c479bfc2a0fb/sonarqube_cli_beta_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Secure the AI SDLC with the new SonarQube CLI"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"8a8986fc-f748-4add-978a-8add09d4321f","codename":"blogpost___introducing_sonar_context_augmentation_"}},{"value":{"index_subheadline":{"value":"Definition and guide"},"index_perex":{"value":"Discover how AI code review scales pull request reviews, reduces technical debt, and catches vulnerabilities early in modern software development."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/1897ae97-eb3d-4941-8f62-892aa3199fbe/ai_code_review_learn_page_landscape.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"AI Code Review: Scaling Quality and Security in the GenAI Era"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"8fb863e7-4748-4994-b49c-f9de3ab74896","codename":"ai_code_review___learn_page"}},{"value":{"index_subheadline":{"value":"Press Release"},"index_perex":{"value":"Sonar, the global leader in code verification, today introduced the Agent Centric Development Cycle (AC/DC) framework, a new software development methodology designed for the unique scale and speed of AI-generated code."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/7ec302f1-ae36-4b20-9bf1-1bbacb17cdd8/ac_dc_blog_hero_social_landscape_2x.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Sonar Introduces the ‘Agent Centric Development Cycle’"},"index_cta":{"value":"Learn More"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"1afea4e1-e61f-485b-8a1b-49a9d96e8724"},"elements":{"name":{"value":"Press Releases"},"url_slug":{"value":"press-releases"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"54bc3f5d-48d9-4f24-8f62-b645654fad40","codename":"press_release___sonar_claims_top_spot_on_swe_bench"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"The era of Continuous Integration, with its familiar processes and workflows, is rapidly coming to an end. Traditional CI relies on developers making small, frequent, iterative commits. Today, the “continuous” part is changing."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/7ec302f1-ae36-4b20-9bf1-1bbacb17cdd8/ac_dc_blog_hero_social_landscape_2x.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"The future is AC/DC: the Agent Centric Development Cycle"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"17f3ca8a-a85d-4fb8-97fc-2782ffe2e42a","codename":"blogpost___how_to_optimize_sonarqube_for_reviewing"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Manage code architecture in SonarQube Cloud to stop structural debt. Discover, formalize & fix AI-driven drift in real-time. Get started today."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/44d2f2ef-86d5-44ae-b32f-e86cf9657d60/architecture_ga_1361_blog_hero_social_landscape_2x.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Code architecture management general availability in SonarQube"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Cloud"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"4be693e2-632f-4dc3-bcd2-b7d9068b3cd4","codename":"blogpost___the_future_is_ac_dc__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Without guardrails, AI-generated code introduces technical debt, security vulnerabilities, and reliability issues that are hard to track."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/0f2413e7-b063-4eb4-be1a-96d4ea672447/sonarqube_for_reviewing_ai_generated_code_learn%20page_landscape.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"How to optimize SonarQube for reviewing AI-generated code"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Cloud"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"599f21c1-8b27-4ee2-8971-1fc8016f52d8","codename":"blogpost___why_your_code_becomes_hard_to_change__c"}},{"value":{"index_subheadline":{"value":"Definition and guide"},"index_perex":{"value":"Discover how automated code review boosts software quality, catches bugs early, and streamlines workflows with advanced static analysis and AI tools."},"index_image":{"value":{"description":null,"height":628,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/b51b1d9d-3644-4d34-b48e-adcc5f08bccf/automated_code_review_blog_index_1x.webp","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"What is Automated Code Review?"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"81948f26-579f-486b-8c71-83db21f50e00","codename":"automated_code_review___learn_page"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Stop the \"silent killer\" of engineering velocity. Learn what architectural drift is, why those quick code shortcuts lead to massive technical debt, and how to bridge the gap between your whiteboard designs and your actual codebase."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/0fc80544-c636-4698-a956-5cb3164009c5/architecture_capability_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"The architecture gap: Why your code becomes hard to change"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Cloud"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Server"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"1e233ab1-b01a-437e-8efa-2b6c7473f37f","codename":"blogpost___code_generation_tradeoffs__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We recently ran a small experiment to see how Claude Opus 4.5 and the newer Opus 4.6 handled a specific backend task. The goal wasn't to see which one was necessarily better, but to understand the differences in their coding styles."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/b10a1daa-e3b2-49eb-a34c-4a0feda1ad78/comparing_claude_opus_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Code generation tradeoffs: A comparison of Claude Opus 4.5 and 4.6"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"b0f85a7d-7054-43fa-9ee5-847b63bde95d","codename":"blogpost___thoughts_on_claude_code_security__copy_"}},{"value":{"index_subheadline":{"value":"Step-by-step guide"},"index_perex":{"value":"This step-by-step guide shows how to integrate SonarQube for IDE with Google Antigravity and enable Connected Mode for your org’s rules and quality profiles."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/6ab44c85-0629-41ce-b155-4c58ed3595b7/sonarqube_antigravity_ide_blog_index%20%281%29.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Integrate SonarQube for IDE with Google Antigravity IDE"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"How-to guide"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube for IDE"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Cloud"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Partner integrations"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"b2c3e8af-e526-414d-b1c7-9d2aefca47ef","codename":"integrating_the_sonarqube_mcp_server_with_google_a_b2c3e8a"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"This blog post aims to explain what Claude Code Security is (recognizing few details are currently available), and how enterprises and developers should think about its role in their cybersecurity toolchain."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/75682e96-a8ba-4d5b-882a-6bd6a136d4a8/thoughts_on_claude_code_security_blog_square.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Thoughts on Claude Code Security"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"b8b4fdcf-b60b-4bb6-b876-3fccbe475b4c","codename":"blogpost___security_that_works_for_you__copy_"}},{"value":{"index_subheadline":{"value":"Step-by-step guide"},"index_perex":{"value":"When you integrate SonarQube’s deep static analysis directly into Antigravity via MCP, you allow Antigravity’s agents to write high-quality, secure, and reliable code that adheres to your organization’s quality gates."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/00584aa0-a5e0-415a-b97c-6b080492ce66/sonarqube_antigravity_ide_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Integrating the SonarQube MCP Server with Google Antigravity IDE"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"How-to guide"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube for IDE"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube MCP Server"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"d7edc7b8-8193-42cb-becb-c5da13e077e1","codename":"integrate_sonarqube_with_kiro_ide___learn_page__co"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Our latest enhancements in SonarQube establish a non-negotiable code verification layer designed to bridge this trust gap, unifying the analysis of first-party, AI-generated, and third-party code."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/889c5129-75a3-4992-a119-6d83137762c1/sq_security_roundup_whats_new_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Security that works for you: Exploring the new enhancements in SonarQube"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"d0a41fb8-0a9a-4a31-a112-7f9d92dc76b9","codename":"blogpost___managing_the_tricky_relationship_betwee"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"The sixth installment in our series, where we examine a critical tension in modern development: the tricky relationship between AI and code security."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/f30d6ae0-5932-4d19-9f9c-5ded075d6a42/ai_and_code_security_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Managing the tricky relationship between AI and code security"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"919b3f2d-fae0-43bb-9e66-3c89fd436466","codename":"blogpost___the_intelligence_paradox__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Read on for an exhaustive comparison of the technical architectures of Claude Opus 4.5 and 4.6, an evaluation of their performance across industry-standard benchmarks, and an outline of Sonar’s focus on embracing agentic development."},"index_image":{"value":{"description":null,"height":628,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/521bd288-e6d9-4092-a474-e23bb6e11a24/claude_vibe_verify_blog_index_1x.webp","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"The intelligence paradox: Why Claude Opus 4.6 requires verification"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Cloud"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"59d94b7a-46b4-45f2-862c-a5649cb4cfed","codename":"blogpost___how_sonarqube_minimizes_false_positives"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Read on to learn how SonarQube’s static code analysis engine works under the hood and the specific strategies that help it deliver accurate results."},"index_image":{"value":{"description":null,"height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/fb684acc-fc5c-4bd3-8e3b-00ffcd9d76b7/sonar_minimize_false_positives_blog_featured.webp","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"How SonarQube minimizes false positives in code analysis below 5%"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"2f82149a-edbf-41e2-8d96-7e7ac7afc2c9","codename":"blogpost___exploring_your_current_architecture_wit_2f82149"}},{"value":{"index_subheadline":{"value":"Press Release"},"index_perex":{"value":"Sonar Foundation Agent—with Anthropic’s Claude Opus 4.5—achieves top-scores in SWE-bench in ‘verified’ and ‘full’ categories."},"index_image":{"value":{"description":null,"height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/a289d014-2b77-4123-964e-bfbf387c7159/media_alert_llm_leaderboard_square_2x.webp","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"Sonar Claims Top Spot on SWE-bench leaderboard"},"index_cta":{"value":"Learn More"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"1afea4e1-e61f-485b-8a1b-49a9d96e8724"},"elements":{"name":{"value":"Press Releases"},"url_slug":{"value":"press-releases"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"3e648954-aa42-4052-bb43-902100884e6f","codename":"press_release___state_of_code_developer_survey_rep"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"You have access to the accurate architectures of all your applications, that automatically refreshes during every analysis, with no configuration required."},"index_image":{"value":{"description":null,"height":1080,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/6a810578-ab46-4917-8853-9c02e58ddb84/arch_blog_featured_1x.webp","width":1080}},"index_icon":{"value":null},"index_headline":{"value":"Exploring your current architecture with SonarQube"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Cloud"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"39650e77-ed21-4e7f-9d47-0f403d129a1b","codename":"blogpost___join_the_sonarqube_remediation_agent_be_39650e7"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We’ve all been there: you push a feature branch on a Friday afternoon, convinced it is solid. You switch to the next task, only to get a notification twenty minutes later: quality gate failed."},"index_image":{"value":{"description":null,"height":628,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/dd76d5fc-c95b-4319-bfad-c323aa634e25/automating-quality-gate-blog-index-1x.webp","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"Automating quality gate success with Claude Opus 4.6 and SonarQube MCP"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube MCP Server"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"55d5d92d-f848-4477-a09b-596870e61df6","codename":"blogpost___exploring_your_current_architecture_wit_55d5d92"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Claude Opus 4.6 has just been released, and we are officially in the age of hyper-speed coding. These incredible tools are able to generate code at even more incredible speeds."},"index_image":{"value":{"description":null,"height":1080,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5cdde186-1641-49e5-9f58-20e1e3f8d84e/claude_sq_blog_featured.webp","width":1080}},"index_icon":{"value":null},"index_headline":{"value":"Claude Code + SonarQube MCP: Building an autonomous code review workflow"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Cloud"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube MCP Server"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"4b04ba49-0170-41a7-ab78-b9197b3d4c7a","codename":"blogpost___exploring_your_current_architecture_wit"}},{"value":{"index_subheadline":{"value":"Step-by-step guide"},"index_perex":{"value":"This guide will walk you through installing the SonarQube for IDE plugin in Kiro and connecting it to SonarQube Cloud."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/90d8f89e-109f-4fd4-aec4-1f9a60ecc694/sonarqube_kiro_ide_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"How to integrate SonarQube with Kiro IDE"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"How-to guide"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Server"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Partner integrations"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube for IDE"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Cloud"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"29cdad1d-d76c-4607-8bcf-08cb294074f4","codename":"integrating_the_sonarqube_mcp_server_with_kiro_ide_29cdad1"}},{"value":{"index_subheadline":{"value":"Step-by-step guide"},"index_perex":{"value":"Developers are witnessing a paradigm shift. The era of “agentic AI” is here, and companies like Kiro IDE are at the forefront, allowing us to move from simple code completion to full-blown spec-driven development."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/cca94c00-c3f4-4fec-a6f2-98fa81b152e9/sonarqube-kiro_ide_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Integrating the SonarQube MCP Server with Kiro IDE"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"How-to guide"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Server"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube MCP Server"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube for IDE"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Cloud"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Partner integrations"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"c3e7a045-d07a-4109-b8e4-e605d76e6cd9","codename":"white_box_testing___learn_page__copy__c3e7a04"}},{"value":{"index_subheadline":{"value":"Definition and guide"},"index_perex":{"value":"Learn what is a secure code review, why it matters, and how to implement it. Discover checklists, tools, and best practices for the SDLC to improve code security."},"index_image":{"value":{"description":"A shield depicting secure code that will be reviewed","height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/9ac282a9-d301-459b-865f-9e5a83f8f066/secure-code-review-hero.webp","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"Secure code review"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"17f7700b-4484-40ba-ae38-b46f8be07867","codename":"white_box_testing___learn_page__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We’ve seen that while AI is accelerating the speed of generation, it has created a dangerous bottleneck in code verification. This brings us to the fifth installment in our series, where we examine the on-the-ground reality for software engineers."},"index_image":{"value":{"description":null,"height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/f201187c-25ab-45f3-88f7-94f613c3d868/soc_devsurvey_content1064_blog_featured_2x%20%281%29.webp","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"The great toil shift: How AI is redefining technical debt"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"c2224290-faf1-4255-a125-7151d3d10e26","codename":"blogpost___join_the_sonarqube_remediation_agent_be"}},{"value":{"index_subheadline":{"value":"Definition and guide"},"index_perex":{"value":"Master white box testing in software development. Explore code coverage, unit testing, and how tools like SonarQube optimize code security and internal logic."},"index_image":{"value":{"description":"an image depicting a white box testing by showing a transparent cube to symbolize the transparency of the testing process","height":700,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/8eba9437-5d67-4fe7-91ef-67ff94df9187/white-box-testing-learn-hero.webp","width":700}},"index_icon":{"value":null},"index_headline":{"value":"White box testing"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"3a5d6a63-8076-453a-bfac-34aac5ec3496","codename":"code_review_continuous_integration___learn_page__c"}},{"value":{"index_subheadline":{"value":"Definition and guide"},"index_perex":{"value":"Secrets detection is the crucial process of identifying and flagging credentials and sensitive information that have been inadvertently committed or introduced into source code and configuration files."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/3c3c383b-308a-4059-a5fc-03733afabc99/secrets-detection-detection-blog-index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"What is secrets detection?"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"7fb86891-ecdd-4964-8371-72fbd821ed92","codename":"beyond_repository_based_secrets_scanning___learn_p"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"Effective secrets scanning and detection is about prevention, not just discovery. The moment a secret reaches a Git repository, your organization has already entered a cycle of costly remediation."},"index_image":{"value":{"description":"Sonar fixing and showing suggestions for code that is vulnerable","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/193d6dad-a45f-4dc6-b0ac-fc18bc1edae7/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Beyond repository based secrets scanning"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"960502c5-fbb6-48a9-ac33-bdbcda1fad91","codename":"integrating_claude_code_with_sonarqube_mcp_server__960502c"}},{"value":{"index_subheadline":{"value":"Step-by-step guide"},"index_perex":{"value":"The emergence of AI coding agents like Anthropic’s Claude Code represents a major shift in the software development lifecycle (SDLC). These tools can perform complex, multi-step tasks—building features, fixing bugs, and refactoring codebases—through a conversational interface."},"index_image":{"value":{"description":null,"height":830,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/1d0eeb87-10e4-420e-a094-5c13053047b7/sonarqube_mcp_claude_learn_page_square_2x.webp","width":830}},"index_icon":{"value":null},"index_headline":{"value":"Integrating Claude Code with SonarQube MCP server"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Languages & frameworks"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Partner integrations"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube MCP Server"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"How-to guide"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"3bae5781-0423-4cad-9d0b-837cd7d08206","codename":"code_review_continuous_integration___learn_page__c_3bae578"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"On March 3, Sonar will host its inaugural Sonar Summit virtual event, bringing together industry experts and software engineering leaders to discuss the strategies needed to optimize the AI-driven software development lifecycle."},"index_image":{"value":{"description":null,"height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/b4eaab29-17e6-4964-b6f3-a86c0720d17b/sonar_summit_blog_featured_2x.webp","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"Join us at Sonar Summit: A blueprint for the AI-driven SDLC"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Company news"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"6b25eb40-3d87-427b-8bfa-48d7fda94b68","codename":"blogpost___agentic_ai_automation_shift__copy_"}},{"value":{"index_subheadline":{"value":"Setup guide"},"index_perex":{"value":"In this concluding article, we will tackle the advanced topics that separate a basic setup from a professional, enterprise-grade implementation: integrating code coverage, detecting complex security vulnerabilities via taint analysis, and maintaining rigorous standards in the age of AI."},"index_image":{"value":{"description":null,"height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/98cc4b09-bdf0-41ce-b2f4-e1c70b1c3ee4/net_developer_series_part_5_blog_featured.webp","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"The.NET developer’s guide to SonarQube Part 5: Advanced topics for .NET professionals"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"How-to guide"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Languages & frameworks"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Cloud"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"1e7eaf18-3162-4f69-9f11-74b32114703f","codename":"_net_developers_guide_to_sonarqube_part_4___learn__1e7eaf1"}},{"value":{"index_subheadline":{"value":"Solution brief"},"index_perex":{"value":"Financial institutions face a unique pressure: the need to innovate at speed while managing massive legacy codebases, strict regulatory compliance, and non-negotiable security requirements. AI coding can increase speed, but simultaneously puts availability, compliance, and security at risk."},"index_image":{"value":{"description":null,"height":1008,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/dd1619a6-896e-42d7-8a58-755664c5b08e/finserv_solution_brief_vertical.webp","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Integrated code quality and security for financial services"},"index_cta":{"value":"Download brief"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b17a74b6-dd65-4a0a-b279-62ed8d972f76"},"elements":{"name":{"value":"Solution briefs"},"url_slug":{"value":"solution-briefs"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"2ae37cc5-bc57-4b52-8957-aa8132f155e3","codename":"solution_brief___scaling_clean_code_across_the_ent"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"In the fourth chapter of our State of Code Developer Survey report, we examine the next major shift in the software development lifecycle: the move toward autonomous agents."},"index_image":{"value":{"description":null,"height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/b4094187-5d17-43f8-a697-d176167192dd/soc_devsurvey_content1064_blog_featured_2x.webp","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"The automation shift: Why 64% of developers use AI agentic tools"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"54391a11-2370-4c18-9eef-b1e58ce9069f","codename":"blogpost___defeating_the_worm__copy__54391a1"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Visualizing key code quality and security metrics for your SonarQube Cloud projects just became easier with the general availability of customizable project dashboards."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5c4fb014-8659-4005-b967-0582b1dd38b9/sonarqube_cloud_dashboard_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Using dashboards in SonarQube Cloud"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Cloud"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"150363f2-0ddd-4cf4-83dc-e734b0eeaf7c","codename":"blogpost___defeating_the_worm__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"“Malware”, short for “malicious software” has been around for decades, starting with the first computer viruses of the 1990s. Early malware was mostly experimentation and pranks."},"index_image":{"value":{"description":null,"height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/0b8b934e-f843-4aee-b29c-6f1f679b92aa/malware_package_detection_blog_featured.webp","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"Stop malicious packages in your CI/CD pipeline with SonarQube"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"491757c2-f0ba-4e00-85cd-3969094eb33f","codename":"blogpost___shadow_ai_is_already_writing_your_code_"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"This article explores how to bridge the gap between high-velocity software development and robust code health."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/ec7624d4-26c9-4c6b-92fb-fbed042a9716/code_review_continuous_integration_landscape.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Code review continuous integration"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"6b89765a-1c87-4578-9b0b-e02abcf03290","codename":"performance_issues___learn_page__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"This latest LTA is our most significant leap forward to date. It is designed specifically for the AI-native developer workflow to help your software development teams reach their full potential by closing the code verification gap, ensuring every line of code is secure, healthy and production-ready."},"index_image":{"value":{"description":null,"height":1671,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/1ea5f732-7686-4b2b-8f63-ead29416a503/lta_whats_new.webp","width":1673}},"index_icon":{"value":null},"index_headline":{"value":"Announcing SonarQube Server 2026.1 LTA"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Server"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Company news"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"84f9d7af-53fc-4a7e-baf4-04be5c87736f","codename":"blogpost___the_ai_trust_gap__why_code_verification"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"In the third chapter of the report, we examine the tools developers are choosing to get the job done. The data reveals a fragmented landscape where standard corporate toolkits are competing with a massive wave of \"bring your own AI\" adoption."},"index_image":{"value":{"description":null,"height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/ec7a1b29-b82c-4a32-93d2-f1208a6513d3/shadow_ai_code_blog_featured.webp","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"Shadow AI is already writing your code"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"97043451-3263-4df4-a7a3-95f0d8ef2a32","codename":"blogpost___how_to_choose_your_llm_without_ruining_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"When evaluating a new AI model, ensuring the code compiles and executes is only the baseline. Experienced developers know that functionality is just the first step; the true standard for production-ready software is code that is reliable, maintainable, and secure."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/a1fcb8a2-8577-4f22-9906-ba3b4cccc7ab/LLM%20Leaderboard%20for%20Java_blog_Social%20Landscape__2x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"How to choose your LLM without ruining your Java code"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"2b5229fd-abeb-418c-aef0-ba7b3b506bc3","codename":"blogpost___announcing_sonarqube_server_2026_1_lta_"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"A practical guide to identifying, preventing, and fixing performance issues to boost application efficiency and reduce long-term technical debt."},"index_image":{"value":{"description":null,"height":830,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/882ceb95-bcea-4bdd-ad75-3c9f705d2e23/performance_issues_learn_page_square.webp","width":830}},"index_icon":{"value":null},"index_headline":{"value":"Guide to avoiding common software performance issues"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"751f66e8-a6e5-4a05-ac00-4a3b0cf9b8e5","codename":"performance_issues___learn_page"}},{"value":{"index_subheadline":{"value":"Step-by-step guide"},"index_perex":{"value":"In this guide, we show how SonarQube Advanced Security helps you identify and neutralize these hidden threats before they reach production."},"index_image":{"value":{"description":null,"height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/55f56996-5183-4339-9aa1-9bece8004f2c/advanced_security_blog_featured_2x.webp","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"Avoid the trojan horse in your pom.xml: SonarQube Advanced Security (Part 3)"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"How-to guide"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"0b74b673-6e8e-4dea-9d11-b36051250d1f","codename":"a_java_developer_s_guide_to_sonarqube_for_ide_part_0b74b67"}},{"value":{"index_subheadline":{"value":"Setup guide"},"index_perex":{"value":"In this installment, we will examine how to navigate the SonarQube Cloud dashboard, apply the \"Focus on New Code\" strategy to manage technical debt sustainability, and configure quality gates to enforce your organization’s standards."},"index_image":{"value":{"description":null,"height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/7f5f012f-7eee-46e5-b658-fa4bdeb73840/net_developer_series_part_4_blog_featured.webp","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"The .NET developer’s guide to SonarQube - Part 4: Interpreting results and mastering quality gates"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"How-to guide"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Languages & frameworks"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Cloud"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"d44e7eb2-907a-432b-b778-80c2908c0960","codename":"_net_developers_guide_to_sonarqube_part_3___learn__d44e7eb"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"In this second chapter of our State of Code Developer Survey report, we dig deeper into the developer psyche to answer a critical question: Do developers actually trust the code that AI systems are generating?"},"index_image":{"value":{"description":null,"height":2400,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/9e9de806-fcd3-48a1-bcba-57bea0e4df04/AI-Trust-Gap_social-square_2x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"The AI trust gap: Why code verification matters"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"1713d2be-615a-4291-8ad5-1b257c007790","codename":"blogpost___stop_secrets_before_the_commit__copy_"}},{"value":{"index_subheadline":{"value":"Step-by-step guide"},"index_perex":{"value":"In the previous guide, we covered the installation of SonarQube for IDE to catch issues locally. Now, we move from individual contributions to team collaboration."},"index_image":{"value":{"description":null,"height":700,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/8af6a3cc-e06f-4d4b-9ee0-170f11346976/java_sq_cloud_learn_hero_2x.webp","width":700}},"index_icon":{"value":null},"index_headline":{"value":"Connect your workflow: synchronizing SonarQube for IDE with your project (Part 2)"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"How-to guide"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Cloud"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube for IDE"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Languages & frameworks"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"bc3d8fa5-80ac-4045-b1a2-c87043862c25","codename":"a_java_developer_s_guide_to_sonarqube_for_ide_part_bc3d8fa"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We recently sat down with a Platform Engineering leader at a major financial services institution to discuss the realities of modern software development in their highly regulated, distributed environment."},"index_image":{"value":{"description":null,"height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/fcb0b5d5-e260-480a-98b6-81c935f996d3/platform_engineering_blog_featured.webp","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"Modernizing finance: Insights from a platform engineering leader"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Governance"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code compliance"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"b83442c6-3daa-490c-8337-65b5d0cc9407","codename":"blogpost___sonarqube_2025_year_in_review__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"What we found challenges the common narrative. While AI adoption is massive, it hasn’t led to a simple, linear boost in productivity. Instead, it has shifted the bottleneck from writing code to verifying it."},"index_image":{"value":{"description":null,"height":430,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/0e2c5632-5b82-431d-92e3-02e4c0f25c97/soc_report_card_image_v2_2x.webp","width":696}},"index_icon":{"value":null},"index_headline":{"value":"State of Code Developer Survey report: The current reality of AI coding"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Company news"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"d6a7b843-b089-40c8-aa29-c8d646292ae1","codename":"blogpost___seven_indicators_your_codebase_is_unman"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"As we look back at the year we just closed, one thing is clear: 2025 was the year of acceleration. Development teams moved faster than ever."},"index_image":{"value":{"description":null,"height":2400,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/770236c0-5368-4d51-b9be-69e9181c9ecd/sq_year_in_review_square_2x.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Vibe, then verify: SonarQube 2025 year in review"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Company news"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"6d5d228d-0a02-4be4-a9fb-55eea221e5a0","codename":"blogpost___state_of_code_developer_survey_report__"}},{"value":{"index_subheadline":{"value":"Press Release"},"index_perex":{"value":"Sonar’s survey of 1,100+ enterprise developers reveals the AI-assisted software development bottleneck has shifted from writing code to verifying it, while the gap between adoption and oversight creates mounting reliability and technical debt risks"},"index_image":{"value":{"description":null,"height":614,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/d67198c9-dd8c-4bd3-80de-ec726a4a5db9/soc_pr_web_tile_2x.webp","width":1000}},"index_icon":{"value":null},"index_headline":{"value":"Sonar Data Reveals Critical \"Verification Gap\" in AI Coding"},"index_cta":{"value":"Learn More"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"1afea4e1-e61f-485b-8a1b-49a9d96e8724"},"elements":{"name":{"value":"Press Releases"},"url_slug":{"value":"press-releases"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"f5bf4feb-8b1c-4aa9-b123-aec63203ee99","codename":"press_release___ori_yitzhaki_joins_sonar_as_chief__f5bf4fe"}},{"value":{"index_subheadline":{"value":"Report"},"index_perex":{"value":"Results reveal that although 72% of developers who have tried AI use it nearly every day, 96% of developers don’t fully trust its output, and yet only 48% always verify it before committing. The gap between adoption and oversight creates mounting reliability and technical debt risks."},"index_image":{"value":{"description":null,"height":746,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/8f277f7a-de9c-4c1f-b327-cd54df5e1a0c/soc_report_card_image_2x.webp","width":1212}},"index_icon":{"value":null},"index_headline":{"value":"State of Code Developer Survey"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"4288f54f-c21e-46e1-9321-eaeefc10a1ca"},"elements":{"name":{"value":"White Papers"},"url_slug":{"value":"white-papers"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"5809282e-5404-4d46-a0d7-dfcfc07d27be","codename":"guide___the_state_of_code__languages_report__copy__5809282"}},{"value":{"index_subheadline":{"value":"Report"},"index_perex":{"value":"Results reveal that although 72% of developers who have tried AI use it nearly every day, 96% of developers don’t fully trust its output, and yet only 48% always verify it before committing. The gap between adoption and oversight creates mounting reliability and technical debt risks."},"index_image":{"value":{"description":null,"height":746,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/8f277f7a-de9c-4c1f-b327-cd54df5e1a0c/soc_report_card_image_2x.webp","width":1212}},"index_icon":{"value":null},"index_headline":{"value":"State of Code Developer Survey"},"index_cta":{"value":"Download report"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"fa5bbedc-f11d-4e11-8753-0d4081f27344"},"elements":{"name":{"value":"SEM"},"url_slug":{"value":"sem"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"6798e223-6d5e-44c8-9c85-b197c736af16","codename":"report___idc_report__gated___copy__6798e22"}},{"value":{"index_subheadline":{"value":"Public sector"},"index_perex":{"value":"IMSA (Informatique de la Mutualité Sociale Agricole) is the IT provider for France's second-largest health insurance organization."},"index_image":{"value":{"description":null,"height":400,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/3512fc6f-08cd-4584-9bb4-64ac74a29ed6/dept_card_2x.webp","width":704}},"index_icon":{"value":null},"index_headline":{"value":"IMSA"},"index_cta":{"value":"Read more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"0a4f1a31-9a41-4ee9-b452-5deb1bfd1e47"},"elements":{"name":{"value":"Customer Stories"},"url_slug":{"value":"customer-stories"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Region"}}}},"name":{"value":"Europe"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Product"}}}},"name":{"value":"SonarQube Server"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Industry"}}}},"name":{"value":"Public sector"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Industry"}}}},"name":{"value":"Healthcare"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"14bfff6f-db4e-40c8-802b-74032af5eca7","codename":"customer_story___dept__copy__14bfff6"}},{"value":{"index_subheadline":{"value":"Business services"},"index_perex":{"value":"DEPT® is a global technology and marketing company that designs, builds, and runs digital products and experiences for the world’s most impactful brands."},"index_image":{"value":{"description":null,"height":400,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/3512fc6f-08cd-4584-9bb4-64ac74a29ed6/dept_card_2x.webp","width":704}},"index_icon":{"value":null},"index_headline":{"value":"DEPT®"},"index_cta":{"value":"Read more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"0a4f1a31-9a41-4ee9-b452-5deb1bfd1e47"},"elements":{"name":{"value":"Customer Stories"},"url_slug":{"value":"customer-stories"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Industry"}}}},"name":{"value":"Business Services"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Region"}}}},"name":{"value":"Europe"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Product"}}}},"name":{"value":"SonarQube Cloud"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"7456e1d6-cd2f-4f3e-8a40-1b6834f418f5","codename":"customer_story___findomestic__copy__7456e1d"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"A Common Vulnerabilities and Exposures (CVE) entry is a unique identifier assigned to a publicly known cybersecurity vulnerability in software or firmware."},"index_image":{"value":{"description":null,"height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/d802537d-c8b2-4f96-b1ca-5fed7e7baf0d/cve_learn_hero_image.webp","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"Common vulnerabilities and exposures in software development"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Vulnerability research"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"90fade35-24e8-4343-ba5c-69d2beaa6602","codename":"a_java_developer_s_guide_to_sonarqube_for_ide_part_90fade3"}},{"value":{"index_subheadline":{"value":"Step-by-step guide"},"index_perex":{"value":"In this guide, we focus on the “standalone mode”—how to install the extension and use it to solve daily coding headaches directly inside IntelliJ."},"index_image":{"value":{"description":null,"height":700,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/d9d7609b-fd37-4ea0-8e67-0cec4f732876/java_learn_hero_2x.webp","width":700}},"index_icon":{"value":null},"index_headline":{"value":"A Java developer’s guide to SonarQube for IDE: stop fixing bugs on Fridays (Part 1)"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube for IDE"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Languages & frameworks"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"How-to guide"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"ac6db7ad-0a21-41b5-8ce8-2a5cf0d31ece","codename":"what_is_sca_scanning____learn_page__copy_"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"Software Composition Analysis (SCA) is an automated process used in software development to identify, analyze, and manage open source components within an application."},"index_image":{"value":{"description":null,"height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/944cf3ac-c5e9-4a22-a0cb-738fb34c3f9c/what_is_sca_scanning_hero_2x.webp","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"What is SCA scanning?"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"84b4d979-3202-4418-a716-f716c8e7b2c8","codename":"_net_developers_guide_to_sonarqube_part_3___learn__84b4d97"}},{"value":{"index_subheadline":{"value":"Setup guide"},"index_perex":{"value":"In the previous installment of this series, we established a local analysis environment and performed a manual scan of a .NET solution."},"index_image":{"value":{"description":null,"height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/51e4fe67-9985-4d65-a9d5-e2a2c45dd0b2/automating_quality_blog_featured_2x.webp","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"The .NET developer’s guide to SonarQube - Part 3: Automating quality with CI/CD integration"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"How-to guide"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Languages & frameworks"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"bc93ab13-946b-4df5-8932-352d986dfe2c","codename":"_net_developers_guide_to_sonarqube_part_2___learn__bc93ab1"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"This article outlines seven indicators of an unmanageable codebase and details how continuous, automated code review using SonarQube provides the mandatory data metrics for diagnosis, quantitative prioritization, and remediation, transforming the management of code quality issues from a severe burden into a strategic investment."},"index_image":{"value":{"description":null,"height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/f7755a5a-d17d-4286-a973-e4e85caa194a/seven_indicators_your_codebase_is_unmanageable_blog_featured.webp","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"Seven indicators your codebase is unmanageable"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"9aa4a19e-d290-4d47-9262-ff6bf9314b62","codename":"blogpost___introducing_architecture_in_sonarqube__"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"Learn how source code review secures applications, reduces costs, and ensures compliance. Discover the differences between manual peer reviews and automated analysis tools, such as SAST."},"index_image":{"value":{"description":null,"height":830,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/0d837a77-9b4b-41ae-97b9-9a7fd2e5e69e/source_code_review_learn_page_social_square.webp","width":830}},"index_icon":{"value":null},"index_headline":{"value":"Source code review: A comprehensive guide to secure development"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"bd515f1b-2fc8-4450-9119-d546633a5162","codename":"exploits___learn_page__copy_"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"Learn what exploits in software development are, how they differ from vulnerabilities, and practical strategies to detect and prevent them across the SDLC."},"index_image":{"value":{"description":"exploits in software development ","height":830,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/8aeaacad-aeae-49d6-9a57-5341dcc993fd/exploits_learn_page_social_square_2x.webp","width":830}},"index_icon":{"value":null},"index_headline":{"value":"Exploits in software development: A guide to prevention"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Vulnerability research"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"536a00ab-b20f-4ea4-808a-e2a101bb8f5f","codename":"java_programming_language_faq___learn_page__copy_"}},{"value":{"index_subheadline":{"value":"Press Release"},"index_perex":{"value":"Industry veteran from JFrog and AppsFlyer to drive product vision for Sonar's role as the essential trust and verification layer for AI-generated code"},"index_image":{"value":{"description":null,"height":1440,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/fe4e6170-5afb-4f62-b6b8-fdf6fdd1d425/ori_yitzhaki_pr_index_hero_card.webp","width":1440}},"index_icon":{"value":null},"index_headline":{"value":"Ori Yitzhaki Joins Sonar as Chief Product Officer"},"index_cta":{"value":"Learn More"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"1afea4e1-e61f-485b-8a1b-49a9d96e8724"},"elements":{"name":{"value":"Press Releases"},"url_slug":{"value":"press-releases"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"5c02d294-f076-4b70-a6f4-d0418abd228e","codename":"press_release___ori_yitzhaki_joins_sonar_as_chief_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Today, we are announcing a transformative step forward to help teams manage their software at a higher level, with the addition of architecture capabilities in SonarQube."},"index_image":{"value":{"description":null,"height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/c592c817-d18b-40c2-bc13-8f303fe50185/architecture_in_sonarqube_blog_featured_2x.webp","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"Introducing architecture in SonarQube"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"3f2e38aa-ad28-4d52-b78b-933ffb1b7d23","codename":"blogpost___new_data_on_code_quality__gpt_5_2_high_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Today, we are making all evaluations available in a new Sonar LLM leaderboard and sharing our latest findings on GPT-5.2 High, GPT-5.1 High, Gemini 3.0 Pro, Opus 4.5 Thinking, and Claude Sonnet 4.5."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/df62e17a-4872-40a2-848c-fa602fa3bc6f/llm_leaderboard_blog_hero_v2_2x.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"New data on code quality: GPT-5.2 high, Opus 4.5, Gemini 3, and more"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"09e7cbc7-0844-4e15-8af9-3cee508baa57","codename":"blogpost___sonarqube_server_2025_6_is_here__vibe__"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"Remote code execution (RCE) is a critical software vulnerability that allows an attacker to run arbitrary code on a target system from a remote location."},"index_image":{"value":{"description":null,"height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/44bfd814-88f8-4434-931f-685c9ea931a1/remote_code_learn_hero_image_2x.webp","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"Remote Code Execution"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Vulnerability research"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"ccf3828e-870a-4821-a402-79a5f0fab205","codename":"audit_logging___learn_page__copy_"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"Discover essential bug detection strategies, tools, and best practices to find code issues early, boost reliability, and keep your software maintainable."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/740106a7-f9a4-4f3d-92ae-3e1a7df01e43/bug_detection_learn_page_social_landscape.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"What is Bug Detection?"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"cad67dee-c9f1-4078-8cdb-74289275c67e","codename":"bug_detection___learn_page"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"This release delivers deeper integrations, dramatically faster analysis, and unmatched support for the latest, most popular languages, helping your team embrace the “vibe, then verify” philosophy."},"index_image":{"value":{"description":null,"height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/bec9cbe5-4bb8-43df-8ac1-00f4e04967ca/sq_s_2025_6_content_525_blog_featured_2x.webp","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"SonarQube Server 2025.6 is here: Vibe, then verify faster than ever"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"979af696-66d4-46ab-9580-a3b7cfedf817","codename":"blogpost___achieve_misra_c___2023_compliant_source"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"SonarQube provides an intelligent, high-precision, and integrated solution for development teams to achieve full, friction-free compliance with the MISRA C++:2023 coding standard for C++17 safety-critical applications."},"index_image":{"value":{"description":null,"height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/3f9dd33b-d8c2-4058-8a1c-87b355b9da58/misra_c_2023_blog_featured.webp","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"The intelligent approach to achieve MISRA C++:2023 compliant source code"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code compliance"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"a67cb50d-5e1b-474f-be2e-6cfea39581a4","codename":"blogpost___the_cloudflare_outage__copy_"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"Bitbucket is a comprehensive tool focused on streamlining the Git workflow and integrating tightly with the rest of the development ecosystem."},"index_image":{"value":{"description":null,"height":1054,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/52e7142d-e63b-4ab5-9620-3345b9982b2c/bitbucket_index_2x.webp","width":2015}},"index_icon":{"value":null},"index_headline":{"value":"Bitbucket: A practical guide for developer teams"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Partner integrations"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"e86b59fb-4d38-4ed4-878b-d34ad6c62049","codename":"bitbucket___learn_page"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"In an era of increasing cyber threats, stringent data privacy regulations, and complex distributed systems, a robust audit logging strategy is no longer a \"nice-to-have\"."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/081fcb13-b5b4-42f6-8dd1-c3467a278d85/audit_logging_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"A developer's complete guide to audit logging"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Governance"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"1f88193c-62c1-4961-bb8c-f4370b19559a","codename":"audit_logging___learn_page"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Our research team recently discovered an exploitable pattern in GitHub Actions that lets attackers exploit seemingly fixed vulnerabilities."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/9ad540eb-14e0-4e2f-a87c-600247b222ba/content_734_zombie_workflows_blog_index_2x.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Zombie Workflows: A GitHub Actions horror story"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Vulnerability research"}}}]},"index_card_clickable":{"value":"yes"}},"system":{"id":"7707710a-cfad-47fd-8755-fc8adc7d2e54","codename":"blogpost___zombie_workflows__a_github_actions_horr"}},{"value":{"index_subheadline":{"value":"Setup guide"},"index_perex":{"value":"We will explore the architecture of the SonarScanner for .NET, set up a local analysis environment using Docker, and walk through the specific workflow required to analyze managed code."},"index_image":{"value":{"description":null,"height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/96dd4b6a-3910-41bb-8849-95aa22b1abc9/net_developer_series_part_2_blog_featured_2x.webp","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"The .NET developer’s guide to SonarQube - Part 2: Analyzing your first project"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"How-to guide"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Languages & frameworks"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"b03abe1e-c3ec-4ae2-b7a1-3783061b0ac7","codename":"_net_developers_guide_to_sonarqube_part_1___learn__b03abe1"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"This blog post looks at how seemingly small decisions can have massive effects, and the importance of prioritizing code quality to build reliable software."},"index_image":{"value":{"description":null,"height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/29a23656-e2bf-4d7c-8ff8-e9699a46f3bb/cloudflare_outage_hero_image_2x.webp","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"The Cloudflare outage and why code quality matters more than ever"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"7f4473b9-116a-4459-b754-b1c401f14ec9","codename":"blogpost___the_cloudflare_outage"}},{"value":{"index_subheadline":{"value":"Press Release"},"index_perex":{"value":"New Sonar Research Grant Program seeks to arm researchers with enterprise-grade code analysis tools to accelerate academic studies across various fields"},"index_image":{"value":{"description":null,"height":2400,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/07b3804c-384c-449a-8e35-6bc08feac0cc/grant_display_image_2025_1200x1200-rounded%20%281%29.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Sonar Commits $2.8M in Commercial Licenses to Accelerate Academic Research"},"index_cta":{"value":"Learn More"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"1afea4e1-e61f-485b-8a1b-49a9d96e8724"},"elements":{"name":{"value":"Press Releases"},"url_slug":{"value":"press-releases"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"989977a2-e421-4138-88db-179de7c65786","codename":"press_release___sonar_launches_sonar_integration_p"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"Data resiliency is the strategy that ensures data availability, integrity, and security, allowing a system to continue functioning even when its data is under threat. This concept has become paramount as organizations rely more heavily on data."},"index_image":{"value":{"description":null,"height":830,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/c0903245-41df-4147-9054-e55e6be67141/data_resiliency_learn_page_social_square_2x.webp","width":830}},"index_icon":{"value":null},"index_headline":{"value":"Data resiliency"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Server"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Governance"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"02d48f15-00ed-4e21-a45b-e2cdd8c0c793","codename":"code_scanning___learn_page__copy__02d48f1"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"This release is not intended to compete with state-of-the-art (SOTA) reasoning models. Instead, it serves as a technical demonstration of how training data quality impacts the quality of a model’s code generation output."},"index_image":{"value":{"description":null,"height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/8d22de4c-5d6b-43b3-8aa3-ec3b7bd902cd/sonarsweep_for_gpt_oss_20b_blog_featured_2x.webp","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"A technical look at SonarSweep for GPT-OSS-20B"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"d2e14b6b-50f7-476c-800a-50e8133fae25","codename":"blogpost___code_quality_is_the_source_of_security__d2e14b6"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"Code scanning is the automated analysis of source code to detect flaws, vulnerabilities, and quality issues before the code is merged, deployed, or executed."},"index_image":{"value":{"description":null,"height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/1910c972-6df6-404c-838a-ff8fc2728f65/code_scanning_learn_hero_image.webp","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"Automated code scanning"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"ac40290e-5eea-4406-bb72-83a8a083bb2b","codename":"pair_programming___learn_page__copy_"}},{"value":{"index_subheadline":{"value":"Step-by-step guide"},"index_perex":{"value":"Static Code Analysis is a vital tool for ensuring code safety and protecting against common pitfalls. In this guide, you’ll learn about static code analysis and will walk through steps on how to run it using SonarQube Server."},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Static Code Analysis Using SonarQube Server"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"How-to guide"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Server"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"c8e68873-e0cc-47f3-af34-e38e280fc174","codename":"improve_your_devops_pipeline___developer_guide__co"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"In this article, we’ll cover fundamental concepts, benefits and drawbacks, practical techniques, and actionable tips for successful implementation."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/2312d051-8501-427b-adaf-37197b7f1007/paired_programming_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"What is pair programming?"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"72bb7bfd-9951-4e19-a1ed-414a13a57e88","codename":"_net_developers_guide_to_sonarqube_part_1___learn__72bb7bf"}},{"value":{"index_subheadline":{"value":"Definition and guide"},"index_perex":{"value":"Explore PL/SQL features and real-world use cases. Learn how Sonar boosts code quality and security for Oracle database development."},"index_image":{"value":{"description":null,"height":1054,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/1e84de5f-85c4-4bd2-8dd0-0b7a54c012de/pl_sql_learn_page_2x.webp","width":2015}},"index_icon":{"value":null},"index_headline":{"value":"What is PL/SQL?"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Languages & frameworks"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"6c3269df-4c30-4275-ac6f-4b46216c3129","codename":"what_is_pl_sql____learn_page"}},{"value":{"index_subheadline":{"value":"Definition and guide"},"index_perex":{"value":"Discover C# programming for anyone, covering features, best practices, and industry applications. Explore quality resources to master C# development."},"index_image":{"value":{"description":null,"height":1054,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/666a7615-3e92-419b-b5d6-4db9b4fa70af/c_learn_page_2x.webp","width":2015}},"index_icon":{"value":null},"index_headline":{"value":"What is C#?"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Languages & frameworks"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"65707104-07db-4f02-94ab-28a184d22599","codename":"what_is_pl_sql____learn_page__copy_"}},{"value":{"index_subheadline":{"value":"Definition and guide"},"index_perex":{"value":"Modern development demands a modern approach to security. That means bringing it forward, embedding it directly into the coding process itself. This proactive mindset, “shift left”, empowers developers to identify and fix vulnerabilities early"},"index_image":{"value":{"description":null,"height":350,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/10ccd0af-da15-4359-9973-4fbd7f7adbdb/Content-532-SAST-Guide_learn-page-hero.png","width":350}},"index_icon":{"value":null},"index_headline":{"value":"What is SAST? A complete guide to Static Application Security Testing"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"5cb04941-1ee9-4adf-b935-06902fda418d","codename":"blogpost___sast_guide"}},{"value":{"index_subheadline":{"value":"Guide"},"index_perex":{"value":"This quick guide cuts through the noise to distill what really matters for developers, reframing compliance not as a final audit, but as an integrated part of your daily work and software development lifecycle (SDLC)."},"index_image":{"value":null},"index_icon":{"value":null},"index_headline":{"value":"Developer SDLC compliance guide"},"index_cta":{"value":"Download guide"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"fa5bbedc-f11d-4e11-8753-0d4081f27344"},"elements":{"name":{"value":"SEM"},"url_slug":{"value":"sem"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"ac5cffec-a97e-4926-830d-3a27e39aed7c","codename":"guide___sdlc_compliance__gated___copy_"}},{"value":{"index_subheadline":{"value":"Developer's guide"},"index_perex":{"value":"This practical guide provides a clear model to understand the compliance process, showing developers exactly where to focus their efforts to support the business need for compliance excellence. "},"index_image":{"value":{"description":null,"height":700,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/960d8522-7286-4113-8889-6162cde47f81/compliance-dev-guide-index.jpg","width":1137}},"index_icon":{"value":null},"index_headline":{"value":"A developer's guide to SDLC compliance"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"4288f54f-c21e-46e1-9321-eaeefc10a1ca"},"elements":{"name":{"value":"White Papers"},"url_slug":{"value":"white-papers"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"264c4d9b-3ab7-457d-afa4-7f07aa4d4ef4","codename":"guide___the_state_of_code__languages_report__copy__264c4d9"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"The common perception is that a security vulnerability is a rare, complex attack pattern. In reality, the journey of most flaws begins much earlier and much more simply: as a code quality issue. For both developers and security practitioners, understanding this lifecycle is crucial to building secure, reliable, and maintainable software. "},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/53fb6dd6-5c86-41da-9e04-0c9b450af211/content_527_code_quality_security_blog_index_2x.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Why prioritizing code quality is the fastest way to reduce security risks"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"ea780232-c2a1-4a99-8beb-cb42bb19dee6","codename":"blogpost___code_quality_is_the_source_of_security_"}},{"value":{"index_subheadline":{"value":"Setup guide"},"index_perex":{"value":"We'll guide you through the ecosystem, starting with the instant, local feedback you can get today, and building up to a fully integrated, automated quality platform for your team."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/7a253657-904f-4a84-a249-28babfbdc348/net_developer_series_part_1_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"The .NET developer’s guide to SonarQube - Part 1: SonarQube for IDE"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"How-to guide"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube for IDE"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"c104d261-9584-4088-b4db-6bb070312117","codename":"a_developer_s_guide_to_sdlc_compliance___learn_pag"}},{"value":{"index_subheadline":{"value":"Definition and guide"},"index_perex":{"value":"The purpose of this guide is to provide a simple, practical model that cuts through the complexity of the compliance process."},"index_image":{"value":{"description":null,"height":700,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/c6ccf863-68ce-4cad-925d-3b3054f3035d/sdlc-compliance-guide.jpg","width":1338}},"index_icon":{"value":null},"index_headline":{"value":"A developer's guide to SDLC compliance"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Governance"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"36ae041b-7591-4fe3-bb12-21f0e08f0de8","codename":"what_is_jira____learn_page__copy_"}},{"value":{"index_subheadline":{"value":"Checklist"},"index_perex":{"value":"This quick guide cuts through the noise to distill what really matters for developers, reframing compliance not as a final audit, but as an integrated part of your daily work and software development lifecycle (SDLC)."},"index_image":{"value":{"description":null,"height":1180,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/f0fc7894-9354-4e69-abb4-70670d93b85b/Checklist_Download%20Page_2x.png","width":960}},"index_icon":{"value":null},"index_headline":{"value":"Developer SDLC compliance checklist"},"index_cta":{"value":"Download checklist"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"4288f54f-c21e-46e1-9321-eaeefc10a1ca"},"elements":{"name":{"value":"White Papers"},"url_slug":{"value":"white-papers"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"5391cb72-de92-4fd1-87dc-e82e304b4c6e","codename":"report___idc_report__gated___copy__5391cb7"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Sonar Foundation Agent is a coding agent for general software issues, developed at Sonar by the former AutoCodeRover team. As of November 3, 2025, Sonar Foundation Agent scores 75% on SWE-bench Verified, while maintaining a low average cost of $1.26 and a high efficiency of 10.5 min per issue."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/42de6a72-2dd7-41e7-b115-84ea0a294e6a/sonar_foundation_agent_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Introducing Sonar Foundation Agent"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Company news"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"48002e0c-be7b-4d6c-a65d-b1097ee3c86c","codename":"blogpost___seventeen_years_later__code_quality_is_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"What started as a free and open source tool to solve our own problem has grown to become SonarQube, a product now used by more than 7 million developers around the world to review and improve the quality and security of over 750 billion lines of code every day."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/7060a8c0-398d-4d6c-9c57-3e5e83997849/Sonar%2017%20year_blog-hero_2x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Seventeen years later, code quality is more relevant than ever"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Company news"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"6cdec9ac-93f3-45a2-92ee-bc4e939e9e83","codename":"blogpost___the_inevitable_rise_of_poor_code_qualit"}},{"value":{"index_subheadline":{"value":"Definition and guide"},"index_perex":{"value":"Open source code isn't just a component, it's the foundation of modern applications. Studies show that open source components typically make up 70–90% of contemporary software."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/36238190-b35e-4e29-8050-b69843d852f9/open_source_license_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Open Source License"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Governance"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"3d31516f-3922-497b-bd80-ec87eb09c1f0","codename":"code_base_in_software_development___learn_page__co"}},{"value":{"index_subheadline":{"value":"Definition and guide"},"index_perex":{"value":"Sonar’s Jira integration streamlines code quality management. Automatically track and resolve issues for efficient, collaborative workflows."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/e59d97cf-47da-47a5-a520-2510db91308b/jira_learn_index_2x.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"What is Jira?"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Partner integrations"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"f76b186a-e22c-44bb-a841-212c87dfd2f2","codename":"open_source_license___learn_page__copy_"}},{"value":{"index_subheadline":{"value":"solution brief"},"index_perex":{"value":"The essential integration that enables your favorite AI agents & AI-native IDEs to find and fix issues using SonarQube's trusted analysis, ensuring all code meets your quality and security standards."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/d5f03549-827d-485b-bdd9-fcb1b4427dbf/mcp_announcement_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"SonarQube MCP Server"},"index_cta":{"value":"Download brief"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b17a74b6-dd65-4a0a-b279-62ed8d972f76"},"elements":{"name":{"value":"Solution briefs"},"url_slug":{"value":"solution-briefs"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube MCP Server"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"c0dad1fe-0636-49dc-8314-372ba8dfc8cb","codename":"solution_brief___sonarqube_advanced_security__copy"}},{"value":{"index_subheadline":{"value":"Definition and guide"},"index_perex":{"value":"Find, fix, and prevent bugs in your software codebase. This guide details how to improve code quality, security, and developer productivity with SonarQube."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/64e97425-cbcf-431e-819a-dbe21c717bd6/devsecops_index_2x.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Code Base in Software Development"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"089acd9d-6544-42b9-bef7-e5e4308a274e","codename":"software_quality_assurance___learn_page__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"The adoption of Large Language Models (LLMs) and AI coding assistants has radically accelerated the development lifecycle, offering the potential for developers to achieve up to a 55% increase in productivity and complete tasks twice as fast."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/d7c5fe4e-55a8-41f9-ba18-f24acdee9511/poor_code_quality_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"The inevitable rise of poor code quality in AI-accelerated codebases"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"249f2696-5dde-4a03-a98d-676513f48fa7","codename":"blogpost___ollama_remote_code_execution__securing__249f269"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Our Vulnerability Researchers uncovered vulnerabilities in the code of Ollama, a popular tool to run LLMs locally. Dive into the details of how LLMs are implemented and what can go wrong."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/3a0f4b54-2b5a-4a9e-9ea2-87a7e21ef712/ollama_llm_remote_code_execution_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Ollama Remote Code Execution: Securing the Code That Runs LLMs"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Vulnerability research"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}}]},"index_card_clickable":{"value":"yes"}},"system":{"id":"5ab43f88-9cdf-4eb0-a45f-c7841b266e4e","codename":"blogpost___ollama_remote_code_execution__securing__5ab43f8"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"AI is rewriting the traditional software development playbook. Developers are adopting AI on the ground, output is exploding, and leaders are being asked to convert promise into predictable velocity."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/dea51b14-2504-4457-ab1d-670e700dce5b/coding_personality_webinar_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Vibe, then verify: How to navigate the risks of AI-generated code"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"ab7bbee9-4dbd-4669-bc52-38c84a7de6e7","codename":"blogpost___beyond_cybersecurity_awareness__make_a_"}},{"value":{"index_subheadline":{"value":"article"},"index_perex":{"value":"Quality assurance in software development refers to the process of ensuring that a software product meets specific operational standards and performs its intended functions effectively, efficiently, and reliably."},"index_image":{"value":{"description":"Sonar fixing and showing suggestions for code that is vulnerable","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/193d6dad-a45f-4dc6-b0ac-fc18bc1edae7/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Software Quality Assurance"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"d97b91d0-ddb6-4f25-9402-e7e2d6b8d8b0","codename":"what_is_azure_devops____learn_page__copy_"}},{"value":{"index_subheadline":{"value":"Definition and guide"},"index_perex":{"value":"Discover tips and features to boost Azure DevOps productivity and security. Learn best practices for efficient CI/CD and developer workflows."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/a8ee8ffa-2614-405e-88ae-d78742b63137/azure_devops_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"What is Azure DevOps?"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Partner integrations"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"e3650e6e-7b02-4516-bd82-b135179254bc","codename":"autoscaling___learn_page__copy_"}},{"value":{"index_subheadline":{"value":"Definition and guide"},"index_perex":{"value":"Autoscaling is a critical feature in large-scale server and cloud computing that dynamically adjusts the number of computing resources allocated to an application based on its current demand."},"index_image":{"value":{"description":"Sonar fixing and showing suggestions for code that is vulnerable","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/193d6dad-a45f-4dc6-b0ac-fc18bc1edae7/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"What is autoscaling?"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Cloud"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Server"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"2faf2637-bbc8-4fe8-9a62-25303f533b56","codename":"devsecops___learn_page__copy_"}},{"value":{"index_subheadline":{"value":"Definition and guide"},"index_perex":{"value":"This guide provides a comprehensive overview of the DevSecOps framework. We will explore its core philosophy, the practical steps for implementation, and the essential tools that empower teams to build secure software without sacrificing speed."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/56100672-150d-42ef-8290-d0084db10abc/devsecops_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"A complete guide to understanding DevSecOps"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Governance"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"e1cae8c3-079b-4158-8667-5f904ef6ef13","codename":"gitlab___learn_page__copy_"}},{"value":{"index_subheadline":{"value":"Report"},"index_perex":{"value":"Accelerate delivery with confidence. Download the G2 Grid Report for Static Code Analysis 2026 to see SonarQube in the top‑right Leader quadrant."},"index_image":{"value":{"description":null,"height":687,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/948741a1-1761-4673-8481-5a564ae8aaa6/g2_grid_image_2x.webp","width":1118}},"index_icon":{"value":null},"index_headline":{"value":"SonarQube named a Leader in the G2 Grid Report for Static Code Analysis"},"index_cta":{"value":"Download report"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"4288f54f-c21e-46e1-9321-eaeefc10a1ca"},"elements":{"name":{"value":"White Papers"},"url_slug":{"value":"white-papers"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"4ad4fc1f-8c1e-42b3-a14a-ae653499d3d4","codename":"report___gigaom_ast_radar__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"October is Cybersecurity Awareness Month, a time when every organization is reminded that security is everyone’s responsibility. It's a time to reflect on how organizations approach security not as a campaign or compliance task, but as a mindset."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/bb91569b-094f-4e6e-a45f-03df462ef102/cybersecurity_awareness_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Beyond cybersecurity awareness: Make a strategic shift to code security"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"c3c28eec-b3ae-46cd-bd66-33b1f8f3b416","codename":"blogpost___pytorch_tensors__neural_networks_and_au"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"This guide is designed to demystify PyTorch's core components, providing you with a solid understanding of how it empowers the creation and training of sophisticated machine learning models."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/67fea513-fc2b-4328-b9a9-746893fe9246/intro_to_pytorch_blog_hero_2x.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"PyTorch tensors, neural networks and Autograd: an introduction"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Languages & frameworks"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"131a7c30-297b-405a-bf59-709eb7fed434","codename":"blogpost___choosing_the_right_sonarqube_server_edi"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Introducing the initial release of audit logs for SonarQube Cloud, a new feature designed to provide enhanced governance and support for our Enterprise plan customers. This initial, API-driven release focuses on core authentication and administrative IAM events to help you meet compliance requirements."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/43993262-1a6b-43a6-aa00-fdefee1b8de2/audit_logs_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Introducing audit logs in SonarQube Cloud: Enhancing compliance and security"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Cloud"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Governance"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"f7203f1c-580e-452f-9dd5-2e037ff87f27","codename":"blogpost___introducing_scoped_organization_tokens_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"SonarQube has emerged as a leading automated code review platform that empowers development teams to achieve a high level of code quality and code security."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/bcd41ea3-17f8-4972-bb15-cec3ca634c61/SonarQube%20Server%20Editions%20Blog%20Post-Index-_2X.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Choosing the right SonarQube Server edition for your needs"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Server"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"25e854ae-8f7d-4b45-bc55-64e84d9f7d96","codename":"blogpost___introducing_audit_logs_in_sonarqube_clo"}},{"value":{"index_subheadline":{"value":"Press Release"},"index_perex":{"value":"This strategic initiative unifies SonarQube's integrations with technology partners under a single program, which includes its latest integrations with Atlassian Jira, Jellyfish, JFrog, and Port, as well as recently announced integrations with the SonarQube MCP Server (Claude Code, Cursor, Devin, Gemini CLI, VS Code, Windsurf and more)."},"index_image":{"value":{"description":null,"height":400,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/26512693-06ab-4317-8a69-f58058be7803/sonarintegrations_press_release_index_2x.webp","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Sonar Launches Sonar Integration Program to Unify Code Governance Across the Software Development Lifecycle"},"index_cta":{"value":"Learn More"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"1afea4e1-e61f-485b-8a1b-49a9d96e8724"},"elements":{"name":{"value":"Press Releases"},"url_slug":{"value":"press-releases"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"29c871dc-4d2b-462d-89a3-520146825bc6","codename":"press_release___sonar_announces_sonarsweep__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We are thrilled to announce the launch of the Sonar Integration Program. This strategic initiative formalizes and expands our partner ecosystem, unifying SonarQube's integrations with leading technology partners under a single, comprehensive program."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/cc9d5211-6ffe-4a63-aaa4-ecb4a28ef982/sonar_integrations-blog-index-_2X.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Sonar launches integration program to unify code governance across the SDLC"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Partner integrations"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Company news"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube MCP Server"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"2e9dfb44-4b5f-4499-901e-eb3f425793f5","codename":"blogpost___fast_co__nbtt__copy_"}},{"value":{"index_subheadline":{"value":"Definition and guide"},"index_perex":{"value":"Explore GitHub and SonarQube integration to automate code review, improve CI/CD workflows, and enhance code quality, security, and team collaboration."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/145a3aac-5fbf-454f-bbf8-498051562487/sonar_github_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"What is GitHub?"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Partner integrations"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"b83a1bea-7ced-4a98-b6bf-54f5cd7a90c1","codename":"c_language___learn_page__copy_"}},{"value":{"index_subheadline":{"value":"Definition and guide"},"index_perex":{"value":"Comprehensive GitLab guide covering features, benefits, workflows, SonarQube integration, industry use cases, and best practices for DevOps teams."},"index_image":{"value":{"description":null,"height":1054,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/faf6f064-9804-41e2-8a03-63e86cda099d/Gitlab-Visual-Studio-_2X.png","width":2015}},"index_icon":{"value":null},"index_headline":{"value":"What is GitLab?"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Partner integrations"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"ffd24f87-c316-44f5-a498-71ec9a77eb04","codename":"github___learn_page__copy_"}},{"value":{"index_subheadline":{"value":"Definition and guide"},"index_perex":{"value":"The Security Technical Implementation Guide (STIG) by the Defense Information Systems Agency (DISA) is a set of security standards that ensure IT systems within the U.S. Department of Defense (DoD) and affiliated organizations meet stringent cybersecurity requirements to protect against cyber threats; these standards provide guidance on securing various aspects of IT infrastructure, including operating systems, databases, networks, and applications."},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Security Technical Implementation Guide"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"c2127329-63c3-4acd-af2a-41df45d434f7","codename":"achieving_high_code_coverage_with_effective_unit_t_c212732"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"Generative AI (GenAI) and large language models (LLMs) are transforming software development by enhancing productivity. Tools like Google’s Gemini Code Assist offer in-IDE code suggestions, autocompletion, and debugging to streamline coding."},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Google Gemini Code Assist: Ensuring Secure, Quality AI Code"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"21cddf77-915a-40e2-9bbe-092ee627dce3","codename":"autoconfig_for_c_and_c_____learn_article__copy_"}},{"value":{"index_subheadline":{"value":"Definition and guide"},"index_perex":{"value":"Proactive strategies in software development involve integrating security practices throughout the SDLC and actively evaluating open source packages to minimize risk from vulnerabilities."},"index_image":{"value":{"description":null,"height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/85a211a6-c279-4f4c-960a-d2b8709bd607/dev_guide_tools_hero.webp","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"Software Composition Analysis (SCA) tools"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"6b8ed183-d2e8-4397-8ce3-12861351af8e","codename":"cybersecurity_regulatory_compliance___learn_page__"}},{"value":{"index_subheadline":{"value":"Definition and guide"},"index_perex":{"value":"SLSA (Supply Chain Levels for Software Artifacts) is a set of industry-agreed standards to simplify software supply chain security management by creating checklists for software producers to ensure security and providing a common language for consumers to signal that a package is secure from tampering."},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"SLSA"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"010598de-62e9-4f0c-9334-31a163b84e1c","codename":"openssf_scorecard___learn_page__copy_"}},{"value":{"index_subheadline":{"value":"Definition and guide"},"index_perex":{"value":"Open source packages provide developers with pre-written code for common functionalities, saving time and effort during development."},"index_image":{"value":{"description":null,"height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/7036e6e9-0766-4b22-af73-507631e8bb13/dev_guide_open_source_package_hero.webp","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"Open Source Package"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"85a1445f-2fdb-4efa-a811-8556984c645d","codename":"sca_software_composition_analysis___learn_page__co"}},{"value":{"index_subheadline":{"value":"Definition and guide"},"index_perex":{"value":"Threat intelligence involves collecting, analyzing, and using data about current and potential cyber threats to inform decisions and proactively defend against attacks, especially in the context of open source software."},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Threat intelligence"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"957c96cd-5240-445e-87f3-d3dd965df759","codename":"vulnerability_management__learn_page__copy_"}},{"value":{"index_subheadline":{"value":"Setup guide"},"index_perex":{"value":"Ensuring proper code quality and consistency is a vital but tedious job when done manually. With SonarQube Server’s pull request and branch analysis, it can be a breeze."},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Improve Your DevOps Pipeline With Pull Request Analysis Using SonarQube Server"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"How-to guide"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"4bc1d39a-b9d3-4997-b28e-5238cb69776f","codename":"ai_assisted_software_development_guide___learn_gui"}},{"value":{"index_subheadline":{"value":"Setup Guide"},"index_perex":{"value":"An In-Depth Guide to Ensuring Code Quality and Security in AI-Assisted Development"},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"How to Protect AI-Generated Code Quality Using SonarQube AI Code Assurance"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"How-to guide"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"29ec6a12-d4af-4fd7-81f8-bd01e79f610e","codename":"how_to_guide_for_ai_code_assurance___developer_per"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"Using SonarQube for IDE with SonarQube Server or SonarQube Cloud helps you follow the best practices laid out in the NIST SSDF to meet code security requirements."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/fdb440b7-5e7c-4b9b-89db-020d5dc4725f/learn-page-graphic-05-index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Sonar: A Powerful Ally in Meeting NIST SSDF Requirements"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"4ff9f7ef-6fde-4028-8c1b-c929a9e5df47","codename":"nist_ssdf___learn_article"}},{"value":{"index_subheadline":{"value":"Definition and guide"},"index_perex":{"value":"Open source maintainers play a crucial role in the development and upkeep of open source projects, ensuring that the project remains functional, secure, and up-to-date by managing coding tasks, bug reports, project workflows, documentation, and community engagement."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/9097eee1-b865-481e-9293-7392ad407ab2/learn-page-graphic-02-index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Open Source Maintainers"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"5ad75f02-ec61-4123-8e31-bbdccaa99a53","codename":"open_source_package___learn_page__copy_"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"The rapid growth of generative AI and large language models introduces new security risks that are challenging to address due to the novelty of the field compared to established domains like web application security."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/fdb440b7-5e7c-4b9b-89db-020d5dc4725f/learn-page-graphic-05-index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"How the OWASP LLM Top 10 Applies to Code Generation"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"24645efd-d5be-492a-bcef-cd34a9fcadb0","codename":"fips__learn_article__copy_"}},{"value":{"index_subheadline":{"value":"Developer Guide"},"index_perex":{"value":"Imagine agents powered by advanced neural networks, moving beyond simple task automation to become genuine collaborators in software development."},"index_image":{"value":{"description":null,"height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/3386f3e8-92e2-4c0b-9716-6fd04e4af943/dev_guide_ai_agents_hero.webp","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"The Algorithmic Reformation: AI Agents are Rewriting the SDLC Playbook"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"How-to guide"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"ee1a2cfb-717e-4fc4-b309-9c5e6583c57f","codename":"ai_agents_are_rewriting_the_sdlc_playbook__learn_p"}},{"value":{"index_subheadline":{"value":"Definition and guide"},"index_perex":{"value":"ASPM involves continuously assessing, monitoring, and improving the security of an application by identifying and mitigating potential vulnerabilities and security risks."},"index_image":{"value":{"description":null,"height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/c290665c-5505-4e00-a90f-702c9182345c/dev_guide_app_security_hero.webp","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"Application Security Posture Management"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"bbcfa460-228e-4708-b941-db4ba21faa43","codename":"software_composition_analysis__sca__tools___learn_"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"Amazon Q Developer is a conversational tool powered by generative artificial intelligence (AI) that can assist in understanding, building, extending, and operating AWS applications. With Amazon Q, you can ask questions about AWS architecture, your AWS resources, best practices, documentation, support, and more."},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Amazon Q Developer"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"651a5b9c-300b-459d-94e7-9a07160d241b","codename":"sonarqube_aws_eks__kubernetes_cluster____learn_art"}},{"value":{"index_subheadline":{"value":"Definition and guide"},"index_perex":{"value":"Software supply chain security encompasses the practices to identify and mitigate risks from software creation to distribution, emphasizing the complexity and importance of tools, processes, and open source components in ensuring cybersecurity throughout the software's lifecycle."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/9097eee1-b865-481e-9293-7392ad407ab2/learn-page-graphic-02-index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Software Supply Chain Security"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"0ba25f82-81dd-4d8a-a8d1-7389734d8667","codename":"open_source_maintainers___learn_page__copy_"}},{"value":{"index_subheadline":{"value":"Definition and guide"},"index_perex":{"value":"Software Composition Analysis (SCA) is an automated process in software development that identifies, analyzes, and manages open-source components within applications to mitigate security risks and ensure compliance."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/4768b75a-51b7-4645-a87b-3fbf056068c7/learn-page-graphic-03-index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Software Composition Analysis (SCA)"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"d4e6373d-5ca1-4b7b-8622-958a94e7ed56","codename":"security_technical_implementation_guide__stig____l"}},{"value":{"index_subheadline":{"value":"Setup Guide"},"index_perex":{"value":"Secure coding is the practice of developing software with a focus on security at every \nstage, ensuring that applications are resilient against attacks and free from vulnerabilities."},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"What is secure coding?"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"How-to guide"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"948ed90a-e70a-4b5c-a1cd-0265b1ab3df7","codename":"what_is_secure_coding___learn_page___learn_article"}},{"value":{"index_subheadline":{"value":"Developer Guide"},"index_perex":{"value":"In this guide, you’ll introduce the reader to the concepts of unit testing and code coverage, before showing the reader how they can achieve good code coverage through effective testing."},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Achieving High Code Coverage with Effective Unit Tests"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"How-to guide"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"bc8cc900-615b-4602-b37f-b75a01d3bee4","codename":"achieving_high_code_coverage_with_effective_unit_t"}},{"value":{"index_subheadline":{"value":"Definition and guide"},"index_perex":{"value":"Cybersecurity regulatory compliance involves government regulations and initiatives aimed at securing software development and the software supply chain, particularly for organizations providing software to federal agencies."},"index_image":{"value":{"description":null,"height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/efdf877a-d633-4a86-87be-e82576e60f09/dev_guide_cybersecurity_regulation_hero.webp","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"Cybersecurity regulatory compliance"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Governance"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"54d1df09-e05a-4bd3-a49d-3ff960ea778a","codename":"cybersecurity_regulatory_compliance___learn_page"}},{"value":{"index_subheadline":{"value":"Step-by-step guide"},"index_perex":{"value":"In modern software development, delivering high-quality code often boils down to catching issues as early as possible in the development lifecycle. This “shift-left” approach reduces costly rework later on, improves collaboration, and leads to more reliable releases."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/b1127a3c-a8a5-4e14-a9a3-8e573a400fab/sq_ide_plug_in_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Setting up SonarQube for IDE Plug-in for IntelliJ"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"How-to guide"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube for IDE"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Partner integrations"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"5e327a44-3c39-4c90-a4e2-29a95d677aae","codename":"setting_up_sq_ide_plug_in_for_intellij___learn_pag"}},{"value":{"index_subheadline":{"value":"Definition and guide"},"index_perex":{"value":"A software bill of materials (SBOM) is a list of all components, libraries, and dependencies within a software application to manage security risks and improve transparency."},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Software Bill of Materials (SBOM)"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"3231c62b-7279-4d1c-bee2-74fcadd7944f","codename":"application_security_posture_management___learn_pa"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"Code coverage is a metric used in software testing to measure the degree to which the source code of a program is executed during testing. It aids in identifying the extent to which the source code is being exercised, allowing you to acquire a better awareness of your testing efforts and where extra testing may be required."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/9097eee1-b865-481e-9293-7392ad407ab2/learn-page-graphic-02-index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"What is code coverage?"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"35be7f03-5417-4320-aa0f-987725787f1b","codename":"ai_coding_assistants__learn_page___learn_article__"}},{"value":{"index_subheadline":{"value":"Definition and Guide"},"index_perex":{"value":"In the software development world, monorepos have become a popular choice for managing codebases. But what exactly is a monorepo, and why are so many companies making the switch? In this guide, we'll explore the ins and outs of monorepos, including best practices, types, benefits, and how to create one for your team."},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"What is a Monorepo and Why Are They Useful? "},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"ec8214c8-3e31-4423-8a8c-a18f84613fc5","codename":"developer_first_security___developer_guide__copy_"}},{"value":{"index_subheadline":{"value":"Step-by-step Guide"},"index_perex":{"value":"This guide is designed to help you navigate the features of SonarQube Cloud and integrate it into your workflow seamlessly."},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"SonarQube Cloud: Getting Started Developer's Guide"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"How-to guide"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Cloud"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"0695bb31-349e-4514-a2ce-66ce2715b644","codename":"getting_started_with_sonarqube_cloud__learn_page__"}},{"value":{"index_subheadline":{"value":"Step-by-step Guide"},"index_perex":{"value":"SonarQube Server Enterprise Edition offers robust features to manage code quality within a large organization, but traditional deployments can be complex. In this tutorial, you will show readers how to seamlessly deploy SonarQube Server on their AWS EKS cluster using Docker and Helm charts for a scalable, automated, and efficient solution."},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Installing SonarQube Server Enterprise on AWS EKS"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"How-to guide"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Languages & frameworks"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Server"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"d0273812-2a94-41ac-98f9-b58bcba9bdd7","codename":"owasp_llm_code_generation___learn_article__copy_"}},{"value":{"index_subheadline":{"value":"Step-by-step guide"},"index_perex":{"value":"SonarQube Cloud helps you uncover bugs and security weaknesses early in the development cycle, saving you time, money, and reputation. In this comprehensive guide to using SonarQube Cloud for Java code static analysis, you will walk through the setup, analysis, results, and issue resolution before they cause problems."},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Java Code Static Analysis With SonarQube Cloud"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"How-to guide"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Languages & frameworks"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Cloud"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"53bdebf0-ac42-4b8b-8bf7-88f47238dde6","codename":"analyze_java_code_using_sonarcloud___developer_gui"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"Application security in software development refers to the process of integrating robust security measures throughout the software development lifecycle to protect applications from threats that could compromise their integrity, confidentiality, and availability."},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Application Security"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"05caa092-536b-4e8c-ba99-2d548f3e534e","codename":"code_coverage__learn_page___learn_article__copy_"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"AI coding assistants in software development are advanced tools that enhance the coding process using artificial intelligence and machine learning. These assistants help with code suggestions, debugging, and auto-completion, improving efficiency throughout the development process. "},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"What are AI coding assistants?"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"721471b8-acbf-4845-99ac-3e247dfbe340","codename":"gemini_code_assist__learn_page___learn_article__co"}},{"value":{"index_subheadline":{"value":"Setup guide"},"index_perex":{"value":"Amazon Q stands out as a leading AI assistant by seamlessly integrating into your IDE to generate, test, and debug code with advanced reasoning and multistep planning, while also offering enterprise data integration for comprehensive documentation, insight discovery, and data summarization—all within a single, powerful tool."},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Amazon Q: Ensuring Secure, Quality AI-Generated Code"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"How-to guide"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Partner integrations"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"03e48f4d-9458-4ef9-a3b2-3574e8edf7fd","codename":"google_gemini_code_assist_quality___learn_article_"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"Have you struggled to set up static analysis for your C or C++ project? Fret no more, because SonarQube Server AutoConfig for C and C++ eliminates all the challenges of the past and makes scanning your project simple and immediate."},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"SonarQube Server AutoConfig: Revolutionizing C and C++ Static Analysis"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Languages & frameworks"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"c46cc897-149c-4282-980c-da156ef6b0b8","codename":"nist_ssdf___learn_article__copy_"}},{"value":{"index_subheadline":{"value":"Developer Guide"},"index_perex":{"value":"In this article, we’ll explore practical strategies for identifying and prioritizing the most organizationally important code issues."},"index_image":{"value":{"description":null,"height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/d76a3236-77d6-454f-8b65-027c4657f647/dev_guide_code_issues_package_hero.webp","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"How to identify and prioritize the most critical code issues"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"How-to guide"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"9b704ae9-1567-4777-89b5-573c8a810cc2","codename":"how_to_identify_and_prioritize_the_most_critical_c"}},{"value":{"index_subheadline":{"value":"Definition and Guide"},"index_perex":{"value":"Security in software development is not just important—it's essential. As cyberattacks and threats continuously evolve, the risk to your applications grows exponentially. Vulnerabilities need to be identified and mitigated long before they reach production, which is why the role of developers is so critical."},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Developer first security: First and best line of defense"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"7388e117-f52f-45e7-bc9b-69a0b77115c9","codename":"detect_secrets_in_the_ide_with_sonarlint___develop"}},{"value":{"index_subheadline":{"value":"Developer Guide"},"index_perex":{"value":"Proper error handling ensures your programs can gracefully navigate unforeseen situations without crashing or compromising the user experience."},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Error handling: A guide to preventing unexpected crashes"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"How-to guide"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"2f30a633-2e24-4a5a-9a1b-e04cf359667d","codename":"error_handling__a_guide_to_preventing_unexpected_c"}},{"value":{"index_subheadline":{"value":"Setup Guide"},"index_perex":{"value":"Leaked secrets are a dangerous vulnerability risk that most developers have mistakenly exposed at least once. But by using SonarQube for IDE with SonarQube Cloud or SonarQube Server, you can catch secrets in the IDE before they are exposed. In this step-by-step guide, you’ll walk through how secrets detection works with SonarQube for IDE, SonarQube Cloud, and SonarQube Server."},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Detect secrets in the IDE with SonarQube for IDE"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"How-to guide"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube for IDE"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"d6304c35-da75-4615-8406-6b9d867be414","codename":"installing_sonarqube_ee_on_aws_eks___developer_gui"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"Gemini Code Assist is an AI-powered tool designed for software development by providing intelligent coding assistance and related tasks. It serves as a virtual coding assistant, helping developers write code more efficiently."},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"What is Gemini Code Assist?"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"e84e2678-2135-4a22-88a0-eca28f99ea20","codename":"amazon_q_developer__learn_page___learn_article__co"}},{"value":{"index_subheadline":{"value":"Definition and Guide"},"index_perex":{"value":"FIPS, or Federal Information Processing Standards, are publicly announced standards and requirements developed by the National Institute of Standards and Technology (NIST) for use in computer systems by non-military government agencies, contractors, and vendors. "},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"What is FIPS?"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"3d1f9232-35d5-4c94-a058-8e8cd41f522b","codename":"monorepo__learn_article__copy_"}},{"value":{"index_subheadline":{"value":"Press Release"},"index_perex":{"value":"SonarSweep proactively ensures that models learn from clean, high-quality, and secure examples throughout their training, from pre-training to model alignment. This is an essential step to building reliable and trustworthy AI coding models."},"index_image":{"value":{"description":null,"height":400,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/e45c41d9-75c8-4c45-8ba1-9b321a55a731/sonarsweep_press_release_index_with_mark__2x.webp","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Sonar Announces SonarSweep to Improve Training Data Quality for Coding LLMs"},"index_cta":{"value":"Learn More"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"1afea4e1-e61f-485b-8a1b-49a9d96e8724"},"elements":{"name":{"value":"Press Releases"},"url_slug":{"value":"press-releases"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"7e5a5cbf-8196-4443-a2a8-331d35ac7b61","codename":"press_release___the_state_of_llms__copy_"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"As developers increasingly rely on AI tools like GitHub Copilot for code generation, ensuring the quality of AI-generated code becomes crucial. This can be solved by implementing best practices such as code reviews and automated testing. "},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"GitHub Copilot and Ensuring Quality AI-Generated Code"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Partner integrations"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"77911b08-8244-46d1-bb25-bb18bda13665","codename":"ide___learn_guide__copy___copy_"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"The following article delves into the essence of the shift-left philosophy and how Sonar's tools and methodologies can be instrumental in redefining organizations' security posture.\n"},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Shift-Left Security: Advancing Early Stage Security Integration"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"d6752428-ec32-4f45-9824-040f44b2276a","codename":"secure_by_design_use_case___shift_left_security__a"}},{"value":{"index_subheadline":{"value":"Setup guide"},"index_perex":{"value":"How to Integrate SonarQube Cloud and Azure DevOps"},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Integrating SonarQube Cloud with Azure DevOps"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"How-to guide"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Partner integrations"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"03df01d0-f65c-4acf-b934-f4f05918a5c3","codename":"integrating_sonarcloud_with_azure_devops__learn_ar"}},{"value":{"index_subheadline":{"value":"Setup guide"},"index_perex":{"value":"Quality gates are predefined criteria that ensure only high-quality code progresses through the development pipeline. Integrating quality gates into your CI/CD pipelines ensures these checks are performed automatically and continuously. "},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"SonarQube Server Setup Guide: Integrating Quality Gates into Your CI/CD Pipeline"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"How-to guide"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"ebff0d03-4473-4e76-8645-ab525bc3af2c","codename":"integrating_sonarcloud_with_azure_devops__learn_ar_ebff0d0"}},{"value":{"index_subheadline":{"value":"Set-up guide"},"index_perex":{"value":"How to Integrate SonarQube Cloud and GitHub"},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Integrating SonarQube Cloud with GitHub"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"How-to guide"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Cloud"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Partner integrations"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"5024fd97-b3ce-4b3c-8ea2-4b909facc969","codename":"integrating_sonarcloud_with_github__learn_article_"}},{"value":{"index_subheadline":{"value":"Set-up guide"},"index_perex":{"value":"How to Integrate SonarQube Cloud and GitHub"},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Integrating SonarQube Cloud with GitHub"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"How-to guide"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Cloud"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Partner integrations"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"e91d6903-2072-4e6f-b75f-715d855fdb42","codename":"integrating_sonarcloud_with_github__learn_article__e91d690"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"Identifying and measuring technical debt is not just a technical necessity but a strategic imperative for businesses invested in their software's health, maintenance, and evolution."},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Measuring and Identifying Code-level Technical Debt: A Practical Guide"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"421b44bd-ff84-46ab-8c0b-1ad7786d9d5c","codename":"technical_debt___measuring_and_identifying_code_le"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"Open source software fuels the backbone of modern technology, from personal projects to enterprise solutions, by providing accessible source code for examination, modification, and redistribution. Embodying collaboration and innovation, the open source movement empowers global developers to enhance and distribute software freely, making understanding open source essential for anyone in the tech realm."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/9097eee1-b865-481e-9293-7392ad407ab2/learn-page-graphic-02-index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"open source software: developer's guide"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"6d6f4022-e4ec-4788-a36a-417c88eff797","codename":"source_code_management___learn_guide__copy_"}},{"value":{"index_subheadline":{"value":"Setup guide"},"index_perex":{"value":"A static code analysis tool performs an examination of code without running it, aiming to detect potential bugs, security vulnerabilities, and stylistic inconsistencies. By identifying these issues early in the development cycle, it helps developers save valuable time that would otherwise be spent on testing and merging code at later stages."},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Static code analysis: Developer's Guide"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"How-to guide"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"d0b55ef5-2061-4ff1-b9ef-bf1e92d0edd3","codename":"integrating_sonarcloud_with_azure_devops__learn_ar_d0b55ef"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"This article provides a comprehensive overview of Secure by Design principles, why they are indispensable in today’s software development, and highlights how Sonar’s innovative solution can integrate the code-level related principles into the development lifecycle to ensure the delivery of clean and secure code.\n"},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Secure by Design Starts with Code Quality"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"c53cec3c-c84e-4829-ad29-2aa94db6b6b1","codename":"secure_by_design_use_case___secure_by_design_start"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"Source code management (SCM) streamlines software development by organizing changes to code, ensuring accountability and efficiency throughout the process. Teams can collaborate seamlessly, enabling concurrent work on projects and effortless integration of contributions, ultimately enhancing productivity and project outcomes."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/fdb440b7-5e7c-4b9b-89db-020d5dc4725f/learn-page-graphic-05-index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Source code management: developer's guide"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"a08ba97c-ad6e-42ae-8fa6-697af6aea77b","codename":"source_code___learn_guide__copy_"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"In an outsourced setting, where collaboration might involve multiple teams across different locations, maintaining a high standard of code quality becomes even more critical to ensure a seamless integration of efforts. "},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Exploring strategies for managing code quality in outsourced software development"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"7a481084-7e8d-4be2-85a4-7bb1f8f0cb15","codename":"outsourcing_use_case___exploring_strategies_for_ma"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"Large language model (LLM) code generation uses generative AI, NLP, and ML algorithms to write software code based on natural language descriptions. Integrated into IDEs, these models can quickly and accurately generate, complete, refactor, and optimize code."},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"LLMs for Code Generation: A summary of the research on quality"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"1acc7204-5ca7-4dcc-8c07-49afdcb9af08","codename":"ide___learn_guide__copy_"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"In this article, we’ll explain why code standardization is a pillar of risk mitigation in software development and the value that it creates for users and organizations."},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Code standardization and risk mitigation in software development"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"ccc64397-6e1c-418e-b7e3-f032ace22350","codename":"outsourcing_use_case___code_standardization_and_ri"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"Learn how to approach and plan a successful DevOps implementation "},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"DevOps implementation: a comprehensive guide with planning, strategies, and processes"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"68672f7b-69c0-41a1-8cdf-0a04e112da00","codename":"devops_implementation__a_comprehensive_guide_with_"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"In this article, we’ll discuss the advantages and challenges of distributed software development, why code quality matters, and how to start executing your code quality initiatives to maximize the use of this business model at your organization."},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Distributed software development: A guide to achieving code quality"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"4932ad0e-4c38-4751-a5b2-3d4dcd7ec15e","codename":"outsourcing_use_case___distributed_software_develo"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"Static Code Analysis addresses the underlying issues of underperforming DevOps transformations"},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Modern DevOps transformation begins with static code analysis"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"22f8bb22-1c72-4982-801b-421f2fd09095","codename":"tony_s_article___learn_article"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"The promise of AI-assisted coding is immense, but it rests on a simple, fundamental reality: the quality and security of the code generated by a Large Language Model (LLM)  depends on the quality of the data that it was trained on."},"index_image":{"value":{"description":null,"height":400,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/e45c41d9-75c8-4c45-8ba1-9b321a55a731/sonarsweep_press_release_index_with_mark__2x.webp","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Announcing SonarSweep: Improving training data quality for coding LLMs"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Company news"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"19b8bb02-b7dd-4608-8974-1a336ab3828c","codename":"blogpost___sonar_launches_integration_program__cop"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"Unpacking AI-assisted software development and how you, the developer, can benefit. "},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"a developer's guide to AI-assisted software development"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"d97e30e4-f3ed-4ca6-8954-e22f253b83c9","codename":"benefits_of_ai_assisted_software_development___lea"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"Generative AI coding assistants can significantly increase development velocity in various areas of the DevOps Workflow and other tools. "},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Increasing Development Velocity with Generative AI Coding Assistants"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"10610f17-1d19-47e7-9c81-3231ebfe555c","codename":"ai_code_generation___learn__copy_"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"AI code generation involves Artificial Intelligence (AI) & Machine Learning (ML) using software tools to write computer code. "},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"AI code generation benefits & risks"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"1550f20c-806e-446c-b604-ec6cae142575","codename":"ai_code_generation___learn__copy__1550f20"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"An Integrated Development Environment (IDE) is a comprehensive software application designed to assist developers in writing, compiling, and debugging their code efficiently."},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"IDE: developer's guide"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"189838d1-2827-41dc-8cdc-a653ac8e96ae","codename":"source_code_management___learn_guide__copy__189838d"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"Cyclomatic complexity serves as a vital gauge in computer science, quantifying a program's complexity by counting its independent paths. Monitoring this metric enables the pinpointing of problematic code sections prone to errors, facilitating easier maintenance and overall robustness in software development."},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Cyclomatic complexity: developer's guide"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"d3b70889-91b3-40b9-85f9-a25a7ac1a5be","codename":"source_code_management___learn_guide__copy___copy_"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"Quality gates act as checkpoints throughout software development, ensuring each stage meets specific criteria before code advances to the next phase, like testing or deployment."},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Quality gate: developer's guide"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"135f8827-0cef-4b15-8836-de5dc8201fde","codename":"open_source_software___learn_guide__copy___copy_"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"Source code is made up of the instructions developers write to tell a computer what to do, and it’s fundamental to software development. Whether you’re using a mobile phone app, visiting a website, or using an operating system tool on your computer desktop—source code is behind it all."},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Source code complete guide"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"36414256-5c33-425a-86a6-f8ffc2743459","codename":"code_smell___learn_guide__copy_"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"Software bugs are faults, flaws, or errors in computer software that result in unexpected or unanticipated outcomes. They may appear in various ways, including undesired behavior, system crashes or freezes, or erroneous and insufficient output. "},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"What are software bugs?"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"ab8047db-d7f3-4780-946b-d04a6aeb39c9","codename":"open_source_software___learn_guide__copy_"}},{"value":{"index_subheadline":{"value":"article"},"index_perex":{"value":"SonarQube vs. GitHub: Deep analysis or integrated ecosystem? Compare technical debt tracking, Quality Gates, and security to find the right tool for your code."},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"SonarQube vs. GitHub"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"38ed746b-0164-48bf-94e1-b27cad293159"},"elements":{"name":{"value":"Learn"},"url_slug":{"value":"learn"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"43b28c2f-d6fe-412e-b8b6-9c13959f38b9","codename":"code_quality___learn__copy__43b28c2"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"Discover the transformative power of Infrastructure as Code (IaC), a revolutionary approach that allows you to automate, standardize, and streamline infrastructure management, unlocking unprecedented efficiency, reliability, and scalability in your development workflows."},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Infrastructure as Code (IaC) "},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"3a58b563-cb2e-4fa8-99af-fff775d1b3c7","codename":"refactoring___learn__copy_"}},{"value":{"index_subheadline":{"value":"article"},"index_perex":{"value":"OWASP is a nonprofit entity aimed at bolstering the security of software through a collaborative platform where security experts and developers contribute to creating open-source tools and resources for secure software development."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/fdb440b7-5e7c-4b9b-89db-020d5dc4725f/learn-page-graphic-05-index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"OWASP"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"24775da4-4edd-4ff1-ba8e-3023ed194b3b","codename":"code_quality___learn__copy_"}},{"value":{"index_subheadline":{"value":"article"},"index_perex":{"value":"Refactoring is the process of improving existing code by restructuring its internal design without changing its external behavior, aiming to enhance understandability, modifiability, and maintainability while reducing the risk of introducing bugs and technical debt."},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Refactoring"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"a87f8d94-4948-45f5-8bdd-2c6400a417de","codename":"customer_story___pernod_ricard__copy_"}},{"value":{"index_subheadline":{"value":"article"},"index_perex":{"value":"SAST (Static Application Security Testing) is a software testing technique used to identify security vulnerabilities in the source code of an application without executing it, helping developers find and fix potential issues early in the development process. "},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Static Application Security Testing (SAST) "},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"6b6c3733-7b1f-4042-b0b2-29cf2e522f5e","codename":"infrastructure_as_code___learn__copy___copy___copy"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"\"Shift Left\" is a practice that is all about integrating critical development practices, such as testing, security measures, and quality assurance (QA), earlier in the software development lifecycle (SDLC). "},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Shift Left"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"b3713352-3309-4603-b259-48aadf3fc546","codename":"linter___learn__copy_"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"SDLC (Software Development Life Cycle) is a structured and systematic approach to developing software, encompassing all phases from initial planning and requirements gathering to deployment and maintenance, ensuring a well-managed and efficient development process."},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"SDLC"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"fc391f81-ca82-438b-b0fd-abaaf8e8d1fc","codename":"sast___learn__copy___copy_"}},{"value":{"index_subheadline":{"value":"article"},"index_perex":{"value":"What does a linter do, and what are the benefits of using one? From ensuring error-free code that is secure, consistent, and maintainable, to the impact on developers themselves a linting solution is an invaluable tool for every developer."},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Why you should use a linting tool"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"56207087-d129-4c49-99d9-d54d5a65b066","codename":"linter___learn__copy__5620708"}},{"value":{"index_subheadline":{"value":"article"},"index_perex":{"value":"A linter is a developer tool that analyzes source code for issues such as errors, vulnerabilities & stylistic issues to improve code quality."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/fdb440b7-5e7c-4b9b-89db-020d5dc4725f/learn-page-graphic-05-index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"linter"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"7979979c-6214-4ddd-835d-e21d9925a228","codename":"ci_cd___learn__copy__7979979"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"Debugging is the process of tracking down and eliminating issues in software applications such as bugs and vulnerabilities that may arise due to bad coding, architecture, or implementation."},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"What is Debugging?"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"0993d73c-d5f2-40e8-8e82-9de8684d34b1","codename":"shift_left___learn__copy_"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"Technical debt refers to the future costs of rework or maintenance that arise from prioritizing speed and quick fixes over code quality in software development, with the debt accumulating over time and requiring resources to be paid off, making it crucial to address and minimize from the start of a project."},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Technical Debt"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"9592fc46-148c-41f8-9657-8519f4d21363","codename":"infrastructure_as_code___learn__copy_"}},{"value":{"index_subheadline":{"value":"article"},"index_perex":{"value":"AI code generation involves using software tools, powered by Artificial Intelligence (AI) and Machine Learning (ML), to write computer code."},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"What is AI code generation?"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"3c0262df-4f93-4222-86f9-2f68ea461f13","codename":"owasp___learn__copy__3c0262d"}},{"value":{"index_subheadline":{"value":"article"},"index_perex":{"value":"Code quality describes measuring the general evaluation of a piece of software code or program's effectiveness, readability, reliability, and maintainability."},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"What is code quality?"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"d9ceee72-ab9e-401e-8561-bbbb1d39990b","codename":"debugging___learn__copy_"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"Code review is a systematic software quality assurance technique in which the code of a developer is reviewed to find and fix issues, improve code quality, and enforce coding standards. It helps catch errors and improve the overall codebase before changes are merged into the main code repository. "},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"What is a code review?"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"be2393d4-87ac-4f2e-920f-1d0d973bc59f","codename":"sast___learn__copy_"}},{"value":{"index_subheadline":{"value":"article"},"index_perex":{"value":"CI/CD is a set of practices that automate the process of building, testing, and deploying software. It helps to improve the quality and speed of software delivery."},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"What is CI/CD?"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"181332b4-6d57-4bad-9423-92fa6ba49fde","codename":"technical_debt___learn__copy__181332b"}},{"value":{"index_subheadline":{"value":"article"},"index_perex":{"value":"DevOps is a collaborative approach to software development and operations that emphasizes the integration and automation of processes, tools, and teams to enable continuous delivery of high-quality software products. "},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"What is DevOps"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"2319bc32-3616-4fe2-aa54-a2640a27f82c","codename":"infrastructure_as_code___learn__copy___copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We’re excited to announce that Sonar has been named a Fast Company Next Big Things in Tech honoree for Applied AI! This prestigious award honors technology breakthroughs poised to define the future of their industries."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/94e4be4f-d0bc-4740-a8ec-844e07809f36/sonar_fast_company_nbtt_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Sonar honored in Fast Company's Next Big Things in Tech — Bringing trust to AI-driven development"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Company news"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"06511f87-f9cc-4cca-9b53-58870166b90c","codename":"blogpost___securing_github_actions_with_sonarqube_"}},{"value":{"index_subheadline":{"value":"Definition and guide"},"index_perex":{"value":"The Model Context Protocol (MCP) is an open standard introduced and open-sourced by Anthropic to streamline and clarify how context information is exchanged between clients, applications, and AI models."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/835baad3-5b60-496d-86d6-e49ba297a737/MCP%20Learn%20Page_Blog-Hero-_2X.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Model context protocol open-sourced by Anthropic"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube MCP Server"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"fec0abe1-03a1-4dd0-b2b1-600e4949afcc","codename":"code_scanning___learn_page__copy_"}},{"value":{"index_subheadline":{"value":"Definition and guide"},"index_perex":{"value":"This guide brings together the essential knowledge, frequently searched questions, and practical skills needed to understand and master C—a language synonymous with speed, efficiency, and hardware control."},"index_image":{"value":{"description":null,"height":1054,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/d15ffbcd-1750-4f86-ac81-6079d2341d4b/C%20Programming%20Language%20%20Learn%20Page.png","width":2015}},"index_icon":{"value":null},"index_headline":{"value":"C programming language"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Languages & frameworks"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"20da35ec-6000-487d-b863-24ba0d45ae32","codename":"model_context_protocol___model_context_protocol__c"}},{"value":{"index_subheadline":{"value":"eBook"},"index_perex":{"value":"Learn the evolving AI‑code risk landscape and a practical governance model that normalizes AI as a trusted input from commit to release—so you can move faster with greater security, compliance, and confidence."},"index_image":{"value":{"description":null,"height":2512,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/d8e93f14-02a2-49e8-9a58-c2c754c24dc7/safeguarding_ai_generated_code_at_scale_index.webp","width":4800}},"index_icon":{"value":null},"index_headline":{"value":"Safeguarding AI-generated code at scale"},"index_cta":{"value":"Download eBook"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"4288f54f-c21e-46e1-9321-eaeefc10a1ca"},"elements":{"name":{"value":"White Papers"},"url_slug":{"value":"white-papers"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"1c4fbc59-6dcb-461e-8e65-29ad3e546e6f","codename":"report___idc_report__gated___copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"This blog introduces SonarQube's enhanced analysis capabilities for GitHub Actions, designed to proactively identify and remediate security vulnerabilities like Command Injection and Code Execution that pose a significant supply chain risk."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/21736fed-460e-4848-bdd7-9331eb64bf4d/sonar_github_actions_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Securing GitHub Actions With SonarQube: Real-World Examples"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Partner integrations"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"b558bfa3-74e4-4f21-ba46-4d9ada53c9d6","codename":"securing_github_actions_with_sonarqube__real_world"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"By integrating SonarQube's best-in-class code quality and security analysis directly into Port's software catalog, we’re providing a single pane of glass for engineering organizations to build better, more secure software, faster."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/e6822570-8222-4f26-90fc-492d526ab261/sonar_port_partnership_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"SonarQube and Port: Bringing code quality and security metrics into your software catalog"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Partner integrations"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Governance"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"6e8fff56-bcdd-4c36-af24-f694c10ef9fe","codename":"blogpost___gigaom_s_application_security_testing_r"}},{"value":{"index_subheadline":{"value":"Definition and guide"},"index_perex":{"value":"Code scanning is an automated process that uses static analysis to examine source code without executing it to identify potential bugs, security vulnerabilities, compliance issues and violations of coding standards."},"index_image":{"value":{"description":null,"height":1054,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/0cf230a2-159b-4f24-afb3-eaf83c591804/Code%20Scanning%20Learn%20Page-_2X.png","width":2015}},"index_icon":{"value":null},"index_headline":{"value":"Code scanning: Essential guide for development teams"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"760b90f0-6125-4b42-8293-18523ab1a1b7","codename":"mcp_server_with_cursor___learn_page__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Following an in-depth evaluation of 27 vendors, GigaOm positioned Sonar in the top-tier ‘Maturity/Platform Play’ quadrant, recognizing our significant impact on the market."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/05320aaf-f9e9-45ad-9122-b9fb9561dd9a/Gigaom-Radar-landscape-_2X.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"SonarQube Named a Leader and Fast Mover in GigaOm's Application Security Testing Radar"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Company news"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"0c767029-151c-4bc8-9ff8-cd2dd6b4b897","codename":"blogpost___announcing_sonarqube_mcp_server__copy_"}},{"value":{"index_subheadline":{"value":"Report"},"index_perex":{"value":"Discover why GigaOm placed Sonar at the forefront of the Application Security Testing market."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/05320aaf-f9e9-45ad-9122-b9fb9561dd9a/Gigaom-Radar-landscape-_2X.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"GigaOm AST Radar"},"index_cta":{"value":"Download report"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"4288f54f-c21e-46e1-9321-eaeefc10a1ca"},"elements":{"name":{"value":"White Papers"},"url_slug":{"value":"white-papers"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"f9253ee8-1482-4324-bd45-22cbb56f654b","codename":"report___451_research_report__gated___copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"AI is transforming software development and turbocharging many aspects of a developer's daily work. But it’s also bringing new challenges to your teams: how do you maintain code quality and security standards as the volume of AI-generated code doubles, triples, or increases even more exponentially?"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/d5f03549-827d-485b-bdd9-fcb1b4427dbf/mcp_announcement_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Announcing SonarQube MCP Server: Bringing code quality into your AI workflow"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube MCP Server"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"52318cf1-7c2b-416a-a63b-3e4a623c30b4","codename":"blogpost___developer_survey_request__copy_"}},{"value":{"index_subheadline":{"value":"Setup guide"},"index_perex":{"value":"The SonarQube MCP Server is the purpose-built solution to this paradox. It is not just another tool but an essential bridge that brings SonarQube’s trusted, independent static analysis directly into the conversational workflow of AI-native IDEs like Cursor."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/c417663d-692f-4f11-88f1-f5d32240df1f/model_context_protocol_learn_page_blog_index-v2.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"A developer’s guide to integrating SonarQube MCP Server with Cursor"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"How-to guide"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube MCP Server"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Partner integrations"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"bf53cf9d-7095-44ec-9252-11fb4a12b031","codename":"sarif___learn_page__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We are excited to announce the release of our new, native Jira Cloud integration for SonarQube Cloud, available for Team and Enterprise plans. This integration streamlines the development workflow by allowing users to create Jira issues from SonarQube findings, complete with all the necessary context. "},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/8a0d7b65-17af-402d-b24e-bd84c5847630/SQC%20Jira%20integration%20GA%20Blog%20Post-Index%402x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Introducing native Jira Cloud integration for SonarQube Cloud"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Cloud"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Partner integrations"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"5abce8b0-906e-4579-af1a-532280d402cc","codename":"blogpost___securing_go_applications_with_sonarqube_5abce8b"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Artificial intelligence is rapidly changing how we develop software. But beyond the hype, how are developers like you actually using these new tools in your daily workflows?"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/8d9e6adf-843a-49cb-8a00-87a0b82abd2d/state_of_code_dev_survey_blog_index_2X.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"How has AI changed your workflow? Share your story in Sonar's State of Code developer survey"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Company news"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"3e64431d-81f5-4921-aacc-0260ed6cd308","codename":"blogpost___python_machine_learning__care___quality"}},{"value":{"index_subheadline":{"value":"Definition and guide"},"index_perex":{"value":"SARIF ensures that security findings, code quality issues, and other static analysis results can be easily processed by pipelines, IDEs, automated quality gates, and compliance reporting tools."},"index_image":{"value":{"description":"Sonar fixing and showing suggestions for code that is vulnerable","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/193d6dad-a45f-4dc6-b0ac-fc18bc1edae7/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"The complete guide to SARIF: Standardizing static analysis results"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"52ceeb38-4386-4ae2-aee9-e0f7735db21f","codename":"code_secrets___learn_page__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"This post will discuss machine learning (ML) in Python, examining the unique considerations for application developers as AI's role in everyday software continues to expand."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/16bf21a5-49af-48c2-a4b8-15bab8133803/machine_learning_with_python_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Python Machine Learning: Care & Quality for Developers"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Languages & frameworks"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"c13b1f6a-96ee-463b-90d2-c184739822a9","codename":"blogpost___sonarqube_server_2025_release_5_announc"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Secure your CI/CD pipelines with SonarQube Cloud's Scoped Organization Tokens (SOT). A resilient, user-decoupled way to manage authentication and prevent broken builds."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/0189e742-1197-4c80-98c9-157643a80cc5/scoped_org_tokens_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Introducing Scoped Organization Tokens for SonarQube Cloud"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Cloud"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"4a3ee843-1f8c-42f7-a052-b17a84bc1828","codename":"blogpost___code_security_for_conversational_ai__un_4a3ee84"}},{"value":{"index_subheadline":{"value":"Definition and guide"},"index_perex":{"value":"In this guide, you'll discover how Swift empowers creators to build scalable, reliable, and visually engaging apps for Apple devices and beyond."},"index_image":{"value":{"description":"Sonar and Swift","height":696,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/d0fa6cad-0526-4f55-86bf-9802cdfcf85c/Swift-language-hero%402x.png","width":1088}},"index_icon":{"value":null},"index_headline":{"value":"Swift programming language"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Languages & frameworks"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"231ede9d-e10c-4b3f-ae16-bd41bf9b068a","codename":"open_source_intelligence___learn_page__copy_"}},{"value":{"index_subheadline":{"value":"Definition and guide"},"index_perex":{"value":"Code secrets, often referred to as sensitive credentials, authentication tokens, and API keys, play a critical role in modern software development."},"index_image":{"value":{"description":"Sonar fixing and showing suggestions for code that is vulnerable","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/193d6dad-a45f-4dc6-b0ac-fc18bc1edae7/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Code secrets"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"746af555-112b-4d8f-b048-434f533fd47e","codename":"swift___learn_page__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"SonarQube Server 2025.5 addresses critical needs in modern software development, from cloud-native efficiency and supply-chain security to compliance and developer experience."},"index_image":{"value":{"description":null,"height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/68b0c493-840e-4129-9666-49d0caebdc25/sq_server_2025_5_blog_square.webp","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"SonarQube Server 2025.5: accelerate time to market, fortify supply-chains, develop more efficiently"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Server"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Company news"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"7fc9f933-e764-4913-8838-a6ab11bfcb5b","codename":"blogpost___sonarqube_server_2025_release_4_announc"}},{"value":{"index_subheadline":{"value":"Definition and guide"},"index_perex":{"value":"Secrets management in software development is the practice of securely managing sensitive digital credentials, such as API keys, database passwords, encryption keys, access tokens, and private certificates, throughout the entire software development lifecycle."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/05e18176-3663-4df4-a8a8-3b6927016aa8/secrets-management-learn-page_social-landscape-_2X.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Secrets management in software development"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"71209da2-086d-43fb-ae88-e96d6212e308","codename":"api___learn_page__copy_"}},{"value":{"index_subheadline":{"value":"Definition and guide"},"index_perex":{"value":"Open Source Intelligence (OSINT) in software development involves the collection, analysis, and utilization of publicly available information to enhance various stages of the software development lifecycle."},"index_image":{"value":{"description":null,"height":700,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/6f5b715b-4a07-4e27-be03-1a6cf7a90471/open_source_intelligence_page_hero_2x.webp","width":700}},"index_icon":{"value":null},"index_headline":{"value":"Open Source Intelligence"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Vulnerability research"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"7946c7a1-a363-47e0-a0a8-5a9ff833a29e","codename":"developer_security___learn_page__copy_"}},{"value":{"index_subheadline":{"value":"Definition and guide"},"index_perex":{"value":"Software compliance in software development is the practice of ensuring all software applications, codebases, and development processes conform to a range of legal, regulatory, industry, and organizational requirements."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/89aa3ce8-3e5e-4365-976a-c0af7524a2ab/software_compliance_learn_page_landscape.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Software compliance in software development"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Governance"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"8ee9871c-1223-4da1-ac64-c27932d47ba2","codename":"secrets_management___learn_page__copy_"}},{"value":{"index_subheadline":{"value":"Definition and guide"},"index_perex":{"value":"Developer security refers to the range of processes, policies, and technologies that empower developers to build secure software from the outset."},"index_image":{"value":{"description":null,"height":1054,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/840bbce1-ef80-4ff1-9a53-b15a5e9b6017/Developer%20Security%20Learn-_2X.png","width":2015}},"index_icon":{"value":null},"index_headline":{"value":"Developer security for software teams"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"e3b903d6-fb88-4ac1-90b7-b8cea0df714f","codename":"software_compliance___learn_page__copy_"}},{"value":{"index_subheadline":{"value":"Definition and guide"},"index_perex":{"value":"In modern development, APIs are crucial in connecting frontend interfaces with backend systems, powering web applications, mobile apps, and cloud services seamlessly."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/6d770cc5-b4fc-4803-9370-2c4e95eed53a/api_learn_page_social_landscape.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Application programming interface"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"d34d2317-0088-40c1-bc5a-ce381608ad48","codename":"kubernetes___learn_page__copy__d34d231"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Let's dive in and learn about his drive to expand Sonar's presence in Latin America, what a typical day looks like, and what fuels his passion both in and out of the office."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/920a0e82-1c71-4dac-8048-6c65e27619f3/Sonar-Day-inthe-Life_Cal_Blog%20Hero-_2X.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Day in the Life: Expanding Sonar into LATAM as a Country Manager"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Company news"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"3f65df69-712a-4f87-9837-699dcf1114ad","codename":"blogpost___code_security_for_conversational_ai__un_3f65df6"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Learn how SonarQube identified a Zip Slip vulnerability (CVE-2025-32779) in EDDI, an open-source conversational AI middleware."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/64fd02ec-5ebd-4697-84d7-9074a7208485/Code%20Security-%20Uncovering_Blog%20Hero-_2X.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Code Security for Conversational AI: Uncovering a Zip Slip in EDDI"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Vulnerability research"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"b671e0ed-2ae2-4e9f-8e84-55f293f7718b","codename":"blogpost___code_security_for_conversational_ai__un"}},{"value":{"index_subheadline":{"value":"First party"},"index_perex":{"value":"Integrate SonarQube analysis into your Amazon CodeCatalyst workflows for automated code quality and security checks."},"index_image":{"value":null},"index_icon":{"value":{"description":null,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/e4bb3cc0-82b6-4145-a3fa-11e43116b414/amazon%20codecatalyst_integration_148x148.svg"}},"index_headline":{"value":"Amazon CodeCatalyst"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"5fe275ae-52ba-4cd1-953d-75ae6fc235ff"},"elements":{"name":{"value":"Integrations"},"url_slug":{"value":"integrations"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"First party"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"CI/CD"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Developer experience"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"76fe2a59-15c4-43c3-a972-de43b7da3cb3","codename":"customer_story___findomestic__copy_"}},{"value":{"index_subheadline":{"value":"Financial services"},"index_perex":{"value":"Findomestic Banca sought a partner that could build upon their established DevOps practices to produce higher-quality code and therefore higher-quality financial software."},"index_image":{"value":{"description":"Employees in a bank setting discussing with eachother","height":4480,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/95b1af95-1301-4fcb-8a50-d9766451e40a/AdobeStock_420442534.jpeg","width":6720}},"index_icon":{"value":null},"index_headline":{"value":"Findomestic"},"index_cta":{"value":"Read more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"0a4f1a31-9a41-4ee9-b452-5deb1bfd1e47"},"elements":{"name":{"value":"Customer Stories"},"url_slug":{"value":"customer-stories"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Industry"}}}},"name":{"value":"Financial services"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Product"}}}},"name":{"value":"SonarQube Server"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Region"}}}},"name":{"value":"Europe"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"1341c835-8f40-4f75-8f33-62814d656a6b","codename":"customer_story___wolters_kluwer__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Sonar is thrilled to announce a major leap forward: the General Availability (GA) of SonarQube Advanced Security! Building on the foundation trusted by over 7 million developers and 400,000 organizations for industry-leading code quality analysis, SonarQube now delivers the first fully integrated solution for developers to find and fix both code quality and code security issues across their entire codebase. "},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/e42c81fe-be7d-4ecd-b63d-b5b174a5aa82/sqas_announcement_rerelease_landscape_blog_header__2x.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"SonarQube Advanced Security now available: developer-first security for all code"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Server"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"3b39bb1e-9577-42e6-8756-7ce87236381d","codename":"blogpost___sonarqube_advanced_security_now_availab"}},{"value":{"index_subheadline":{"value":"First party"},"index_perex":{"value":"Analyze code on-the-fly and fix issues directly within Android Studio with the SonarQube for IDE plugin."},"index_image":{"value":null},"index_icon":{"value":{"description":null,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/a7cfc503-cb17-42de-abbe-2363d203d2fe/android%20studio_integration_148x148.svg"}},"index_headline":{"value":"Android Studio"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"5fe275ae-52ba-4cd1-953d-75ae6fc235ff"},"elements":{"name":{"value":"Integrations"},"url_slug":{"value":"integrations"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"First party"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"IDE plugins"}}}]},"index_card_clickable":{"value":"yes"}},"system":{"id":"af61c936-8d5d-4982-9b98-c8d937e659f3","codename":"integrations___amazon_codecatalyst__copy_"}},{"value":{"index_subheadline":{"value":"First party"},"index_perex":{"value":"Embed SonarQube analysis into your Maven build lifecycle for automated code quality checks."},"index_image":{"value":null},"index_icon":{"value":{"description":null,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/787aa486-4fdd-4600-95d0-7f09800164b8/apache%20maven_integration_148x148.svg"}},"index_headline":{"value":"Apache Maven"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"5fe275ae-52ba-4cd1-953d-75ae6fc235ff"},"elements":{"name":{"value":"Integrations"},"url_slug":{"value":"integrations"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"First party"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"CI/CD"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"cb16f614-db60-462a-8d0c-b72a0d40510c","codename":"integrations___android_studio__copy_"}},{"value":{"index_subheadline":{"value":"First party"},"index_perex":{"value":"Analyze code, view quality gates, and see decoration directly in your Bitbucket Cloud pull requests."},"index_image":{"value":null},"index_icon":{"value":{"description":null,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/fc495e1e-c40b-4fd5-a299-de15d65d0da0/BitBucket.svg"}},"index_headline":{"value":"Atlassian Bitbucket"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"5fe275ae-52ba-4cd1-953d-75ae6fc235ff"},"elements":{"name":{"value":"Integrations"},"url_slug":{"value":"integrations"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"First party"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"CI/CD"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Developer experience"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"14c72135-8f97-4ee9-9712-79935ccb913a","codename":"integrations___apache_maven__copy_"}},{"value":{"index_subheadline":{"value":"First party"},"index_perex":{"value":"Create and manage Jira issues for code quality problems directly from the SonarQube UI."},"index_image":{"value":null},"index_icon":{"value":{"description":null,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/df32b10f-64af-40c4-ab4a-f9233735bfff/JIRA.svg"}},"index_headline":{"value":"Atlassian Jira"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"5fe275ae-52ba-4cd1-953d-75ae6fc235ff"},"elements":{"name":{"value":"Integrations"},"url_slug":{"value":"integrations"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"First party"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Business platforms"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"6d768b0a-73c1-4f9b-bd43-d2ac351008d1","codename":"integrations___atlassian_compass__copy__6d768b0"}},{"value":{"index_subheadline":{"value":"First party"},"index_perex":{"value":"Track component health by bringing SonarQube quality and security data into Atlassian Compass."},"index_image":{"value":null},"index_icon":{"value":{"description":null,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/4ec1db94-575f-4dbf-a21d-33ac7d7f0b6e/Atlassian-Compass.svg"}},"index_headline":{"value":"Atlassian Compass"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"5fe275ae-52ba-4cd1-953d-75ae6fc235ff"},"elements":{"name":{"value":"Integrations"},"url_slug":{"value":"integrations"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"First party"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Developer experience"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"43765698-b872-431d-972b-fd62a01b6099","codename":"integrations___atlassian_bitbucket__copy_"}},{"value":{"index_subheadline":{"value":"First party"},"index_perex":{"value":"Embed SonarQube analysis in your Azure DevOps pipelines to ensure code quality at every stage."},"index_image":{"value":null},"index_icon":{"value":{"description":"azure logo","url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/b3e61b79-17f5-4b40-a399-2c110191e732/Azure-1.svg"}},"index_headline":{"value":"Azure DevOps"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"5fe275ae-52ba-4cd1-953d-75ae6fc235ff"},"elements":{"name":{"value":"Integrations"},"url_slug":{"value":"integrations"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"First party"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"CI/CD"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"c8d89721-e086-4bb0-b141-cb91e0b4afe3","codename":"integrations___atlassian_jira__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"In the rapidly evolving AI era, technology leaders are facing a fundamental shift in how code is created, validated, and governed."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/28b75942-7247-4e60-9b44-9085e1b056bb/451_report_blog_post_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Quality assurance in the AI era: a leadership imperative, according to S&P Global Market Intelligence"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"a3272e48-47d2-422f-b9ce-cd682bef69dc","codename":"blogpost___deploying_sonarqube_on_kubernetes_with__a3272e4"}},{"value":{"index_subheadline":{"value":"Third party"},"index_perex":{"value":"Display SonarQube code quality metrics on your Backstage component pages for better visibility."},"index_image":{"value":null},"index_icon":{"value":{"description":null,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/7143c88d-fdc2-4c8a-bf81-6126397b2c45/backstage_integration_148x148.svg"}},"index_headline":{"value":"Backstage"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"5fe275ae-52ba-4cd1-953d-75ae6fc235ff"},"elements":{"name":{"value":"Integrations"},"url_slug":{"value":"integrations"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Third party"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Developer experience"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"f9b63de8-b625-4e17-bbfa-4334d4b54d8d","codename":"integrations___azure_devops__copy_"}},{"value":{"index_subheadline":{"value":"Third party"},"index_perex":{"value":"Correlate SonarQube security findings with developer and AI identities using BlueFlag Security."},"index_image":{"value":null},"index_icon":{"value":{"description":null,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5020b5ac-aa6e-4cbe-8b26-0b74df272890/blueflag%20security_integration_148x148.svg"}},"index_headline":{"value":"BlueFlag Security"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"5fe275ae-52ba-4cd1-953d-75ae6fc235ff"},"elements":{"name":{"value":"Integrations"},"url_slug":{"value":"integrations"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Third party"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Developer experience"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"b0a6b53e-6b0b-4663-8fa9-b9583dc4eeb4","codename":"integrations___backstage__copy__b0a6b53"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"By integrating SonarQube's industry-leading automated code review with JFrog's new AppTrust governance platform, together we are providing the essential framework for software engineering teams to embrace AI-driven speed without compromising on control."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/9356fb50-6069-4caa-a046-5b5bdaaafa54/jfrog_announcement_blog_post_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Analysis evidence from SonarQube now available in JFrog AppTrust"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Partner integrations"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code compliance"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"8082deb9-dd99-4a4c-a6b7-a92fb1321747","codename":"blogpost___how_reasoning_impacts_llm_coding_models"}},{"value":{"index_subheadline":{"value":"First party"},"index_perex":{"value":"Run SonarQube analysis as a seamless part of your CircleCI build and test process."},"index_image":{"value":null},"index_icon":{"value":{"description":null,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/092cb922-ee56-428f-a85b-d2536ddecde0/Circle%20CI.svg"}},"index_headline":{"value":"CircleCI"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"5fe275ae-52ba-4cd1-953d-75ae6fc235ff"},"elements":{"name":{"value":"Integrations"},"url_slug":{"value":"integrations"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"First party"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"CI/CD"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"6b52a413-005a-41fb-84d0-87448f575657","codename":"integrations___backstage__copy_"}},{"value":{"index_subheadline":{"value":"First Party"},"index_perex":{"value":"Integrate SonarQube with Claude Code for agentic software development and maintain code quality and code security within the agentic development."},"index_image":{"value":null},"index_icon":{"value":{"description":null,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/1f6c046d-892f-4aa3-bc35-3efc304b5374/claude-color.svg"}},"index_headline":{"value":"Claude"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"5fe275ae-52ba-4cd1-953d-75ae6fc235ff"},"elements":{"name":{"value":"Integrations"},"url_slug":{"value":"integrations"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"First party"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI Agentic Software Development"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"IDE plugins"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"389d274f-2373-426b-9ee9-ed344c4098fe","codename":"integrations___cursor__copy__389d274"}},{"value":{"index_subheadline":{"value":"Third party"},"index_perex":{"value":"Enhance your CloudBees CI workflows with SonarQube for enterprise-grade code quality assurance."},"index_image":{"value":null},"index_icon":{"value":{"description":null,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/7daeda31-2e4b-441c-ab6a-0935caa682d9/cloudbees.svg"}},"index_headline":{"value":"CloudBees"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"5fe275ae-52ba-4cd1-953d-75ae6fc235ff"},"elements":{"name":{"value":"Integrations"},"url_slug":{"value":"integrations"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Third party"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"CI/CD"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"c8750539-83f3-4bea-b8a0-76b19b5ca4ec","codename":"integrations___circleci__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"By using a Helm Chart to deploy SonarQube Server, teams can quickly provision a production-ready SonarQube Server instance with minimal configuration while adopting best practices for scalability, security, and maintainability."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/215bf6f6-4bdc-46be-a20b-d835b20b2257/SQS%20Kubernetes%20Helm%20Blog%20Post%20-%20Index-_2X.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Deploying SonarQube on Kubernetes with Helm Charts"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Server"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Languages & frameworks"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"b2136ea6-077f-4e15-94a1-011f99ae98fc","codename":"blogpost___introducing_jira_integration_for_sonarq"}},{"value":{"index_subheadline":{"value":"First party"},"index_perex":{"value":"Integrate SonarQube into your Codemagic CI/CD pipelines for mobile app development."},"index_image":{"value":null},"index_icon":{"value":{"description":null,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/dc2a4107-5539-40b5-9f3c-9a98ab97cf0a/CodeMagic.svg"}},"index_headline":{"value":"CodeMagic"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"5fe275ae-52ba-4cd1-953d-75ae6fc235ff"},"elements":{"name":{"value":"Integrations"},"url_slug":{"value":"integrations"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"First party"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"CI/CD"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"675b9dbb-4f2f-4df1-b874-e3878912f395","codename":"integrations___cloudbees__copy_"}},{"value":{"index_subheadline":{"value":"Third party"},"index_perex":{"value":"Incorporate SonarQube static code analysis into your Copado DevOps workflow for Salesforce."},"index_image":{"value":null},"index_icon":{"value":{"description":null,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/4c0ecb3e-a99d-4701-bcbc-5b3b3cf9bbdd/copado_integration_148x148.svg"}},"index_headline":{"value":"Copado"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"5fe275ae-52ba-4cd1-953d-75ae6fc235ff"},"elements":{"name":{"value":"Integrations"},"url_slug":{"value":"integrations"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Third party"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"CI/CD"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Business platforms"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"ec1e610d-fba5-44fd-ada5-d6118ce3ac35","codename":"integrations___codemagic__copy_"}},{"value":{"index_subheadline":{"value":"Sonar Certified"},"index_perex":{"value":"Ingest SonarQube data into Cortex to improve service quality and developer productivity."},"index_image":{"value":null},"index_icon":{"value":{"description":null,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/b4b910a3-4cee-4acc-b38c-b1884f064da4/cortex_integration_148x148.svg"}},"index_headline":{"value":"Cortex"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"5fe275ae-52ba-4cd1-953d-75ae6fc235ff"},"elements":{"name":{"value":"Integrations"},"url_slug":{"value":"integrations"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Sonar Certified"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Developer experience"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Observability"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"d2151567-ee1b-4386-9db2-bd7c79462709","codename":"integrations___copado__copy_"}},{"value":{"index_subheadline":{"value":"Report"},"index_perex":{"value":"In a new report, leading analyst firm IDC examines how Sonar unites code quality and security with Sonar Advanced Security."},"index_image":{"value":{"description":null,"height":746,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/ae4f552c-a417-42ef-b6c4-3706e13d49c3/idc_report_card_image.webp","width":1212}},"index_icon":{"value":null},"index_headline":{"value":"IDC report"},"index_cta":{"value":"Download report"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"4288f54f-c21e-46e1-9321-eaeefc10a1ca"},"elements":{"name":{"value":"White Papers"},"url_slug":{"value":"white-papers"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"57009f44-e556-4d39-8877-7ea6d6dc56dc","codename":"report___idc_report__gated_"}},{"value":{"index_subheadline":{"value":"First Party"},"index_perex":{"value":"Integrate SonarQube with Cursor for AI-powered code analysis and real-time feedback."},"index_image":{"value":null},"index_icon":{"value":{"description":null,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/a4c87b15-ebda-405a-b361-c3d2d5afe011/Cursor_Color.svg"}},"index_headline":{"value":"Cursor"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"5fe275ae-52ba-4cd1-953d-75ae6fc235ff"},"elements":{"name":{"value":"Integrations"},"url_slug":{"value":"integrations"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"First party"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI Agentic Software Development"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"IDE plugins"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"ecd673b9-d2b7-421a-8b6a-2e0ea34e5401","codename":"integrations___cortex__copy_"}},{"value":{"index_subheadline":{"value":"Definition and guide"},"index_perex":{"value":"Kubernetes is an open-source platform designed to automate the deployment, scaling, and management of containerized applications."},"index_image":{"value":{"description":null,"height":700,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/fd501068-d299-4db5-9694-c5e936e52edf/Kubernetes_Page%20Hero-_2X.png","width":700}},"index_icon":{"value":null},"index_headline":{"value":"Kubernetes"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Languages & frameworks"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"af74c00f-69e7-485b-8d45-52f641e11d26","codename":"audit_trailing___learn_page__copy_"}},{"value":{"index_subheadline":{"value":"Definition and guide"},"index_perex":{"value":"Audit trailing is a foundational practice in modern software development that enables organizations to maintain transparency, accountability, and compliance across all phases of the software lifecycle."},"index_image":{"value":{"description":"Sonar fixing and showing suggestions for code that is vulnerable","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/193d6dad-a45f-4dc6-b0ac-fc18bc1edae7/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Audit trailing"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Governance"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"9b793e99-79e7-43c1-9d5b-348118959788","codename":"vulnerability_management_in_software_development__"}},{"value":{"index_subheadline":{"value":"Third Party"},"index_perex":{"value":"Monitor SonarQube metrics, events, and performance within your Datadog dashboards."},"index_image":{"value":null},"index_icon":{"value":{"description":null,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/3d4a9099-60f7-4e24-b88b-c4506fd2d6c9/datadog.svg"}},"index_headline":{"value":"Datadog"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"5fe275ae-52ba-4cd1-953d-75ae6fc235ff"},"elements":{"name":{"value":"Integrations"},"url_slug":{"value":"integrations"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Third party"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Observability"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"0c2a37f9-08ec-4220-a1bd-c3d95bceb204","codename":"integrations___cursor__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"This report provides a deep dive into GPT-5’s four reasoning modes—minimal, low, medium, and high—to understand the impact of increased reasoning on functional correctness, code quality, security, and cost."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/54f1ce97-c570-4928-b41e-c5fce70a58b0/Reasoning-Impacts-LLMs__Blog%20Hero-_2X.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"How reasoning impacts LLM coding models"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"1a71aeba-baa9-4bf1-a3b8-0e824fb81664","codename":"blogpost___the_coding_personalities_of_leading_llm_1a71aeb"}},{"value":{"index_subheadline":{"value":"First Party"},"index_perex":{"value":"Integrate SonarQube's code analysis into your Devin and Windsurf AI development workflows for real-time quality and security feedback."},"index_image":{"value":null},"index_icon":{"value":{"description":null,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/4318e636-347a-4271-a5ac-773f89363730/windsurf.webp"}},"index_headline":{"value":"Devin & Windsurf"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"5fe275ae-52ba-4cd1-953d-75ae6fc235ff"},"elements":{"name":{"value":"Integrations"},"url_slug":{"value":"integrations"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"First party"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"IDE plugins"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Embedded"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI Agentic Software Development"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"bfbb638c-70a3-45ad-8bbe-e593784bfcfb","codename":"integrations___datadog__copy_"}},{"value":{"index_subheadline":{"value":"Definition and guide"},"index_perex":{"value":"Vulnerability management in software development refers to the systematic, proactive process of identifying, assessing, prioritizing, and mitigating security vulnerabilities throughout the software development lifecycle."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/feda7031-75b6-4b58-a0be-d2145fe8ef60/vulnerability-learn-page_social-landscape-1-_2X.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Vulnerability management in software development"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"09001918-090a-47ed-a098-4c4b16c452e3","codename":"platform_engineering__a_complete_guide_for_2025____0900191"}},{"value":{"index_subheadline":{"value":"Definition and guide"},"index_perex":{"value":"Platform engineering is an approach in software development that focuses on creating a robust and efficient ecosystem for developers."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/9097eee1-b865-481e-9293-7392ad407ab2/learn-page-graphic-02-index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Platform engineering: A complete guide for 2025"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Governance"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"b0c5e688-d265-49cd-af69-bdc1472ebcf7","codename":"cloud_first_software_development___learn_page__cop"}},{"value":{"index_subheadline":{"value":"Third Party"},"index_perex":{"value":"Enhance container security by correlating SonarQube code insights with Docker Scout analysis."},"index_image":{"value":null},"index_icon":{"value":{"description":null,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/fdb1bb30-7e90-4745-9905-bcad488a3aab/docker-color.svg"}},"index_headline":{"value":"Docker Scout"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"5fe275ae-52ba-4cd1-953d-75ae6fc235ff"},"elements":{"name":{"value":"Integrations"},"url_slug":{"value":"integrations"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Third party"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Security & Compliance"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"CI/CD"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"a585ce8d-0e02-4875-9bd0-8a7ff8e9953f","codename":"integrations___devin___windsurf__copy_"}},{"value":{"index_subheadline":{"value":"Third Party"},"index_perex":{"value":"Streamline compliance by connecting SonarQube to Drata for automated evidence collection."},"index_image":{"value":null},"index_icon":{"value":{"description":null,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/a56d4913-46fd-4008-ba0b-760788b6e941/drata_integration_148x148.svg"}},"index_headline":{"value":"Drata"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"5fe275ae-52ba-4cd1-953d-75ae6fc235ff"},"elements":{"name":{"value":"Integrations"},"url_slug":{"value":"integrations"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Third party"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Security & Compliance"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"4e5927a0-de15-41a9-a0b3-1d9fc85a9032","codename":"integrations___docker_scout__copy_"}},{"value":{"index_subheadline":{"value":"Third Party"},"index_perex":{"value":"Connect SonarQube to DX to enhance developer experience insights and measure code quality impact."},"index_image":{"value":null},"index_icon":{"value":{"description":null,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/66590889-3f17-4632-9926-ffc9a6a37a1b/dx_integration_148x148.svg"}},"index_headline":{"value":"DX"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"5fe275ae-52ba-4cd1-953d-75ae6fc235ff"},"elements":{"name":{"value":"Integrations"},"url_slug":{"value":"integrations"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Third party"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Developer experience"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"5a774e68-a7f3-47a6-89fd-c776adfb7043","codename":"integrations___drata__copy_"}},{"value":{"index_subheadline":{"value":"Third Party"},"index_perex":{"value":"Ingest SonarQube security data into Dynatrace for comprehensive application threat observability."},"index_image":{"value":null},"index_icon":{"value":{"description":null,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/8e107a97-2293-4411-a29f-566fcf420c66/Dynatrace_Logo_color_negative_vertical.svg"}},"index_headline":{"value":"Dynatrace"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"5fe275ae-52ba-4cd1-953d-75ae6fc235ff"},"elements":{"name":{"value":"Integrations"},"url_slug":{"value":"integrations"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Third party"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Observability"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Security & Compliance"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"07f6553b-c2cd-4ca2-a132-f078761ff76e","codename":"integrations___dx__atlassian___copy_"}},{"value":{"index_subheadline":{"value":"First Party"},"index_perex":{"value":"Find and fix issues in your code as you write it with the SonarQube for IDE plugin for Eclipse."},"index_image":{"value":null},"index_icon":{"value":{"description":"eclipse logo","url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/ceb0a95e-464a-495c-a6ab-42468d49bc2e/eclipse.svg"}},"index_headline":{"value":"Eclipse"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"5fe275ae-52ba-4cd1-953d-75ae6fc235ff"},"elements":{"name":{"value":"Integrations"},"url_slug":{"value":"integrations"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"First party"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"IDE plugins"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"65737f15-2749-45f9-930f-339c549de175","codename":"integrations___dynatrace__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Our recent “State of code” report moved beyond traditional benchmarks to understand the full mosaic of an LLM's capabilities. The research revealed that while leading models share common strengths and flaws, each has a unique style."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/468fedf5-49dd-4c45-aad0-51cac1c05cb3/sollms_deep_dive_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Diving into the 3 traits that define your LLM’s coding personality"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"ef115468-6632-48c7-a69e-864a42a81b24","codename":"blogpost___introducing_jira_integration_for_sonarq_ef11546"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"GPT-5’s arrival on the scene adds an important new dimension to the landscape, so we have updated our analysis to include it."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/620e3215-33b8-4acb-b743-7c1687aa460f/LLM-Update_GPT-5__Blog%20Hero.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"The Coding Personalities of Leading LLMs—GPT-5 Update"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"73907c15-b7c8-4b34-980a-e82794362dd1","codename":"blogpost___1_3_deep_dive_state_of_llms__copy_"}},{"value":{"index_subheadline":{"value":"First Party"},"index_perex":{"value":"Analyze your code with SonarQube through GitHub Actions and see results directly in pull requests."},"index_image":{"value":null},"index_icon":{"value":{"description":"github logo","url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/9805bd06-2e2c-45a0-9b02-f2b6bb442afa/GitHub.svg"}},"index_headline":{"value":"GitHub"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"5fe275ae-52ba-4cd1-953d-75ae6fc235ff"},"elements":{"name":{"value":"Integrations"},"url_slug":{"value":"integrations"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"First party"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"CI/CD"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Developer experience"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"5844b6f9-f8e5-4d35-93b6-71cc6eb9dca5","codename":"integrations___eclipse__copy_"}},{"value":{"index_subheadline":{"value":"First Party"},"index_perex":{"value":"Integrate SonarQube into your GitLab CI/CD pipelines and view analysis in merge requests."},"index_image":{"value":null},"index_icon":{"value":{"description":"gitlab logo","url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/64272162-db0d-4e15-a0b3-d3fad7b70ee3/GitLab.svg"}},"index_headline":{"value":"GitLab"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"5fe275ae-52ba-4cd1-953d-75ae6fc235ff"},"elements":{"name":{"value":"Integrations"},"url_slug":{"value":"integrations"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"First party"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"CI/CD"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Developer experience"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"04cc6759-b49c-43b3-b068-ff149330e10f","codename":"integrations___github__copy_"}},{"value":{"index_subheadline":{"value":"First Party"},"index_perex":{"value":"Leverage SonarQube insights and analysis directly from your Google Gemini command-line interface."},"index_image":{"value":null},"index_icon":{"value":{"description":null,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/a7f84749-eba0-44d6-9256-9c5d85b553fc/gemini_cli_color.webp"}},"index_headline":{"value":"Google Gemini CLI"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"5fe275ae-52ba-4cd1-953d-75ae6fc235ff"},"elements":{"name":{"value":"Integrations"},"url_slug":{"value":"integrations"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"First party"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI Agentic Software Development"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Developer experience"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"7bbca998-7b00-4b6c-ac01-1c5bbd6080d4","codename":"integrations___gitlab__copy_"}},{"value":{"index_subheadline":{"value":"First Party"},"index_perex":{"value":"Easily configure and run SonarQube analysis on your projects using the SonarScanner for Gradle."},"index_image":{"value":null},"index_icon":{"value":{"description":null,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/e6239e1d-1eb5-41af-937c-9305dc377967/gradle_integration_148x148.svg"}},"index_headline":{"value":"Gradle"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"5fe275ae-52ba-4cd1-953d-75ae6fc235ff"},"elements":{"name":{"value":"Integrations"},"url_slug":{"value":"integrations"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"First party"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"CI/CD"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"7033fd6c-dc06-4582-a719-3338f4ebf310","codename":"integrations___google_gemini_cli__copy_"}},{"value":{"index_subheadline":{"value":"Third Party"},"index_perex":{"value":"Integrate SonarQube into Harness STO for advanced security testing orchestration."},"index_image":{"value":null},"index_icon":{"value":{"description":null,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/a79f71f8-1054-4ba7-83ad-5f5749b4713e/harness_integration_148x148.svg"}},"index_headline":{"value":"Harness"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"5fe275ae-52ba-4cd1-953d-75ae6fc235ff"},"elements":{"name":{"value":"Integrations"},"url_slug":{"value":"integrations"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Third party"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"CI/CD"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Security & Compliance"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"8c07336e-8351-4012-892b-2ced6ba46bf3","codename":"integrations___gradle__copy_"}},{"value":{"index_subheadline":{"value":"Sonar Certified"},"index_perex":{"value":"Gain insights into engineering performance by correlating SonarQube data with Jellyfish."},"index_image":{"value":null},"index_icon":{"value":{"description":null,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/a23e53f4-890d-427f-b7c2-ae6d76ea078d/32x32-jellyfish.svg"}},"index_headline":{"value":"Jellyfish"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"5fe275ae-52ba-4cd1-953d-75ae6fc235ff"},"elements":{"name":{"value":"Integrations"},"url_slug":{"value":"integrations"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Sonar Certified"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"CI/CD"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Security & Compliance"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"e3e31838-d45f-48a7-9ce6-f2f686ccd3b6","codename":"integrations___harness__copy_"}},{"value":{"index_subheadline":{"value":"First party"},"index_perex":{"value":"Integrate SonarQube into Jenkins pipelines for powerful, automated code quality analysis."},"index_image":{"value":null},"index_icon":{"value":{"description":null,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/fdcbdec6-2953-4000-af93-6a52bcf2a04a/Jenkins.svg"}},"index_headline":{"value":"Jenkins"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"5fe275ae-52ba-4cd1-953d-75ae6fc235ff"},"elements":{"name":{"value":"Integrations"},"url_slug":{"value":"integrations"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"First party"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"CI/CD"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"6f0cd9df-51ff-4ebc-ab8e-2b2ffcd2c479","codename":"integrations___jellyfish__copy_"}},{"value":{"index_subheadline":{"value":"Manufacturing"},"index_perex":{"value":"Their primary environment consists of sprawling, multi-module Java codebases, supporting critical platforms from sales to logistics and finance."},"index_image":{"value":{"description":null,"height":4086,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/52fcc485-a9ff-4b67-8c9c-b6e4cccc541e/AdobeStock_1266577559.jpeg","width":7389}},"index_icon":{"value":null},"index_headline":{"value":"Global luxury car manufacturer"},"index_cta":{"value":"Read more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"0a4f1a31-9a41-4ee9-b452-5deb1bfd1e47"},"elements":{"name":{"value":"Customer Stories"},"url_slug":{"value":"customer-stories"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Region"}}}},"name":{"value":"Europe"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Product"}}}},"name":{"value":"Advanced Security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Industry"}}}},"name":{"value":"Manufacturing"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"0da9c3dd-3857-417a-8393-15a0c71f4c55","codename":"customer_story___porsche_informatik"}},{"value":{"index_subheadline":{"value":"First party"},"index_perex":{"value":"Get on-the-fly feedback on your C and C++ code in CLion with the SonarQube for IDE plugin."},"index_image":{"value":null},"index_icon":{"value":{"description":null,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/ce66d2ce-a6c1-4d64-b970-0a211594a015/CLion.svg"}},"index_headline":{"value":"JetBrains CLion"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"5fe275ae-52ba-4cd1-953d-75ae6fc235ff"},"elements":{"name":{"value":"Integrations"},"url_slug":{"value":"integrations"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"First party"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"IDE plugins"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Embedded"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"4968148d-3a3a-48ae-8807-4d52f3bc7aa9","codename":"integrations___jenkins__copy_"}},{"value":{"index_subheadline":{"value":"First party"},"index_perex":{"value":"Write cleaner Java, Kotlin, and more with real-time SonarQube for IDE feedback in IntelliJ IDEA."},"index_image":{"value":null},"index_icon":{"value":{"description":null,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/b56cf532-fbaf-4626-bf98-8f3e4224cf50/IntellaJ.svg"}},"index_headline":{"value":"JetBrains IntelliJ"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"5fe275ae-52ba-4cd1-953d-75ae6fc235ff"},"elements":{"name":{"value":"Integrations"},"url_slug":{"value":"integrations"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"First party"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"IDE plugins"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"e515aa2b-ca81-42d2-ac7d-18e640429607","codename":"integrations___jetbrains_clion__copy_"}},{"value":{"index_subheadline":{"value":"First party"},"index_perex":{"value":"Improve your Python code quality directly within PyCharm using the SonarQube for IDE plugin."},"index_image":{"value":null},"index_icon":{"value":{"description":null,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/2acf56ce-b66a-4206-8293-640c076d1bdb/PyCharm.svg"}},"index_headline":{"value":"JetBrains PyCharm"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"5fe275ae-52ba-4cd1-953d-75ae6fc235ff"},"elements":{"name":{"value":"Integrations"},"url_slug":{"value":"integrations"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"First party"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"IDE plugins"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"49ce9f64-d07e-41b8-b977-12874b8270b5","codename":"integrations___jetbrains_intellij__copy_"}},{"value":{"index_subheadline":{"value":"Sonar Certified"},"index_perex":{"value":"Integrate SonarQube with the JFrog Platform for a complete DevSecOps solution from code to production."},"index_image":{"value":null},"index_icon":{"value":{"description":null,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/b3d4c4c0-0bdf-445b-b6e4-7fb6c058fedc/jfrog-svgrepo-com.svg"}},"index_headline":{"value":"JFrog"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"5fe275ae-52ba-4cd1-953d-75ae6fc235ff"},"elements":{"name":{"value":"Integrations"},"url_slug":{"value":"integrations"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Sonar Certified"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"CI/CD"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Security & Compliance"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"5737d1cd-6f58-4709-9812-d73622137ce7","codename":"integrations___jetbrains_pycharm__copy_"}},{"value":{"index_subheadline":{"value":"Third Party"},"index_perex":{"value":"Integrate SonarQube with gitstream by LinearB for powerful code workflow automation."},"index_image":{"value":null},"index_icon":{"value":{"description":null,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/9d3da81a-4909-4396-8a0a-fbd2978813f0/linearb_integration_148x148.svg"}},"index_headline":{"value":"LinearB"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"5fe275ae-52ba-4cd1-953d-75ae6fc235ff"},"elements":{"name":{"value":"Integrations"},"url_slug":{"value":"integrations"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Third party"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Developer experience"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"a82ec1e5-80f8-4b0d-a397-bc10a2571f04","codename":"integrations___jfrog__copy_"}},{"value":{"index_subheadline":{"value":"First Party"},"index_perex":{"value":"Analyze .NET projects using the SonarScanner for .NET with MSBuild and the dotnet CLI."},"index_image":{"value":null},"index_icon":{"value":{"description":null,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/d6e517a1-b990-4678-9a19-74c365c07d24/Microsoft.svg"}},"index_headline":{"value":"Microsoft MSBuild and dotnet"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"5fe275ae-52ba-4cd1-953d-75ae6fc235ff"},"elements":{"name":{"value":"Integrations"},"url_slug":{"value":"integrations"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"First party"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"CI/CD"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"78204e2b-7dad-430b-bcc6-41abcfd07b66","codename":"integrations___linearb__copy_"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"Code smells are warning signs in your code that hint at deeper issues.  These aren't errors and the code will still work, but they can make future development harder and increase the risk of bugs."},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Code smells: developer's guide"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"682edef5-e350-4421-9853-878e0b1d28a6","codename":"integrating_sonarcloud_with_github__learn_article__682edef"}},{"value":{"index_subheadline":{"value":"First Party"},"index_perex":{"value":"See SonarQube for IDE issues in real-time and manage them directly within Visual Studio."},"index_image":{"value":null},"index_icon":{"value":{"description":"visual studio logo","url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/993b1cbe-564b-4c0a-a030-5e38eb533c76/Visual-Studio.svg"}},"index_headline":{"value":"Microsoft Visual Studio"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"5fe275ae-52ba-4cd1-953d-75ae6fc235ff"},"elements":{"name":{"value":"Integrations"},"url_slug":{"value":"integrations"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"First party"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"IDE plugins"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"1f8aaf2f-09bb-49dd-a26a-d4197c4bd8b4","codename":"integrations___microsoft_msbuild_and_dotnet__copy_"}},{"value":{"index_subheadline":{"value":"First Party"},"index_perex":{"value":"Analyze your code on the fly in Visual Studio Code with the powerful SonarQube in IDE extension."},"index_image":{"value":null},"index_icon":{"value":{"description":null,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/f34fd33e-6729-4677-a779-05288b3c5d92/VS-Code_Color.svg"}},"index_headline":{"value":"Microsoft VS Code"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"5fe275ae-52ba-4cd1-953d-75ae6fc235ff"},"elements":{"name":{"value":"Integrations"},"url_slug":{"value":"integrations"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"First party"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"IDE plugins"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"8292519a-b7e1-4f20-8409-eb60144be744","codename":"integrations___microsoft_visual_studio__copy__8292519"}},{"value":{"index_subheadline":{"value":"Press Release"},"index_perex":{"value":"Study also identifies distinct coding “personalities” behind Anthropic's Claude Sonnet 4 and 3.7, OpenAI's GPT-4o, Meta's Llama-3.2-vision:90b, and the open-source OpenCoder-8B"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/f3723f3b-2ec6-4017-8349-b5c2a924108d/soc_llm_personalities_pr_hero_image.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Study finds shared strengths and common challenges across popular LLMs"},"index_cta":{"value":"Learn More"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"1afea4e1-e61f-485b-8a1b-49a9d96e8724"},"elements":{"name":{"value":"Press Releases"},"url_slug":{"value":"press-releases"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"1d947992-bc7c-4ed9-ad7c-b8a2d3423243","codename":"press_release___sonar_achieves_aws_devops_competen"}},{"value":{"index_subheadline":{"value":"Third Party"},"index_perex":{"value":"Apply SonarQube analysis to your MuleSoft projects to ensure API and integration quality."},"index_image":{"value":null},"index_icon":{"value":{"description":null,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/ad05f9eb-3d06-43d9-be00-dda50e32ee35/MuleSoft.svg"}},"index_headline":{"value":"MuleSoft"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"5fe275ae-52ba-4cd1-953d-75ae6fc235ff"},"elements":{"name":{"value":"Integrations"},"url_slug":{"value":"integrations"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Third party"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"CI/CD"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Business platforms"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"008d5942-b2e1-4a0f-9e55-ee5959788c55","codename":"integrations___microsoft_visual_studio__copy_"}},{"value":{"index_subheadline":{"value":"Research Report"},"index_perex":{"value":"Sonar analyzed code from five leading LLMs to reveal their true coding personalities. Discover which models create high-quality code—and which introduce critical risks into your codebase."},"index_image":{"value":{"description":"the llm personalities  image","height":746,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/4ad9d84d-4048-4db7-a98e-a7b59c9c7800/soc_llm_personalities_card_image_2x.webp","width":1212}},"index_icon":{"value":null},"index_headline":{"value":"The Coding Personalities of Leading LLMs"},"index_cta":{"value":"Download report"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"4288f54f-c21e-46e1-9321-eaeefc10a1ca"},"elements":{"name":{"value":"White Papers"},"url_slug":{"value":"white-papers"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"4f7649b6-aed7-45e4-a9d9-7cbd90982a03","codename":"guide___the_state_of_code__languages_report__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Make smarter AI adoption decisions with Sonar's latest report in The State of Code series. Explore the habits, blind spots, and archetypes of the top five LLMs to uncover the critical risks each brings to your codebase."},"index_image":{"value":{"description":"the llm personalities  image","height":746,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/4ad9d84d-4048-4db7-a98e-a7b59c9c7800/soc_llm_personalities_card_image_2x.webp","width":1212}},"index_icon":{"value":null},"index_headline":{"value":"The Coding Personalities of Leading LLMs"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"8ea9bf20-b867-4f8f-8cd2-cd3860017993","codename":"blogpost___cyber_resilience_act__copy__8ea9bf2"}},{"value":{"index_subheadline":{"value":"First Party"},"index_perex":{"value":"Seamlessly analyze your JavaScript and TypeScript projects managed with NPM."},"index_image":{"value":null},"index_icon":{"value":{"description":null,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/f42baac5-b53b-45ae-a2b7-883e6bd9b5bb/npm-svgrepo-com.svg"}},"index_headline":{"value":"NPM"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"5fe275ae-52ba-4cd1-953d-75ae6fc235ff"},"elements":{"name":{"value":"Integrations"},"url_slug":{"value":"integrations"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"First party"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"CI/CD"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"1b824de0-c140-48ec-9f8b-e1ac7431a278","codename":"integrations___mulesoft__copy_"}},{"value":{"index_subheadline":{"value":"Third Party"},"index_perex":{"value":"Gain insights into your software development lifecycle by tracking SonarQube code quality metrics with Oobeya."},"index_image":{"value":null},"index_icon":{"value":{"description":null,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/d0555d67-f06b-4551-b2c7-d9e59bef6766/oobeya_integration_32x32.svg"}},"index_headline":{"value":"Oobeya"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"5fe275ae-52ba-4cd1-953d-75ae6fc235ff"},"elements":{"name":{"value":"Integrations"},"url_slug":{"value":"integrations"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Third party"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Developer experience"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"10d6f2da-7ec9-49a0-a5c7-a380707c5884","codename":"integrations___npm__copy__10d6f2d"}},{"value":{"index_subheadline":{"value":"Sonar Certified"},"index_perex":{"value":"Connect GitHub PRs with Sonar analysis using Port to build a complete software catalog."},"index_image":{"value":null},"index_icon":{"value":{"description":null,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/d2845f70-aac6-4649-93e5-40b80db1b942/port_integration_148x148.svg"}},"index_headline":{"value":"Port"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"5fe275ae-52ba-4cd1-953d-75ae6fc235ff"},"elements":{"name":{"value":"Integrations"},"url_slug":{"value":"integrations"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Sonar Certified"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Developer experience"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"a2e53fbf-c6dc-4c8d-ad31-47d07539f5a2","codename":"integrations___npm__copy_"}},{"value":{"index_subheadline":{"value":"Definition and guide"},"index_perex":{"value":"Cloud-first software development refers to a strategic approach where the design, development, and deployment of software applications prioritize the use of cloud computing resources and services from the start. "},"index_image":{"value":{"description":"Sonar fixing and showing suggestions for code that is vulnerable","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/193d6dad-a45f-4dc6-b0ac-fc18bc1edae7/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Cloud-first in software development"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Cloud"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"05af4c24-fd48-4ca4-85ba-2ccb383987ae","codename":"how_to_integrate_sonarqube_with_windsurf_ide___lea_05af4c2"}},{"value":{"index_subheadline":{"value":"Setup guide"},"index_perex":{"value":"This guide will show you how to install the SonarQube for IDE plugin and connect it to SonarQube Cloud. Similar steps can be used for connecting to SonarQube Server."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/034de09f-ceb4-4ed6-a7f3-88fe3f43ba3b/sonarqube_windsurf_integration_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"How to integrate SonarQube with Windsurf IDE"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"How-to guide"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube for IDE"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Partner integrations"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"b61cc391-c519-4396-bb17-66651799803a","codename":"how_to_integrate_sonarqube_for_ide_and_github_copi_b61cc39"}},{"value":{"index_subheadline":{"value":"Report"},"index_perex":{"value":"This 451 Research report explores software development in the AI era, highlighting Sonar's developer-first approach."},"index_image":{"value":{"description":null,"height":746,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/851e24d5-85bf-4010-9c8a-2957bc907bec/451%20Report_Card%20Image.png","width":1212}},"index_icon":{"value":null},"index_headline":{"value":"451 Research report"},"index_cta":{"value":"Download report"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"4288f54f-c21e-46e1-9321-eaeefc10a1ca"},"elements":{"name":{"value":"White Papers"},"url_slug":{"value":"white-papers"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"e2d6a5ae-3621-4911-8ce3-e4e4c6ebc8c8","codename":"report___451_research_report"}},{"value":{"index_subheadline":{"value":"First Party"},"index_perex":{"value":"Analyze your Python projects and dependencies with SonarQube for better code health."},"index_image":{"value":null},"index_icon":{"value":{"description":"python logo","url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/04d375b2-e3d7-4591-ad77-a83f2c01bd36/python.svg"}},"index_headline":{"value":"Python (PyPI)"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"5fe275ae-52ba-4cd1-953d-75ae6fc235ff"},"elements":{"name":{"value":"Integrations"},"url_slug":{"value":"integrations"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"First party"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"CI/CD"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"4111535d-5090-4712-a6a5-60928ef6af21","codename":"integrations___port__copy_"}},{"value":{"index_subheadline":{"value":"Third Party"},"index_perex":{"value":"Add SonarQube code quality and security scans to your SAP CI/CD and development pipelines."},"index_image":{"value":null},"index_icon":{"value":{"description":null,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/643c6541-b004-4ba2-8bb9-02165d221b92/sap_integration_148x148.svg"}},"index_headline":{"value":"SAP"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"5fe275ae-52ba-4cd1-953d-75ae6fc235ff"},"elements":{"name":{"value":"Integrations"},"url_slug":{"value":"integrations"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Third party"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"CI/CD"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Business platforms"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"6d615fb3-e7db-43ff-8be1-aa9c82352f3d","codename":"integrations___python__pypi___copy_"}},{"value":{"index_subheadline":{"value":"Third Party"},"index_perex":{"value":"Integrate SonarQube with ServiceNow DevOps for enhanced visibility and governance."},"index_image":{"value":null},"index_icon":{"value":{"description":null,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/9ae9a093-a2aa-4b9d-9bb1-3d18b107c662/servicenow_integration_148x148.svg"}},"index_headline":{"value":"ServiceNow"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"5fe275ae-52ba-4cd1-953d-75ae6fc235ff"},"elements":{"name":{"value":"Integrations"},"url_slug":{"value":"integrations"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Third party"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Business platforms"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"e1b02f4a-2f80-4445-8977-6b0bf20d3958","codename":"integrations___sap__copy_"}},{"value":{"index_subheadline":{"value":"First Party"},"index_perex":{"value":"Receive SonarQube quality gate status and analysis notifications directly in your Slack channels."},"index_image":{"value":null},"index_icon":{"value":{"description":null,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/95b093a7-45fe-4465-9b19-83a74f99d714/Slack.svg"}},"index_headline":{"value":"Slack"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"5fe275ae-52ba-4cd1-953d-75ae6fc235ff"},"elements":{"name":{"value":"Integrations"},"url_slug":{"value":"integrations"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"First party"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Business platforms"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"f0fc7d30-3134-4ce5-a59c-2383f65c82e9","codename":"integrations___servicenow__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Take a deep dive into some vulnerabilities in Go applications and understand how SonarQube Cloud helps developers detect and mitigate them during the development cycle."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/38920f29-5e63-4b68-b383-c74a8a9e0a10/memo_vulnerabilities_blog_header.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Securing Go Applications With SonarQube: Real-World Examples"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Languages & frameworks"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"be46805c-2679-4c44-bd99-2caadd364161","codename":"blogpost___securing_go_applications_with_sonarqube"}},{"value":{"index_subheadline":{"value":"First Party"},"index_perex":{"value":"Integrate SonarQube code analysis into your build process on Travis CI."},"index_image":{"value":null},"index_icon":{"value":{"description":"travis cl logo","url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/129923a3-4774-4cb4-8b0a-9cf708150e2f/Travis%20CI.svg"}},"index_headline":{"value":"Travis CI"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"5fe275ae-52ba-4cd1-953d-75ae6fc235ff"},"elements":{"name":{"value":"Integrations"},"url_slug":{"value":"integrations"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"First party"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"CI/CD"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"17517b8d-b2b5-471b-b6db-8873c2960c29","codename":"integrations___slack__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"As development velocity accelerates, so does the potential for introducing subtle bugs and new security vulnerabilities."},"index_image":{"value":{"description":null,"height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/fbbfea9c-f826-4c54-8791-0103e9da2fa5/sq_ide_support_native_ai_ides_blog_square.webp","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"SonarQube IDE: Announcing support for AI-Native IDEs "},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube for IDE"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"f66378e2-3d75-4997-a8cb-9442cdb684b2","codename":"blogpost___announcing_support_for_ai_native_ides"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Version 24 version introduces several new language features which collectively simplify code, and provide powerful tools for bytecode manipulation and advanced stream processing."},"index_image":{"value":{"description":null,"height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/7a9187b7-eb06-4f92-91d8-cd755a9ba3aa/java_24_blog_square.webp","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"Java24: Go deeper on parsing Java class files and broader with Stream gatherers"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Languages & frameworks"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"ae1a4e9a-c5fd-4c5b-9e30-421567d9af84","codename":"blogpost___java_23__embrace_the_new_era_of_code_co"}},{"value":{"index_subheadline":{"value":"First Party"},"index_perex":{"value":"Get real-time code quality and security feedback from SonarQube for IDE within the Zed code editor."},"index_image":{"value":null},"index_icon":{"value":{"description":null,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/ba9a5f46-c223-4699-8948-1698fdc8f1b6/zed_integration_148x148.svg"}},"index_headline":{"value":"Zed"},"index_cta":{"value":"Learn more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"5fe275ae-52ba-4cd1-953d-75ae6fc235ff"},"elements":{"name":{"value":"Integrations"},"url_slug":{"value":"integrations"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"First party"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"IDE plugins"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"7ab45ca7-89db-4640-87bb-6d3c2f143c52","codename":"integrations___travis_ci__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"The White House's \"America's AI Action Plan\" aims to accelerate innovation, but for software development, speed must not compromise security. Nathan Jones, VP of Public Sector at Sonar, explores the recently published plan, risks of AI-generated code, and explains how static analysis tools help ensure AI adoption is both fast and secure."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/d437149f-ea01-474b-a67a-0d29e7dbc9ef/us_ai_action_plan_blog_header_2x.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Sonar's Take: Software Development Under America's AI Action Plan"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Governance"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"c4c06453-7d2d-45ec-9be1-9594dcdaf9f8","codename":"blogpost___how_sonar_helps_achieve_a_strong_soc_2_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Our new 2025.4 LTA release empowers developers with significant advancements to enhance code quality, security, and efficiency across multiple languages for your projects and while using open-source code."},"index_image":{"value":{"description":null,"height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/abd6bc2a-f5ae-4776-aa7d-c86307981469/sq%20server_2025.4_blog-square%402x.png","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"SonarQube Server 2025.4 LTA : Faster analysis, stronger security, better coverage"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Server"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"07fcf743-8bd4-4812-b84c-003e0d6d8402","codename":"blogpost___sonarqube_server_2025_release_3_announc_07fcf74"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"AI CodeFix seamlessly integrates AI-driven code fix suggestions into your development workflow with no additional cost for eligible SonarQube subscriptions."},"index_image":{"value":{"description":null,"height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/49d1e195-2880-4daf-970f-5ed841a392fe/AI-Code-Fix_blog-square%402x.png","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"AI CodeFix is now generally available"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Server"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"104fae85-65f1-417d-9e19-d2c3b0f4515e","codename":"blogpost___cyber_resilience_act__copy_"}},{"value":{"index_subheadline":{"value":"Setup guide"},"index_perex":{"value":"By pairing Copilot’s speed with SonarQube’s rigorous code reviews directly within the Visual Studio Code editor, development teams can create a workflow that is both highly productive and robustly secure."},"index_image":{"value":{"description":null,"height":700,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/01128666-232d-4699-b99c-046654e7b8f5/SonarQube-Githuib-CoPilot-Visual-Studio%402x.png","width":700}},"index_icon":{"value":null},"index_headline":{"value":"How to integrate SonarQube for IDE and GitHub Copilot in Visual Studio Code"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"How-to guide"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube for IDE"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Partner integrations"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"401fdb24-6147-4305-a8f1-fda39ebf3b5a","codename":"how_to_integrate_sonarqube_for_ide_and_github_copi"}},{"value":{"index_subheadline":{"value":"eBook"},"index_perex":{"value":"Dive into the seven critical habits that enable developers and leaders to achieve smarter, more confident, and ultimately, safely adopt AI in software development."},"index_image":{"value":{"description":null,"height":746,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/78538822-e547-4031-bc57-4e0aaf1112a0/7-habits-ebook_Card%20Image.png","width":1212}},"index_icon":{"value":null},"index_headline":{"value":"7 habits of highly effective AI coding"},"index_cta":{"value":"Download eBook"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"4288f54f-c21e-46e1-9321-eaeefc10a1ca"},"elements":{"name":{"value":"White Papers"},"url_slug":{"value":"white-papers"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"9a15b400-f377-4442-91f1-35a77162f25b","codename":"sem___7_habits_of_highly_effective_ai_coding___ebo"}},{"value":{"index_subheadline":{"value":"Report"},"index_perex":{"value":"This 451 Research report explores software development in the AI era, highlighting Sonar's developer-first approach."},"index_image":{"value":{"description":null,"height":746,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/851e24d5-85bf-4010-9c8a-2957bc907bec/451%20Report_Card%20Image.png","width":1212}},"index_icon":{"value":null},"index_headline":{"value":"451 Research report"},"index_cta":{"value":"Download report"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"4288f54f-c21e-46e1-9321-eaeefc10a1ca"},"elements":{"name":{"value":"White Papers"},"url_slug":{"value":"white-papers"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"16ca123e-1992-4049-b452-740c5b952e6d","codename":"sem___report___451_research_report__gated_"}},{"value":{"index_subheadline":{"value":"Report"},"index_perex":{"value":"Make smarter AI adoption decisions with Sonar's latest report in The State of Code series. Explore the habits, blind spots, and archetypes of the top five LLMs to uncover the critical risks each brings to your codebase."},"index_image":{"value":{"description":"the llm personalities  image","height":746,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/4ad9d84d-4048-4db7-a98e-a7b59c9c7800/soc_llm_personalities_card_image_2x.webp","width":1212}},"index_icon":{"value":null},"index_headline":{"value":"The Coding Personalities of Leading LLMs"},"index_cta":{"value":"Download report"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"4288f54f-c21e-46e1-9321-eaeefc10a1ca"},"elements":{"name":{"value":"White Papers"},"url_slug":{"value":"white-papers"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"3bd8a208-4862-45f3-abca-10f40041d1da","codename":"sem___report___451_research_report__gated___copy_"}},{"value":{"index_subheadline":{"value":"eBook"},"index_perex":{"value":"Dive into the seven critical habits that enable developers and leaders to achieve smarter, more confident, and ultimately, safely adopt AI in software development."},"index_image":{"value":{"description":null,"height":746,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/78538822-e547-4031-bc57-4e0aaf1112a0/7-habits-ebook_Card%20Image.png","width":1212}},"index_icon":{"value":null},"index_headline":{"value":"7 habits of highly effective AI coding"},"index_cta":{"value":"Download eBook"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"4288f54f-c21e-46e1-9321-eaeefc10a1ca"},"elements":{"name":{"value":"White Papers"},"url_slug":{"value":"white-papers"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"d280eca8-bef6-4eaf-837a-a5ba812680a9","codename":"white_paper_post___sonarqube_for_federal_agencies_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Modern software development is caught between two powerful forces. On one hand, generative artificial intelligence (AI) coding tools are supercharging development velocity at the expense of rigorous security review."},"index_image":{"value":{"description":null,"height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/2307770e-a3fa-432b-ada5-24ef2173401f/CRA_Blog-Landscape_Square%402x.png","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"Cyber Resilience Act: Navigating speed and security with AI-coding"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Governance"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code compliance"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"4de4c63e-fe10-4378-a86b-1ed1eda3c863","codename":"blogpost___cyber_resilience_act"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We’ve covered Java 22, and are now getting into Java 23, which introduces several new language features. We’ll focus on enhancing documentation, and how to leverage the new features with simple examples."},"index_image":{"value":{"description":null,"height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/35c5e0d8-eaa8-48b1-8616-cfc9f66adf27/java_23_blog_square.webp","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"Java 23: Embrace the new era of code comments"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Languages & frameworks"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"b68b7f9f-f74c-43cb-9480-59ba2a1abda0","codename":"blogpost___java_22__leverage_unnamed_variables_and"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"The State of Code report analyzes 7.9B lines of code, revealing top security risks like log injection and XSS and how to fix them."},"index_image":{"value":{"description":null,"height":746,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/3fc39368-90ff-43d7-a39a-4cf0c1c214e3/State%20of%20Code-Languages_Card%20Image%402x.png","width":1212}},"index_icon":{"value":null},"index_headline":{"value":"What's the top bug in your language? Find out in The State of Code: Languages report"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Languages & frameworks"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"c14899e6-f4e6-47ca-9b68-d24d89ebe2d5","codename":"blogpost___what_s_the_top_bug_in_your_language__fi"}},{"value":{"index_subheadline":{"value":"Developer's guide"},"index_perex":{"value":"Sonar’s fourth report in The State of Code series provides a data-driven look into the most common issues found in today’s top programming languages."},"index_image":{"value":{"description":null,"height":746,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/f1cb48d4-02e3-451f-b5bf-5be19e7549e3/State%20of%20Code-Languages_Card%20Image%402x.png","width":1212}},"index_icon":{"value":null},"index_headline":{"value":"The State of Code: Languages report"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"4288f54f-c21e-46e1-9321-eaeefc10a1ca"},"elements":{"name":{"value":"White Papers"},"url_slug":{"value":"white-papers"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"4c5d20ef-8348-4bbd-910a-26aeefa1f184","codename":"guide___the_state_of_code__languages_report"}},{"value":{"index_subheadline":{"value":"Developer’s Guide"},"index_perex":{"value":"Sonar’s fourth report in The State of Code series provides a data-driven look into the most common issues found in today’s top programming languages."},"index_image":{"value":{"description":null,"height":746,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/3fc39368-90ff-43d7-a39a-4cf0c1c214e3/State%20of%20Code-Languages_Card%20Image%402x.png","width":1212}},"index_icon":{"value":null},"index_headline":{"value":"The State of Code: Languages report"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"4288f54f-c21e-46e1-9321-eaeefc10a1ca"},"elements":{"name":{"value":"White Papers"},"url_slug":{"value":"white-papers"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"46bd4efc-8295-4c02-ad46-b2db570522fe","codename":"sem___guide___the_state_of_code__languages_report"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"An SOC 2 Type II report is a critical attestation for service organizations, demonstrating their commitment to securely managing customer data over time. Learn how SonarQube can streamline your SOC 2 compliance journey!"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/08d6d7de-3fc9-445e-a1dc-7d442b63ed4e/soc_2_type_ii_blog_header.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"How Sonar Helps Achieve a Strong SOC 2 Type II Report"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Governance"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code compliance"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"23a5dc69-bf0e-4667-9512-06328f1cd8d5","codename":"blogpost___solving_the_engineering_productivity_pa"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"This guide will walk through how to deploy SonarQube Server Enterprise on a Kubernetes cluster using Terraform."},"index_image":{"value":{"description":null,"height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/fe0e02f2-054d-4bd2-993d-df85f909c160/Kubertnetes%20and%20Terraform_blog-featured_2x.png","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"Deploy SonarQube Server on Kubernetes with Terraform"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Languages & frameworks"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Server"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"1f4529b1-48f4-403b-8fd4-c065082fb365","codename":"blogpost___deploying_sonarqube_on_kubernetes_with_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"This case highlights an issue where configuration files were manipulated through hidden Unicode characters, which is a vector now commonly referred to as the \"Rules File Backdoor\"."},"index_image":{"value":{"description":null,"height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/05b1023b-2cef-4a02-8523-19e538eeaafa/unicode_characters_with_sonarqube_blog_square.webp","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"Protecting your AI code: How SonarQube defends against the \"Rules File Backdoor\""},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"2d4c74c5-12ec-4f9e-917b-7c6e1826215a","codename":"blogpost___tame_technical_debt_with_insights_from__2d4c74c"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Java 22 introduces several new language features but there’s one particularly important. This article shows you how to leverage the Unnamed variables and patterns with simple examples."},"index_image":{"value":{"description":null,"height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/32d2eb5d-442f-4c73-8f93-83b0ddb352ae/java_22_blog_square.webp","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"Java 22: Leverage unnamed variables and patterns"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Languages & frameworks"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"0a6522cf-0de0-48b6-81f2-4797ca5afa02","codename":"blogpost___securing_kotlin_apps_with_sonarqube__re_0a6522c"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"The financial services industry stands at a critical juncture. With the Digital Operational Resilience Act (DORA) now fully in effect across the European Union, financial institutions must demonstrate robust cybersecurity and operational resilience capabilities."},"index_image":{"value":{"description":null,"height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/7930be4f-5ad4-43b2-9240-826dbfd013f8/sonarqube_dora_compliance_blog_square.webp","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"How SonarQube enables DORA compliance for financial institutions"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Governance"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code compliance"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"23f32c68-79ea-4245-8921-9d06c68fb478","codename":"blogpost___the_biggest_security_risks_unveiled_in_"}},{"value":{"index_subheadline":{"value":"Developer’s Guide"},"index_perex":{"value":"Sonar’s third report in The State of Code series provides a data-driven look into the maintainability practices and pitfalls found across 7.9 billion lines of code from over 970,000 developers who trust Sonar for analysis."},"index_image":{"value":{"description":null,"height":746,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/73eab82b-80d3-418a-8145-db5e41629df1/State%20of%20Code-Maintainability_Card%20Image%402x.png","width":1212}},"index_icon":{"value":null},"index_headline":{"value":"The State of Code: Maintainability report"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"4288f54f-c21e-46e1-9321-eaeefc10a1ca"},"elements":{"name":{"value":"White Papers"},"url_slug":{"value":"white-papers"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"2e85cebf-3605-4fba-8543-5d4bdda3b2de","codename":"guide___the_state_of_code__security_report__copy_"}},{"value":{"index_subheadline":{"value":"Developer’s Guide"},"index_perex":{"value":"Sonar’s third report in The State of Code series provides a data-driven look into the maintainability practices and pitfalls found across 7.9 billion lines of code from over 970,000 developers who trust Sonar for analysis."},"index_image":{"value":{"description":null,"height":746,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/73eab82b-80d3-418a-8145-db5e41629df1/State%20of%20Code-Maintainability_Card%20Image%402x.png","width":1212}},"index_icon":{"value":null},"index_headline":{"value":"The State of Code: Maintainability report"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"4288f54f-c21e-46e1-9321-eaeefc10a1ca"},"elements":{"name":{"value":"White Papers"},"url_slug":{"value":"white-papers"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"e3f8108d-7198-41c4-974f-3ff30997ed31","codename":"sem___guide___the_state_of_code__security_report__"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Tame technical debt with insights from The State of Code: Maintainability report"},"index_image":{"value":{"description":null,"height":746,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/73eab82b-80d3-418a-8145-db5e41629df1/State%20of%20Code-Maintainability_Card%20Image%402x.png","width":1212}},"index_icon":{"value":null},"index_headline":{"value":"Tame technical debt with insights from The State of Code: Maintainability report"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Governance"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"58c0a76f-64db-4cbf-a745-6d3ecb9e09bf","codename":"blogpost___tame_technical_debt_with_insights_from_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Explore how real-world vulnerabilities look in the Kotlin code of Android apps and see how SonarQube helps detect them."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/6683c152-ad09-4b9e-8834-56874c24fb9f/kotlin_vulnerabilities_blog_header.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Securing Kotlin Apps With SonarQube: Real-World Examples"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Languages & frameworks"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"c6a670a2-c7b7-41ed-85ac-c93c1c9652d6","codename":"blogpost___securing_kotlin_apps_with_sonarqube__re"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"The State of Code report analyzes 7.9B lines of code, revealing top security risks like log injection and XSS and how to fix them."},"index_image":{"value":{"description":null,"height":746,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/6cdc311a-48f1-4678-8c15-6a3da3401c12/State%20of%20Code-Security_Card%20Image.png","width":1212}},"index_icon":{"value":null},"index_headline":{"value":"The biggest security risks unveiled in The State of Code: Security report"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Vulnerability research"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"6f8ca200-f175-4a2e-8362-2a2caadc24e3","codename":"blogpost___the_state_of_code__introducing_sonar_s__6f8ca20"}},{"value":{"index_subheadline":{"value":"Developer’s Guide"},"index_perex":{"value":"Sonar’s second report in The State of Code series provides a data-driven look into the practices and pitfalls found across 7.9 billion lines of code from over 970,000 developers who trust Sonar for analysis."},"index_image":{"value":{"description":null,"height":746,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/6cdc311a-48f1-4678-8c15-6a3da3401c12/State%20of%20Code-Security_Card%20Image.png","width":1212}},"index_icon":{"value":null},"index_headline":{"value":"The State of Code: Security report"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"4288f54f-c21e-46e1-9321-eaeefc10a1ca"},"elements":{"name":{"value":"White Papers"},"url_slug":{"value":"white-papers"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"ed598790-6987-41d0-a8c5-e807b0a83049","codename":"guide___the_state_of_code__reliability_report__cop"}},{"value":{"index_subheadline":{"value":"Software"},"index_perex":{"value":"Wolters Kluwer's Tax and Accounting division, operating across multiple European countries, faced critical challenges in maintaining consistent code quality and security standards."},"index_image":{"value":{"description":null,"height":1440,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/96e9a54c-678a-4ff0-96fb-fcef68f0c6af/Penguin_square%20big%402x.jpg","width":1440}},"index_icon":{"value":null},"index_headline":{"value":"Wolters Kluwer"},"index_cta":{"value":"Read more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"0a4f1a31-9a41-4ee9-b452-5deb1bfd1e47"},"elements":{"name":{"value":"Customer Stories"},"url_slug":{"value":"customer-stories"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Industry"}}}},"name":{"value":"Software"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Region"}}}},"name":{"value":"Europe"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Product"}}}},"name":{"value":"SonarQube Server"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"015195d1-d0fa-43e8-9d72-b4b9b947616a","codename":"customer_story___agence_de_numerique_en_sante__cop"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"In the last blog of this series, we will focus back on FortiClient and learn how the inner workings of this application work, and what crucial mistake happened that led to us uncovering a local privilege escalation vulnerability. "},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/11f84997-29f2-4287-83f7-61c158e19a16/caught_in_the_fortinet_compromise_3_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Caught in the FortiNet: How Attackers Can Exploit FortiClient to Compromise Organizations (3/3)"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Vulnerability research"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"481384e1-5039-455d-be85-3bc9c7f128d9","codename":"blogpost___caught_in_the_fortinet__how_attackers_c_481384e"}},{"value":{"index_subheadline":{"value":"Developer’s Guide"},"index_perex":{"value":"AI is transforming development, but are you getting real velocity? Despite AI generating 30%+ of new code at companies like Google, productivity gains are often minimal."},"index_image":{"value":{"description":null,"height":746,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/23fd36e8-d9d3-4a71-9217-2606a2c8279f/7%20Habits_Card%20Image%402x.png","width":1212}},"index_icon":{"value":null},"index_headline":{"value":"7 habits of highly effective AI coding"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"4288f54f-c21e-46e1-9321-eaeefc10a1ca"},"elements":{"name":{"value":"White Papers"},"url_slug":{"value":"white-papers"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"a778aa3b-11b9-4968-bbf8-2804fcce8655","codename":"guide___7_habits_of_highly_effective_ai_coding"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Sonar's new report series analyzes 7.9B lines of code to reveal the most common issues and how to fix them."},"index_image":{"value":{"description":null,"height":746,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/f1fd9289-f77f-40f1-8f84-bbc01e08da47/State%20of%20Code-Reliability_Card%20Image%402x.png","width":1212}},"index_icon":{"value":null},"index_headline":{"value":"The State of Code: Introducing Sonar’s new code quality report series"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"9c7ef774-5d11-40fa-9ba2-0d5a7200a02e","codename":"blogpost___the_state_of_code__introducing_sonar_s_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"What does a Support Engineer do and how could it ever be interesting? In our first \"Day in the Life\" series, Support Engineer Joe Tingsanchali shares what it's like in this role and what he's learned. "},"index_image":{"value":{"description":null,"height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/1647c7ba-ec47-4973-b0e9-3d3bf8015c84/support_engineer_day_in_the_life_blog_square.webp","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"Day in the Life: What Being a Sonar Support Engineer Looks Like"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Company news"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"1b4010d2-4043-4021-bda2-e40a55875a12","codename":"blogpost___the_power_of_clean_code__copy_"}},{"value":{"index_subheadline":{"value":"Developer’s Guide"},"index_perex":{"value":"Sonar’s first report in its State of Code series provides a data-driven look into the practices and pitfalls found across 7.9 billion lines of code from over 970,000 developers who trust Sonar for analysis."},"index_image":{"value":{"description":null,"height":746,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/269a625b-3c68-42e7-bc59-b3a3bcc78c7d/State%20of%20Code-Reliability_Card%20Image%402x.png","width":1212}},"index_icon":{"value":null},"index_headline":{"value":"The State of Code: Reliability report"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"4288f54f-c21e-46e1-9321-eaeefc10a1ca"},"elements":{"name":{"value":"White Papers"},"url_slug":{"value":"white-papers"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"a07844ca-b7e7-45b7-bc7c-a7b8f65b23a8","codename":"guide___the_state_of_code__reliability_report"}},{"value":{"index_subheadline":{"value":"Developer’s Guide"},"index_perex":{"value":"Sonar’s first report in its State of Code series provides a data-driven look into the practices and pitfalls found across 7.9 billion lines of code from over 970,000 developers who trust Sonar for analysis."},"index_image":{"value":{"description":null,"height":674,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/21c01df6-a294-4d6f-b87e-e8db9508299a/State%20of%20Code-Reliability_LDP%20Image%402x.jpg","width":1280}},"index_icon":{"value":null},"index_headline":{"value":"The State of Code: Reliability report"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"4288f54f-c21e-46e1-9321-eaeefc10a1ca"},"elements":{"name":{"value":"White Papers"},"url_slug":{"value":"white-papers"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"002f4f3c-754b-431e-b2a4-2d933d43982f","codename":"sem___guide___the_state_of_code__reliability_repor"}},{"value":{"index_subheadline":{"value":"Developer’s Guide"},"index_perex":{"value":"Sonar’s second report in The State of Code series provides a data-driven look into the practices and pitfalls found across 7.9 billion lines of code from over 970,000 developers who trust Sonar for analysis."},"index_image":{"value":{"description":null,"height":746,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/6cdc311a-48f1-4678-8c15-6a3da3401c12/State%20of%20Code-Security_Card%20Image.png","width":1212}},"index_icon":{"value":null},"index_headline":{"value":"The State of Code: Security report"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"4288f54f-c21e-46e1-9321-eaeefc10a1ca"},"elements":{"name":{"value":"White Papers"},"url_slug":{"value":"white-papers"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"21b0c184-9618-42c4-bac4-9e2842318fc9","codename":"sem___guide___the_state_of_code__security_report"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We recently discovered critical vulnerabilities in Fortinet’s endpoint protection solution that enable attackers to fully compromise organizations with minimal user interaction. In this second article, we will cover how attackers can use the compromised endpoint to achieve lateral movement within an organization."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/172dc709-f6f0-433e-bff7-56358b7ae0d3/caught_in_the_fortinet_compromise_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Caught in the FortiNet: How Attackers Can Exploit FortiClient to Compromise Organizations (2/3)"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Vulnerability research"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"274da77f-a8a2-49c7-9c40-0ed7302081cb","codename":"blogpost___caught_in_the_fortinet__how_attackers_c_274da77"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We recently discovered critical vulnerabilities in Fortinet’s endpoint protection solution that enable attackers to fully compromise organizations with minimal user interaction. In the first post of the series, we will see how attackers can get the first foothold within an organization."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/c1184eb6-e039-43b3-9958-bb37e931fe43/caught_in_the_fortinet_1_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Caught in the FortiNet: How Attackers Can Exploit FortiClient to Compromise Organizations (1/3)"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Vulnerability research"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"f1a90fbc-142e-462c-aa39-6e4717040595","codename":"blogpost___caught_in_the_fortinet__how_attackers_c"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"There's a huge focus on speeding up code production using tools like GitHub Copilot, Cursor, and others. And the results are honestly stunning, but increasingly, the bottleneck popping up is in the code review phase. Sonar CEO, Tariq Shaukat, shares how AI-generated code absolutely must be reviewed before it's merged into your codebase, and how SonarQube can help. "},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/3b5e883b-53f8-466e-9817-cd161a5134b6/Engineering%20Productivity%20Paradox_Landscape_blog-header%402x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Solving the Engineering Productivity Paradox"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"2facd7da-8f0e-4b8a-a4b4-fcc9029fbd51","codename":"blogpost___seven_habits_of_highly_effective_ai_cod"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"This post details how we cut the file storage cost on SonarQube Cloud by 90 percent while extracting 3.4 TB of data from a relational database to a more suitable storage option."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/421711b5-1329-4ae7-a901-fb24bc60ebd2/File%20Storage%20for%20SQA_Landscape_blog-header.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"From database burden to cloud efficiency: Sonar's journey to faster processing & lower costs"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Cloud"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Company news"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"d2ac5ce3-e8a3-496a-812a-c3a66f05b4ef","codename":"blogpost___sonar_s_journey_to_faster_processing___"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Can a simple dash character introduce a security risk? Discover how SQL line comments can open the door to unexpected injection vulnerabilities in several PostgreSQL client libraries!"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/ea023d19-b35a-43a6-9306-3e030ba28b82/Double%20Dash%2C%20Double%20Trouble_Landscape_blog-header.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Double Dash, Double Trouble: A Subtle SQL Injection Flaw"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Vulnerability research"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"c23db009-6d1a-40ff-b8da-4fa1a6bb184a","codename":"blogpost___double_dash__double_trouble__a_subtle_s"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"SonarQube Server 2025 Release 3 unifies your tooling for code quality and code security with GA for Advanced Security (SCA & advanced SAST), Kotlin SAST support, more secrets detection, end of Early Access for AI CodeFix, expanded compliance (MISRA, CWE, OWASP Mobile), enhanced language coverage (Rust, Java, PySpark) and extended architectural protection."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/2a41b84c-f47c-4721-bdf5-0196ed91f5b0/SonarQube%20Server%202025%20Release%203%20Announcement_Landscape_Blog-Header%402x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"SonarQube Server 2025 Release 3 Announcement"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Company news"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Server"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"4d3e3f91-0ff3-442e-b880-3d81fd307fdd","codename":"blogpost___sonarqube_server_2025_release_2_announc"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"At Sonar we strive to provide the tools to help you to create the highest quality code possible. One of the biggest quality challenges is to find the bugs related to how your application is executed. SonarQube's advanced bug detection does just that."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/35de27a8-24fb-4c7a-b53a-c87081dde641/Advanced%20Bug%20Detection_Landscape_blog-header.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Advances in SonarQube's Bug Detection"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Server"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"acd31e4a-bbab-4635-af2c-dacfd9b329db","codename":"blogpost___sonarqube_server_2025_release_3_announc"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We are excited to share that the G2 Spring 2025 reports were recently released, and once again, Sonar has been named the LEADER in Static Code Analysis! "},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/813eb898-7763-4633-902c-f11782e7b5db/g2_grid_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Sonar Named Leader in G2 Spring Report"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Company news"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"db2b113d-03fc-43f8-a84d-5efe6233896c","codename":"blogpost___sonar_named_leader_in_g2_spring_report"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"To maximize the benefits of your SonarQube Cloud Team Plan trial, it's essential to approach your free 14 days with a clear plan. Discover helpful tips to learn more about the product and get familiar with SonarQube Cloud Team Plan capabilities. "},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/6c985418-e09e-4ac9-8bc9-4264ff7fd1de/9%20Steps%20for%20SQ%20Cloud%20Trial_blog-index.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"9 Steps to a Successful SonarQube Cloud Team Plan Trial"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"0d7ad92a-0541-49a6-81ae-e483973e6e2b","codename":"blogpost___shifting_right_for_secure_platforms_and_0d7ad92"}},{"value":{"index_subheadline":{"value":"Definition and guide"},"index_perex":{"value":"Legacy code is inherited source code from previous projects or earlier software versions that continues to play a critical role in an organization’s daily operations, often functioning on outdated technologies or platforms. Such codebases are frequently difficult to maintain and improve due to factors like insufficient documentation, use of obsolete programming languages, and complex or monolithic structures. "},"index_image":{"value":{"description":"Sonar fixing and showing suggestions for code that is vulnerable","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/193d6dad-a45f-4dc6-b0ac-fc18bc1edae7/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"What is legacy code? "},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"e1b199ff-3e5d-43f5-9995-c1f9f5b504a0","codename":"why_sonarqube_is_the_best_sast_tool_available_for_"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"SonarQube stands out as the top Static Application Security Testing (SAST) tool for developers by enabling the early detection of security vulnerabilities and code quality issues. Its comprehensive features are designed to ensure robust, high-quality, and secure code throughout the software development lifecycle, making SonarQube the best choice for teams focused on reliable code security and maintainability."},"index_image":{"value":{"description":"Sonar fixing and showing suggestions for code that is vulnerable","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/193d6dad-a45f-4dc6-b0ac-fc18bc1edae7/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Why SonarQube is the Best SAST Tool Available for Developers"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"d017296d-50b0-4ecf-9e56-4bb4b024e374","codename":"vibe_coding___learn_page__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Continuing on API client security, we cover more sandbox bypasses, this time in Bruno and Hoppscotch, as well as JavaScript sandboxing best practices."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/68083fb7-73aa-4f01-a766-ad78eda785e6/Scripting%20Outside%20the%20Box%202_blog-index.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Scripting Outside the Box: API Client Security Risks (2/2)"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Vulnerability research"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"2a0eb37e-6cb4-4f8f-9645-ee5e6df6749a","codename":"blogpost___scripting_outside_the_box__api_client_s_2a0eb37"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"This article explores why this shift is happening and how it affects development teams and software quality."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/804e67ea-e045-4e06-94c8-544810904f68/Strategic%20Shift%20to%20AI-Native%20IDEs_social-landscape.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"The Strategic Shift to AI-Native IDEs: Vibe, then verify"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"04ccd90d-f836-4e15-928c-3c6ddad4cdc3","codename":"the_strategic_shift_to_ai_native_ides__vibe__then_"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"AI is transforming how we code, especially for massive company systems. Using AI responsibly—through automatic reviews and mandatory unit tests for AI-generated code—brings big benefits to your large codebases."},"index_image":{"value":{"description":null,"height":1260,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/d5014acc-0e15-47a3-b592-5fa400409ba0/7-Habits_Meta-Image%402x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"7 Habits of highly effective AI coding"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"335f6b2b-7dee-495d-90f9-e71274558a2e","codename":"n7_habits_of_highly_effective_ai_coding___learn_pa"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"With the release of two new Artificial Intelligence (AI) policies, The White House has provided  clear direction for federal agencies regarding how to embrace AI to improve efficiency, effectiveness, and overall service delivery."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/61b6571a-a66b-406a-b4d4-242062b28af6/White%20House%20AI%20Policy_blog-index%20%281%29.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"7 Guidelines for Federal Agencies Adopting AI for Software Development"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Governance"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code compliance"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"c7d46794-76cd-4c85-a2f2-61b833e0cbf8","codename":"blogpost___7_guidelines_for_federal_agencies_adopt"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Discover hidden risks in API testing tools like Postman and Insomnia. We dive into scripting vulnerabilities and explore JavaScript sandbox security pitfalls."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/9d78efd8-7274-469a-a05a-4f529c5dc5fd/Client%20Security%20Risks_blog-index.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Scripting Outside the Box: API Client Security Risks (1/2)"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Vulnerability research"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"940c3f93-1aec-4121-ac2f-c2fd94de6900","codename":"blogpost___scripting_outside_the_box__api_client_s"}},{"value":{"index_subheadline":{"value":"Developer’s Guide"},"index_perex":{"value":"This guide will explore the key requirements of each memorandum and show how SonarQube delivers practical, actionable solutions for federal agencies using AI in their code development processes."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/036c32d4-6c60-47ef-96e5-6d3b5dffc915/White%20House%20AI%20Policy_blog-index.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"SonarQube for Federal Agencies: A Guide to Complying with AI Policies in Code Development"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"4288f54f-c21e-46e1-9321-eaeefc10a1ca"},"elements":{"name":{"value":"White Papers"},"url_slug":{"value":"white-papers"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"eb432b90-d7d4-420d-aafd-28f53a27f5aa","codename":"white_paper_post___deep_dive_into_ai_agents_for_so_eb432b9"}},{"value":{"index_subheadline":{"value":"Setup guide"},"index_perex":{"value":"Using the SonarQube IDE extension with Connected Mode in coding editors like Visual Studio Code (VS Code) gives you real-time info about your code's quality, security risks, and vulnerabilities as you type, including suggestions from AI-written code."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/8c27cfd6-6077-40f2-aa3c-bc0d9985130f/Setting%20up%20SQ%20IDE%20for%20VS%20Code%20AI_social-landscape.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Setting up SonarQube IDE Extension for VS Code & apply AI CodeFix"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"How-to guide"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube for IDE"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Partner integrations"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"e81aea3a-1c49-42f9-b70c-4afaafc3cd1e","codename":"setting_up_sq_ide_plug_in_for_cursor___learn_page__e81aea3"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"We'll discuss how to build LLM integrations that aren’t limited to a single provider, giving businesses the freedom to choose the best tools for their needs."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/7fc3ef2b-57d1-495d-a892-fca94b87fa07/LLM%20Deployment%20Choice_social-landscape.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"LLM Deployment Choice: Public, Private, or Hybrid?"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"6c860a75-2835-4b7d-a956-c48313e40c74","codename":"llm_deployment_choice___learn_page"}},{"value":{"index_subheadline":{"value":"Definition and guide"},"index_perex":{"value":"This guide will explore the key requirements of each memorandum and show how SonarQube delivers practical, actionable solutions for federal agencies using AI in their code development processes."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/61b6571a-a66b-406a-b4d4-242062b28af6/White%20House%20AI%20Policy_blog-index%20%281%29.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"SonarQube for Federal Agencies"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"3077b754-9281-4cca-95df-f72ee28a2f5f","codename":"llm_deployment_choice___learn_page__copy__3077b75"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Massive codebases can hugely benefit from developers using AI coding tools, but they must be harnessed in a responsible way. Sonar CEO, Tariq Shaukat, shares what coding \"habits\" organizations should adopt."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/1bd0b9ad-f3c8-46bd-b278-a7ac8d3d155b/seven%20habits_blog-index-2.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Seven Habits of Highly Effective AI Coding"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"050389d7-93d2-4cfb-80f1-48aed82fe5ba","codename":"blogpost___sonarqube_server_wins_devies_award__cop"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Learn how SonarQube detected a Cross-Site Scripting (XSS) vulnerability in Grafana, a popular open-source data observability platform."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/bce99396-2a51-4fdd-85bb-151bf7af1c3d/Data%20in%20Danger_blog-index.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Data in Danger: Detecting Cross-Site Scripting in Grafana"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Vulnerability research"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"baf35a43-e1ab-4c77-914c-2431caa7b798","codename":"blogpost___data_in_danger__detecting_cross_site_sc"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"Enhance your developer workflow and improve project transparency with SonarQube README badges."},"index_image":{"value":{"description":null,"height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/aa5e8021-0f1a-4549-bec4-1c26b8d72895/SQ%20Readme%20Badges_blog-feature.png","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"SonarQube README Badges: Level Up Your Software Project Visibility"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Cloud"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"a9bcfad3-058d-4046-83eb-4cda8b56bf7b","codename":"increasing_development_velocity_with_generative_ai_a9bcfad"}},{"value":{"index_subheadline":{"value":"Public sector"},"index_perex":{"value":"ANS seamlessly integrated SonarQube into their development workflow, using GitLab for source code management and Jenkins for continuous integration."},"index_image":{"value":{"description":null,"height":400,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/6d289a45-5664-4eba-b6ab-732be4dce4c7/ANS_card%402x.jpg","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Agence Du Numérique En Santé"},"index_cta":{"value":"Read more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"0a4f1a31-9a41-4ee9-b452-5deb1bfd1e47"},"elements":{"name":{"value":"Customer Stories"},"url_slug":{"value":"customer-stories"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Product"}}}},"name":{"value":"SonarQube Server"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Region"}}}},"name":{"value":"Europe"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Industry"}}}},"name":{"value":"Public sector"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"7809563e-4ab8-49f9-801a-58b4b52e0fc3","codename":"customer_story___thales__copy__7809563"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"The popularity of the Rust programming language is growing. Rustaceans have been asking for SonarQube to support Rust and now it's here!"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/bf290995-18d3-4b26-9805-a3e2a848882a/rust%20language_landscape-index.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Introducing support for Rust in SonarQube"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Server"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Languages & frameworks"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"a84a939b-380f-43ca-917e-976e3e63ba4e","codename":"blogpost___asp_net_core_web_apps__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"MISRA coding guidelines are a standard for automotive and other safety critical systems. SonarQube helps C++ developers deliver MISRA C++:2023 compliant apps with MISRA Compliance Early Access available in SonarQube Server Enterprise and Data Center."},"index_image":{"value":{"description":null,"height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/9ddd0700-5d93-49d6-aa91-571ffe60b56e/MISRA%20Compliance_blog-feature.png","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"MISRA C++:2023 Compliance for Auto Safety and Reliability"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Governance"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code compliance"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"c48011a0-0122-4baa-b880-19556c54e940","codename":"blogpost___introducing_architecture_as_code__copy_"}},{"value":{"index_subheadline":{"value":"Press Release"},"index_perex":{"value":"AWS recognizes Sonar’s DevOps expertise, enabling developers to unlock actionable code intelligence to continuously improve quality and security"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/3117631a-dd70-45f6-a52c-d6fdfb0828bd/aws_devops_services_competency_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Sonar Achieves AWS DevOps Competency Partner Status"},"index_cta":{"value":"Learn More"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"1afea4e1-e61f-485b-8a1b-49a9d96e8724"},"elements":{"name":{"value":"Press Releases"},"url_slug":{"value":"press-releases"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"6f50c766-8222-4ce1-8bd6-830ad078173a","codename":"press_release___sonarqube_advanced_security__copy_"}},{"value":{"index_subheadline":{"value":"Definition and guide"},"index_perex":{"value":"Vibe coding is an innovative programming methodology that leverages AI tools to translate verbal descriptions into functional code, enabling users to develop applications without traditional coding skills or extensive technical knowledge. "},"index_image":{"value":{"description":"Sonar fixing and showing suggestions for code that is vulnerable","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/193d6dad-a45f-4dc6-b0ac-fc18bc1edae7/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Vibe Coding"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"0ba1098e-f55e-4594-aab0-dd88288263a3","codename":"setting_up_sq_ide_plug_in_for_cursor___learn_page_"}},{"value":{"index_subheadline":{"value":"Setup guide"},"index_perex":{"value":"As development teams start using these IDEs, it’s more important than ever to focus on creating software that is reliable, secure, and easy to maintain."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/b6ee406f-6026-4f16-8a51-d213f4bf92b3/SQ%20IDE%20Cursor%20AI%20Code%20Editor_social-landscape.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Setting up SQ IDE Plug-in for Cursor"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"How-to guide"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube for IDE"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Partner integrations"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"046255c6-f00e-4471-a72e-320ef6c9e346","codename":"setting_up_sq_ide_plug_in_for_cursor___learn_page"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"AI CodeFix scans your code, identifies issues, and suggests fixes, all while seamlessly integrating into your development environment."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/c9e4094d-8a91-4125-afac-9baead43084f/intro_to_ai_codefix_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Introduction to AI CodeFix"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"314857eb-9d85-4d2a-bd0d-5f752e19bdae","codename":"introduction_to_ai_codefix___learn_page"}},{"value":{"index_subheadline":{"value":"Setup guide"},"index_perex":{"value":"This article explores the practicalities of using AI CodeFix with SonarQube Cloud, demonstrating how to select the LLM engine. We'll walk through how to configure Claude Sonnet 3.5 for your organization, and provide feedback to continuously improve the process."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/dc723671-c934-4485-8038-64695b4f679e/sq_cloud_ai_code_fix_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Enabling Anthropic Claude 3.5 Sonnet for AI CodeFix"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"How-to guide"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"70bc8674-2617-4098-8a40-99248499bed3","codename":"enabling_anthropic_claude_3_5_sonnet_for_ai_codefi"}},{"value":{"index_subheadline":{"value":"Developer’s Guide"},"index_perex":{"value":"At the heart of modern technology, there's a growing presence of intelligent systems known as AI agents. But what exactly are they?"},"index_image":{"value":{"description":null,"height":1110,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/0e812079-232f-4282-b1df-ac9ffa29b3f5/Deep%20dive%20into%20ai%20agents-whitepaper.png","width":1974}},"index_icon":{"value":null},"index_headline":{"value":"Deep Dive into AI Agents for Software Dev Guide"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"4288f54f-c21e-46e1-9321-eaeefc10a1ca"},"elements":{"name":{"value":"White Papers"},"url_slug":{"value":"white-papers"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"0b55e3a5-060a-4d1c-a361-f971403344aa","codename":"white_paper_post___deep_dive_into_ai_agents_for_so"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"SonarQube has introduced new rules to improve code quality and enforce best practices in Spring Framework applications. These rules focus on various aspects of Spring development, including event handling, scheduling, data and MVC, caching, dependency injection, and testing."},"index_image":{"value":{"description":null,"height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/863d3d5c-b4dc-4e8f-90a3-3a1730b94513/New%20Spring%20framework%20rules_Blog-featured-3.png","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"New Spring framework rules in SonarQube"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Languages & frameworks"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"ab0861ad-91f9-44d4-b596-18b366ad1be4","codename":"blogpost___new_spring_rules_2025_02"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"The new SonarQube Server 2025 Release 2 contains significant enhancements across code quality, code security, and issue remediation with AI CodeFix. Read on to learn more about these great new capabilities.\n"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/fd1c91ad-9f9b-420f-b6cc-6d6b9cdeef1b/release_2025_2_whats_new_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"SonarQube Server 2025 Release 2 Announcement"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Server"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Company news"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"79305b31-bfe9-47d9-9d4f-3c0098975550","codename":"blogpost___sonarqube_server_2025_1_lta_release_ann"}},{"value":{"index_subheadline":{"value":"Setup guide"},"index_perex":{"value":"Debugging felt like solving a riddle without all the clues. Fast forward to today, and we live in a world where AI tools like AI CodeFix are rewriting the rules of software development. These tools promise to take the frustration out of debugging and empower developers to focus on building innovative solutions."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/e9056291-8d70-4eaf-a0ac-6cacfad9b251/azure_openai_ai_code_fix_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Enable Azure OpenAI Instance for AI CodeFix"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"How-to guide"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"d707c8b4-aaca-4649-8088-3f71dddd3cdf","codename":"enable_azure_openai_instance_for_ai_codefix___lear"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"In this second part, we delve into JumpServer's code execution vulnerabilities we discovered, and understand their root causes. Learn the importance of threat modeling and adherence to best practices can safeguard your own applications."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/6b38f6ba-9c5a-409f-aa5f-524e74a94cad/jumpserver_02_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Diving Into JumpServer: Attacker’s Gateway to Internal Networks (2/2)"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Vulnerability research"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"5457fde8-2e21-4253-ae05-5e59b82e9c8c","codename":"blogpost___diving_into_jumpserver__attacker_s_gate_5457fde"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Bastion host offers a centralized point of access and control to an internal network, but what happens when this gateway itself is compromised? In this blog series, we will dive into vulnerabilities we found in JumpServer."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/0eeac4a5-4cd6-49dc-b5ad-1302f83432a0/jumpserver_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Diving Into JumpServer: Attacker’s Gateway to Internal Networks (1/2)"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Vulnerability research"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"11ea85ca-dc26-49f9-929a-e3e62cb6a0d4","codename":"blogpost___diving_into_jumpserver__attacker_s_gate"}},{"value":{"index_subheadline":{"value":"Press Release"},"index_perex":{"value":"Industry-leading, integrated code quality and code security solution now includes Software Composition Analysis (SCA) and covers first-party, AI-generated, and third-party open source code"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/8b080417-2419-4a4c-88e2-6ce486ead20b/sonarqube_advanced_security_PR_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Sonar Extends Code Security Coverage with SonarQube Advanced Security"},"index_cta":{"value":"Learn More"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"1afea4e1-e61f-485b-8a1b-49a9d96e8724"},"elements":{"name":{"value":"Press Releases"},"url_slug":{"value":"press-releases"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"b22c9021-0178-4d97-8b80-d0097b9e2db1","codename":"press_release___sonar_appoints_new_cfo___clo__copy"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"SonarQube Advanced Security includes Software Composition Analysis (SCA) and advanced Static Application Security Testing (SAST) extending SonarQube's core security capability."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/27bcf7b2-79b6-4305-8a8d-3765009009ff/sonarqube_advanced_security_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Announcing SonarQube Advanced Security"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Server"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"3bfc8d9b-d4b5-41d0-b7e5-63db09236b99","codename":"blogpost___dependency_management_and_your_software_3bfc8d9"}},{"value":{"index_subheadline":{"value":"Press Release"},"index_perex":{"value":"Respective experiences of both leaders in scaling fast-growing technology companies to benefit Sonar in the expansion of its global footprint and impact"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/c95060fd-8f1c-44d8-b01a-a281e16baccb/CFO%20%26%20CLO%20Press%20Release_Blog-landscape3.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Sonar Appoints Jean Compeau as Chief Financial Officer and Eyal Ben David as Chief Legal Officer"},"index_cta":{"value":"Learn More"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"1afea4e1-e61f-485b-8a1b-49a9d96e8724"},"elements":{"name":{"value":"Press Releases"},"url_slug":{"value":"press-releases"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"1a99cbc6-ddc0-4fd4-8145-9bcadc2f9a94","codename":"press_release___sonar_acquires_autocoderover__copy"}},{"value":{"index_subheadline":{"value":"Developer’s Guide"},"index_perex":{"value":"The integration of artificial intelligence (AI) into software development has propelled the industry into a new era of promises for speed and innovation."},"index_image":{"value":{"description":null,"height":1090,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/974fac65-d59e-4a43-8d42-36989f045288/protect-ai-generated-code-quality.png","width":1740}},"index_icon":{"value":null},"index_headline":{"value":"How to Protect AI-Generated Code Quality"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"4288f54f-c21e-46e1-9321-eaeefc10a1ca"},"elements":{"name":{"value":"White Papers"},"url_slug":{"value":"white-papers"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"e8546899-2b96-4734-b0c5-0ad692b62539","codename":"white_paper_post___how_to_protect_ai_generated_cod"}},{"value":{"index_subheadline":{"value":"Developer’s Guide"},"index_perex":{"value":"Using SonarQube for IDE with SonarQube Server or SonarQube Cloud helps you follow the best practices laid out in the NIST SSDF to meet code security requirements."},"index_image":{"value":{"description":null,"height":746,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/2273254a-fb69-4305-96e7-6f8662f190b1/nist_pdf_index.webp","width":1212}},"index_icon":{"value":null},"index_headline":{"value":"Sonar: a powerful ally in meeting NIST SSDF code security requirements"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"4288f54f-c21e-46e1-9321-eaeefc10a1ca"},"elements":{"name":{"value":"White Papers"},"url_slug":{"value":"white-papers"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"33f9b2cc-e148-4a91-a5f5-c8701b210273","codename":"white_paper_post___sonar__a_powerful_ally_in_meeti"}},{"value":{"index_subheadline":{"value":"Developer’s Guide"},"index_perex":{"value":"Imagine agents powered by advanced neural networks, moving beyond simple task automation to become genuine collaborators in software development."},"index_image":{"value":{"description":null,"height":1328,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/dcda6700-c16b-4906-b1f1-6a696b5a4a4d/algorithmic-ai-agents-wp.png","width":2088}},"index_icon":{"value":null},"index_headline":{"value":"The algorithmic reformation: AI agents are rewriting the SDLC playbook"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"4288f54f-c21e-46e1-9321-eaeefc10a1ca"},"elements":{"name":{"value":"White Papers"},"url_slug":{"value":"white-papers"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"42107253-9f28-4462-a33d-cb2eddb5e6c4","codename":"white_paper_post___the_algorithmic_reformation_gui"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We discovered a vulnerability in Cyberhaven's browser extension that allowed attackers to steal arbitrary cookies from their victims."},"index_image":{"value":{"description":null,"height":628,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/f6bc34d3-0156-479b-8970-c2d8cc987961/Cyberhaven%20cookie%20stealing_blog-index.png","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"Beware the Cookie Monster: Cyberhaven Extension Vulnerability Allowed Cookie Theft"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Vulnerability research"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"137504b1-01fe-468b-88c8-eb6f56580b52","codename":"blogpost___beware_the_cookie_monster__cyberhaven_e"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"SonarQube Cloud Free tier offers more features that make it a viable alternative to SonarQube Community Build, including pull request analysis, enhanced security, and support for more programming languages. It also provides a maintenance-free experience and seamless DevOps integration. Read on to find out more."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/2099b74a-a9fb-41eb-b055-8247b1031927/SQC%20Benefits_blog-index.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"8 Reasons to Try SonarQube Free Tier"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Server"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Cloud"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"19a5ef24-fe67-47b3-ac7a-5c312b1759f2","codename":"blogpost___8_reasons_to_try_sonarqube_free_tier"}},{"value":{"index_subheadline":{"value":"Developer’s Guide"},"index_perex":{"value":"This guide focuses on the application of Large Language Models (LLMs) specifically used for code generation and not their use in other domains."},"index_image":{"value":{"description":null,"height":1696,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/185370aa-d2e0-4837-8adf-c330b43e3ab1/dev-guide-ai-software-dev.png","width":2752}},"index_icon":{"value":null},"index_headline":{"value":"A Developer’s Guide to AI-assisted Software Development"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"4288f54f-c21e-46e1-9321-eaeefc10a1ca"},"elements":{"name":{"value":"White Papers"},"url_slug":{"value":"white-papers"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"02c33fb0-42e0-4770-8dff-889172ae027e","codename":"white_paper_post___a_developer_s_guide_to_ai_assis"}},{"value":{"index_subheadline":{"value":"Press Release"},"index_perex":{"value":"Acquisition to amplify the impact of developers and AI agents together to build better, faster "},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/dd86fe84-d299-4391-8d95-6ae145a45d9b/acr_press_release_blog_landscape.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Sonar Acquires AutoCodeRover to Supercharge Developers with AI Agents"},"index_cta":{"value":"Learn More"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"1afea4e1-e61f-485b-8a1b-49a9d96e8724"},"elements":{"name":{"value":"Press Releases"},"url_slug":{"value":"press-releases"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"953ce9f2-b947-47b2-a206-78bb5280ab10","codename":"press_release___sonar_achieves_soc_2_type_ii_compl"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"SonarQube Server has been honored with a 2025 DEVIES Award, recognizing its commitment to delivering a top-tier code quality and security solution for developers and organizations worldwide. "},"index_image":{"value":{"description":null,"height":628,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/93f72ed0-874e-4a5c-8a95-c2297ff7fdee/DEVIES%20Award_blog-index.png","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"SonarQube Server Wins DEVIES Award for Code Testing & Quality Management"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Company news"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"411a28f5-3eed-410b-9c10-715f6ed213a1","codename":"blogpost___auto_detect___review_github_copilot_cod"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Sonar can help you keep your AI-generated code from GitHub Copilot up to snuff - here’s how! "},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/e6e1a82d-5588-401f-b461-0d051ec59889/auto_detection_github_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Auto-Detect and Review AI-Generated Code from GitHub Copilot"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"b18bcd8f-c9e4-41ff-8f83-a873ef58f04b","codename":"blogpost___sonar_earns_soc_2_type_ii_compliance__c"}},{"value":{"index_subheadline":{"value":"Press Release"},"index_perex":{"value":"Milestone highlights company’s commitment to safeguarding user data and delivering secure, reliable solutions for millions of developers worldwide"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/a9f9ca2e-c8f0-4b33-94da-14d0ab4790ad/soc_2_type_ii_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Sonar Achieves SOC 2 Type II Compliance"},"index_cta":{"value":"Learn More"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"1afea4e1-e61f-485b-8a1b-49a9d96e8724"},"elements":{"name":{"value":"Press Releases"},"url_slug":{"value":"press-releases"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"e26dc551-9134-4e37-bd62-025c32d64dc1","codename":"press_release___sonarqube_server_2025_1_lta__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Sonar achieves SOC 2 Type II compliance, reflecting its dedication to protecting customer data and ensuring the integrity of its operations now and in the future. "},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/6f376b0b-418b-4edc-8373-0a2522f896e0/soc_2_type_ii_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Sonar Earns SOC 2 Type II Compliance"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Governance"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"618e7268-99db-424b-959f-eec5f0d2d6ed","codename":"blogpost___software_and_ai_in_2025__copy__618e726"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"What does the future of software development look like? Sonar's Harry Wang, VP of Growth & New Ventures, shares his expert insights. "},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/9c49ee0a-74bc-4192-a478-8068b630acd9/ai%20revolution_blog-index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"The AI Revolution in Software Development: A New Era for Developers"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Company news"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"1c1223d0-fdcb-4dd8-97d5-ce7662d03e73","codename":"blogpost___software_and_ai_in_2025__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"A new Long-Term Active (LTA) version of SonarQube Server represents a significant amount of work. Since the last LTA release (version 9.9 in February 2023), thousands of development tickets have been merged into SonarQube Server and its underlying components. This includes new features, improvements to existing functionalities, and bug fixes."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/84899cbf-2fa7-4bc3-910f-7f41359c8614/9_more_reasons_to_upgrade_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"9 More Reasons to Upgrade to SonarQube Server 2025.1 LTA"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Server"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"f8233ab4-fba0-460d-8b95-d4d37cfa9293","codename":"blogpost___9_more_reasons_to_upgrade_to_sonarqube__f8233ab"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Team Code reviews are essential to the development process. They ensure that the code meets the required standards before being merged into the main branch. Tools like SonarQube are key to making the reviews productive and valuable."},"index_image":{"value":{"description":null,"height":628,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/1f0546dd-c24e-4670-aa74-87d2bde01afa/Enhancing%20Code%20Reviews_blog-index.png","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"Enhancing Team Code Reviews with AI-Generated Code"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"dcfd1ed4-4d60-4ffd-9c76-02c85d30304e","codename":"blogpost___enhancing_team_code_reviews_with_ai_gen"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"SonarQube Cloud detected an arbitrary file upload in Voyager, tracked as CVE-2024-55417. When combined with other vulnerabilities our research team found, attackers can execute arbitrary code on the server if an authenticated user clicks on a link."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/48205ef7-d320-4bfd-8189-347899151b94/The%20Tainted%20Voyage_landscape-index.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"The Tainted Voyage: Uncovering Voyager's Vulnerabilities"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Vulnerability research"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"3496036a-f296-4966-b40b-9016ae0f6f45","codename":"blogpost___the_tainted_voyage__uncovering_voyager_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"The new SonarQube Server LTA release is as value-packed as ever. Look forward to high-impact AI capabilities, more secure code at every angle, supercharged developer productivity, and even better enterprise and operational capabilities. As always, there's something for everyone with the LTA!\n"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/0fbfcf02-dc88-4363-af1f-266bd828aa34/LTA_Blog%20Index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"SonarQube Server 2025.1 LTA Release Announcement"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Server"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Company news"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"7b8a96f3-bdbf-4773-885d-dc2a7141d4ab","codename":"blogpost___sonarqube_server_10_8_release_announcem"}},{"value":{"index_subheadline":{"value":"Press Release"},"index_perex":{"value":"Sonar delivers powerful AI capabilities, sophisticated security improvements, and streamlined developer productivity"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/4a9255ea-4c14-4662-9901-9e2f7a23ff21/lta_pr_index_1200x628.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Sonar Supercharges Developers with SonarQube Server LTA Release"},"index_cta":{"value":"Learn More"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"1afea4e1-e61f-485b-8a1b-49a9d96e8724"},"elements":{"name":{"value":"Press Releases"},"url_slug":{"value":"press-releases"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"eb0890eb-efab-4b19-902f-c994ffb020c1","codename":"press_release___sonar_welcomes_tidelift__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Reviewing the enhancements delivered by the SonarQube for IDE team for developers during 2024. Focusing on streamlining the UX for teams, harnessing the power of SonarQube Server and Cloud through connected mode into your IDE, and making it even easier to focus on new code."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/df2679b4-3cb6-43e6-913a-2b19a3727b71/sq_ide_2024_highlights_landscape_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"SonarQube for IDE: Our journey this year, and sneak peek into 2025"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube for IDE"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"c8fc7a11-ea66-4250-8074-ca4b33e6f37c","codename":"blogpost___new_sonarqube_free_tier__copy__c8fc7a1"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Our Vulnerability Research team looks back at a great year and summarizes the highlights of 2024."},"index_image":{"value":{"description":null,"height":2400,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/a1f38bdc-15bd-4852-aa89-218ca4a8502d/vulnerability_research_highlights_2024_blog_featured.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Vulnerability Research Highlights 2024"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Company news"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Vulnerability research"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"e046fe0c-8405-4a89-ae05-8988ff35e1b1","codename":"blogpost___vulnerability_research_highlights_2024"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"An AI agent is a sophisticated software program designed to perceive its environment, make decisions, and perform actions to achieve specific objectives."},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"A Deep Dive into AI Agents for Software Development"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"3523ab87-e4f8-477f-b972-6c2f916021d8","codename":"a_deep_dive_into_ai_agents_for_software_developmen"}},{"value":{"index_subheadline":{"value":"Press Release"},"index_perex":{"value":"Code quality and security leader to address code-level issues in software supply chain in addition to first-party and AI-generated code"},"index_image":{"value":{"description":null,"height":400,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/e7e46284-e021-449e-9234-484eb5922d28/PB_Card%402x.png","width":650}},"index_icon":{"value":null},"index_headline":{"value":"Sonar to Acquire Tidelift to Reduce Risk From Open Source Software"},"index_cta":{"value":"Learn More"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"1afea4e1-e61f-485b-8a1b-49a9d96e8724"},"elements":{"name":{"value":"Press Releases"},"url_slug":{"value":"press-releases"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"4170b4ae-3521-4caa-8138-47d8b3efc777","codename":"press_release___sonar_welcomes_xxx"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Several Sonar leaders share their perspectives on what to expect in 2025 with AI and software development. "},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/d292ee07-6cc3-46d7-99eb-33726ed07243/2025%20Leadership%20Predictions_Blog-landscape.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Software and AI in 2025 — Sonar Perspectives on What’s to Come in the New Year"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Company news"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"2de82c6d-d285-4c89-8808-b9e271b55db0","codename":"blogpost___olivier_gaudin_at_qcon_london_2024__cop"}},{"value":{"index_subheadline":{"value":"Press Release"},"index_perex":{"value":"Former CIO of HSBC, Lloyds Banking Group, and Barclays Signs on to Support Code Quality Market Leader"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/8adf5be2-0942-477d-a424-148381a1eae3/darryl_west_pr_index%20%281%29.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Sonar Welcomes Darryl West as Senior Advisor"},"index_cta":{"value":"Learn More"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"1afea4e1-e61f-485b-8a1b-49a9d96e8724"},"elements":{"name":{"value":"Press Releases"},"url_slug":{"value":"press-releases"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"b7f84bd9-6474-44d3-b894-799ef84a4d0c","codename":"press_release___sonar_named_winner_of_2024_emea_aw"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"CORS misconfigurations are often overlooked, but they can have severe consequences. We demonstrate how reflecting the origin header leads to code execution in Whistle."},"index_image":{"value":{"description":null,"height":400,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/544521e4-2ddb-4e6e-850b-099dbd4a3569/Never%20Underestimate%20CSRF_Index.png","width":650}},"index_icon":{"value":null},"index_headline":{"value":"Never Underestimate CSRF: Why Origin Reflection is a Bad Idea"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Vulnerability research"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"f3ab7935-05c1-4e1d-8342-5b0f5864f458","codename":"blogpost___never_underestimate_csrf__why_origin_re"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Announcing a new free tier of SonarQube, hosted in the cloud. This tier goes beyond our current community offering and gives individual developers and small teams many of the features of our commercial SonarQube offering."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/a246cb23-8c0b-4aeb-b402-ba74c0ffdb82/sq_cloud_blog_landscape_2x.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"The new SonarQube Free tier is here - get started today!"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Cloud"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Server"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"5c5125bd-5d76-4e79-b285-6883af18baaf","codename":"blogpost___new_sonarqube_free_tier__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"This release includes stronger AI Code Assurance and AI CodeFix capabilities. Choose from two new operating modes to run the server in a way that best suits your business needs. Exciting things continue to happen with our language support, like new architecture rules, support for Ansible IaC, and full support of our Dart/Flutter coverage. Find out what’s in store for you.\n"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/74fb89d5-e86a-4482-870a-02a9155d0a80/sq_10_8_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"SonarQube Server 10.8 Release Announcement"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Server"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Company news"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"37daafbe-1c63-4c8c-abf0-6da99bc44abd","codename":"blogpost___sonarqube_10_7_release_announcement__co"}},{"value":{"index_subheadline":{"value":"Press Release"},"index_perex":{"value":"Sonar recognized by AWS Partners in EMEA as leaders in helping customers drive innovation"},"index_image":{"value":{"description":null,"height":400,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/c7905628-efa3-43f0-b38a-7d4e3b1ebeb0/AWS_Rising-Star-for-the-Alps_Press-Release_Index-Card%402x.png","width":650}},"index_icon":{"value":null},"index_headline":{"value":"Sonar Named Winner of 2024 EMEA AWS Partner Awards"},"index_cta":{"value":"Learn More"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"1afea4e1-e61f-485b-8a1b-49a9d96e8724"},"elements":{"name":{"value":"Press Releases"},"url_slug":{"value":"press-releases"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"7a12c363-56f1-47f2-a12c-292fcb86662f","codename":"press_release___sonar_announces_new_free_tier_of_s"}},{"value":{"index_subheadline":{"value":"Press Release"},"index_perex":{"value":"Company to launch a free SaaS tier for private code analysis"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/fb7af716-83fe-4d52-87d0-d2a714d13434/SQ%20License%20and%20Community%20Build%20Changes_Blog-landscape.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Sonar Announces New Free Tier of SonarQube "},"index_cta":{"value":"Learn More"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"1afea4e1-e61f-485b-8a1b-49a9d96e8724"},"elements":{"name":{"value":"Press Releases"},"url_slug":{"value":"press-releases"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"4331a53d-4b96-4ea9-8637-51534aba7b82","codename":"press_release___meet_with_sonar_at_aws_re_invent__"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Announcing a new free tier of SonarQube, hosted in the cloud. This tier goes beyond our current community offering and gives individual developers and small teams many of the features of our commercial SonarQube offering."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/fdf8d109-3435-4ff2-a916-0ddec15cdd24/SQ%20License%20and%20Community%20Build%20Changes_Blog-landscape.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"A better (free) SonarQube experience "},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Cloud"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Server"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"a1526989-0ac6-465b-a61f-7df01fabbcd4","codename":"blogpost___sonars_commitment_to_you__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"In a world where AI generates code, code ownership and trust become increasingly obscure. Many enterprises already find this situation untenable, and they are looking for ways to solve it. But where do you start?"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/0ad75364-8aff-4ef1-85d6-4a19af328ef0/trust_ai_contributions_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"How to trust AI contributions to your codebase"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"0cf98e23-599e-4381-9916-1d902fd9dd40","codename":"blogpost___ai_code_assurance_announcement__copy_"}},{"value":{"index_subheadline":{"value":"Press Release"},"index_perex":{"value":"Code quality and security leader to showcase new AI capabilities for SonarQube offering at booth #1597 "},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/b3595f47-e70a-40c5-b0fe-5363b19d8791/aws_pr-index-1200x628_A.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Meet with Sonar at AWS re:Invent"},"index_cta":{"value":"Learn More"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"1afea4e1-e61f-485b-8a1b-49a9d96e8724"},"elements":{"name":{"value":"Press Releases"},"url_slug":{"value":"press-releases"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"5d6c73ea-ac41-4cf7-88dc-b35cb958fc0e","codename":"press_release___sonar_joins_aws_isv_accelerate_pro"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"The speed of software development and product delivery is increasing for organizations everywhere – including here at Sonar. In this blog, we decided to put our guiding engineering principles in writing and share them with you."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/400c9c80-4638-4e7e-995b-7265dff7fdda/Our%20commitment%20to%20you_Blog_Landscape%402x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Our commitment to you – and an update on severity ratings for software quality"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Company news"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"d9305606-b079-4c6b-80df-f7c04154f230","codename":"blogpost___how_to_trust_ai_contributions_to_your_c"}},{"value":{"index_subheadline":{"value":"Press Release"},"index_perex":{"value":"Code quality and security leader increases accessibility to fast, accurate static code analysis for AI-generated and developer-written code"},"index_image":{"value":{"description":null,"height":400,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d57f2ef-04fa-4eab-be32-42f0cef4391c/AWS_ISV-Accelerate-Program_Press-Release_Index-Card%402x_Dark.png","width":650}},"index_icon":{"value":null},"index_headline":{"value":"Sonar Joins AWS ISV Accelerate Program to Help Developers Deliver Quality, Secure Code"},"index_cta":{"value":"Learn More"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"1afea4e1-e61f-485b-8a1b-49a9d96e8724"},"elements":{"name":{"value":"Press Releases"},"url_slug":{"value":"press-releases"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"749d2656-d28f-4fc5-8a1b-260f09394981","codename":"press_release___sonar_streamlines_product_naming_t"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"HTML sanitization has long been touted as a solution to prevent malicious content injection. However, this approach faces numerous challenges. In this blog post, we'll explore the limitations of server-side HTML sanitization and discuss why client-side sanitization is the better approach."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/faa1e2b0-9a01-4fdd-b8bc-9ca5ec15da23/html_sanitization_landscape_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Sanitize Client-Side: Why Server-Side HTML Sanitization is Doomed to Fail"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Vulnerability research"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"d911e0ee-27fa-48e8-87f2-bcfabee291d6","codename":"blogpost___sanitize_client_side__why_server_side_h"}},{"value":{"index_subheadline":{"value":"Press Release"},"index_perex":{"value":"Company aligns offering under the SonarQube name to simplify its product brand experience \n"},"index_image":{"value":{"description":"Sonar Streamlines Product Naming to Reflect Core Mission of Code Quality and Security","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/a0730970-644c-4dba-9692-b27700d33082/sonar-rebrand-blog-and-pr-2-horizontal.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Sonar Streamlines Product Naming to Reflect Core Mission of Code Quality and Security"},"index_cta":{"value":"Learn More"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"1afea4e1-e61f-485b-8a1b-49a9d96e8724"},"elements":{"name":{"value":"Press Releases"},"url_slug":{"value":"press-releases"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"bbbd3c99-a59e-446a-829d-f3f0770d1e05","codename":"press_release___nathan_jones_joins_sonar_as_vp_of_"}},{"value":{"index_subheadline":{"value":"Press Release"},"index_perex":{"value":"Government technology veteran to lead business growth and company expansion in the federal government sector"},"index_image":{"value":{"description":null,"height":400,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/56e96a41-8bb6-4ab3-ac45-add29e575ab3/Nathan%20Jones_Index%402x.png","width":650}},"index_icon":{"value":null},"index_headline":{"value":"Nathan Jones Joins Sonar as VP of Federal Government"},"index_cta":{"value":"Learn More"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"1afea4e1-e61f-485b-8a1b-49a9d96e8724"},"elements":{"name":{"value":"Press Releases"},"url_slug":{"value":"press-releases"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"911c8504-c23a-4b66-b3b6-dd91f3964dc5","codename":"press_release___connect_with_sonar_at_github_unive"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"This blog post explains how taint analysis tracks all data flows in an application’s source code to unveil deeply hidden vulnerabilities and showcases a critical vulnerability in the OpenAPI Generator discovered by SonarQube Cloud."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/60dcda39-d99f-43ca-be65-d72439fc2c61/taint_analysis_landscape_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"The Power of Taint Analysis: Uncovering Critical Code Vulnerability in OpenAPI Generator"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Vulnerability research"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"1212f796-6a52-4070-949f-8925959c000e","codename":"blogpost___the_power_of_taint_analysis__uncovering"}},{"value":{"index_subheadline":{"value":"Press Release"},"index_perex":{"value":"Sonar joins the world’s fair of software to demonstrate the value of using GitHub Copilot in coordination with SonarQube Server"},"index_image":{"value":{"description":"GitHub Universe 2024","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/b9916616-d3b3-42c8-8f7e-7db99a5a962c/github_universe_san_fran_event_2024.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Connect with Sonar at GitHub Universe "},"index_cta":{"value":"Learn More"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"1afea4e1-e61f-485b-8a1b-49a9d96e8724"},"elements":{"name":{"value":"Press Releases"},"url_slug":{"value":"press-releases"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"bd9982b7-9f81-4f05-8a0c-72cfabdf9924","codename":"press_release___sonar_acquires_structure101_to_str"}},{"value":{"index_subheadline":{"value":"Press Release"},"index_perex":{"value":"Acquisition to support the identification of structural issues in the code development process"},"index_image":{"value":{"description":null,"height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/a8f30f13-f3f4-4a52-bdd9-bc4375b323d1/structure101%20acquisition_social-square%402x.png","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"Sonar Acquires Structure101 to Strengthen Code Quality Offering"},"index_cta":{"value":"Learn More"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"1afea4e1-e61f-485b-8a1b-49a9d96e8724"},"elements":{"name":{"value":"Press Releases"},"url_slug":{"value":"press-releases"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"97398e13-914c-4c87-9f9c-32c8fb571a99","codename":"press_release___sonar_to_improve_the_quality_of_ai"}},{"value":{"index_subheadline":{"value":"Technology"},"index_perex":{"value":"A game-changer for ZEISS developers. With the seamless integration of SonarQube Server ZEISS improves developer productivity, accelerates software development cycles, and cuts costs."},"index_image":{"value":{"description":"Zeiss","height":1440,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/114b3553-71da-4723-955e-d2ab2d559605/zeiss_square.webp","width":1440}},"index_icon":{"value":null},"index_headline":{"value":"ZEISS"},"index_cta":{"value":"Read more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"0a4f1a31-9a41-4ee9-b452-5deb1bfd1e47"},"elements":{"name":{"value":"Customer Stories"},"url_slug":{"value":"customer-stories"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Product"}}}},"name":{"value":"SonarQube Server"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Region"}}}},"name":{"value":"Europe"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Industry"}}}},"name":{"value":"Technology"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"bd56b1df-6fa3-447a-9f8d-ae8455ba741e","codename":"customer_story___whirlpool__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"This blog post showcases why fundamental code security is essential for an application despite all hardening measures applied in the underlying infrastructure."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/edfacdf3-1e96-4ad6-baa7-18341280511a/why_code_security_matters_landscape_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Why Code Security Matters - Even in Hardened Environments"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Vulnerability research"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"e7810a63-8d53-4fec-b1c7-6b5390caa515","codename":"blogpost___why_code_security_matters___even_in_har"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Sonar now supports the Dart programming language"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/19861bc0-130b-46e3-b2a4-8eff99c44277/dart_support_landscape_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Announcing Sonar's Support for Dart: Elevate Your Code Quality"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Server"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Languages & frameworks"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"298bc4c4-3242-4b3e-ab8b-e545fe56300e","codename":"blogpost___top_security_flaws__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Sonar introduces powerful AI-driven features, expanded support for new and existing languages and frameworks, and deeper security, all to elevate your code quality. These updates bring significant advancements for developers and teams.\n"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/296c23e0-fbfe-434e-8c6d-aa1c903bce5e/sq-10.7_blog-index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"SonarQube Server 10.7 Release Announcement"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Server"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Company news"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"6a264710-f414-4ee5-b5ff-48057e8dbae5","codename":"blogpost___sonarqube_10_6_release_announcement__co_6a26471"}},{"value":{"index_subheadline":{"value":"Press Release"},"index_perex":{"value":"Designed to support better software development in two critical and distinct ways – new capabilities AI Code Assurance and AI CodeFix deepen Sonar’s commitment to the delivery of high-quality, secure code and increasing developer productivity. "},"index_image":{"value":{"description":null,"height":400,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/9b170382-7bf9-4532-9c50-ef080174df00/ai%20features_pr-card.webp","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Sonar to Improve the Quality of AI-Generated Code, Provide Automated Fix Recommendations"},"index_cta":{"value":"Learn More"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"1afea4e1-e61f-485b-8a1b-49a9d96e8724"},"elements":{"name":{"value":"Press Releases"},"url_slug":{"value":"press-releases"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"fe374215-26ed-477f-838f-8615c1edf24b","codename":"press_release___sonar_introduces_sonarcloud_enterp_fe37421"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Sonar AI Code Assurance is a robust and streamlined process for validating AI-generated code through a structured and comprehensive analysis."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/b317978f-6ceb-4b3f-8128-508d618596a9/AI%20Code%20Assurance_landscape-index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Building Confidence and Trust in AI-Generated Code"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"c478862a-8eb9-443f-9fdd-2373e48f9816","codename":"blogpost___ai_codefix_announcement__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Sonar AI CodeFix is a powerful capability that suggests code fixes for issues discovered by our code analysis solutions SonarQube Server and SonarQube Cloud."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/1c383359-8f9f-4f59-ab7c-617e6942c954/AI%20CodeFix_landscape-index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Instant Code Fixes at Your Fingertips: Announcing Sonar AI CodeFix"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"680c3d86-ba7a-4872-bb83-d375553916e2","codename":"blogpost___announcing_sonar_support_for_dart__copy"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Let's examine the three most common injection attack types—SQL injection, Deserialization Injection, and Logging Injection—and discuss ways to prevent them."},"index_image":{"value":{"description":"Top Security Flaws hiding in your code","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/afc64288-0d3c-4616-958a-c4da865a2bee/top_security_flaws_landscape_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Top Security Flaws hiding in your code right now - and how to fix them"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"c0757a6b-7de7-4be4-96c7-cb88ece5346e","codename":"blogpost___top_security_flaws"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Security standards such as ISO 27001 are crucial for businesses as they offer a structured framework for managing and safeguarding sensitive information. "},"index_image":{"value":{"description":"iso 27001","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/e7f22c9c-c748-4797-8b93-aacc2b15d86d/ISO%2027001%20Compliance_Landscape_blog-header%402x%202.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"How can Sonar help with ISO 27001 compliance?"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Governance"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code compliance"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"37d45eb1-1812-479a-98d3-0edff1bb32da","codename":"blogpost___basic_http_authentication_risk__uncover_37d45eb"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"pyspider uses the convenient “basic HTTP authentication” method, but browsers don’t take the extra step to protect users from CSRF attacks. Learn more on how SonarQube Cloud detected 2 vulnerabilities in this open-source project."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/e503a8d1-03d9-4413-a51b-2e897698ac0c/pyspider_vulnerabilities_landscape_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Basic HTTP Authentication Risk: Uncovering pyspider Vulnerabilities"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Vulnerability research"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"ce3af23e-7892-4328-b320-0e2d7597f801","codename":"blogpost___basic_http_authentication_risk__uncover"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"With so many Large Language Models (LLMs) out there, selecting the right LLM is crucial for any organization looking to integrate AI into its operations. "},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/9fc28348-dd56-4c8f-8a0b-bfca3abb9db4/selecting_the_right_llm_blog_landscape.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"How to Choose an LLM in Software Development"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"19c9e22c-a6bb-4e8c-99b9-a59a91e876f0","codename":"blogpost___front_end_frameworks__when_bypassing_bu_19c9e22"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Learn about the similarities and key differences between SonarQube Cloud and SonarQube Server and which one is best for your use case."},"index_image":{"value":{"description":null,"height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/56926e4d-09b8-438b-95b2-70a67f1cc9c6/sonarqube_cloud_or_server_square_index.webp","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"SonarQube Cloud or SonarQube Server, What's Right for Your Team?"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Cloud"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Server"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"f9d53e70-197b-46c0-ad0d-a60fda7bbfff","codename":"blogpost___sonarcloud_or_sonarqube____guidance_on_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Olivier Gaudin discusses the value of quality, secure code from the start at top industry software conference. Check out his talk!\n"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/4afae759-3f4e-4523-8b4a-61c0f741d839/on_demand_qcon_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"[ON DEMAND] Watch Sonar Founder Olivier Gaudin Break Down the Need for and Impact of Code Quality at QCon London 2024 "},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Company news"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"bd8cfc67-a837-4a41-8446-64dd7cda566b","codename":"blogpost___green_coding_with_clean_code___a_recap__bd8cfc6"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Modern JavaScript front-end frameworks protect your application from XSS vulnerabilities by automatically escaping untrusted content. This built-in feature can be bypassed intentionally, which should be taken with great care."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/38bfe757-d696-40db-85d7-e9acf90ffe80/bypassing_sanitization_landscape_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Front-End Frameworks: When Bypassing Built-in Sanitization Might Backfire"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Vulnerability research"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"78a75117-b6b8-45d9-8527-7258302232a1","codename":"blogpost___front_end_frameworks__when_bypassing_bu"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Twenty five years ago this week, on August 11, 1999, Red Hat went public in a stock offering that at the time was one of the largest ever, ending its first day of trading worth $3.5 billion."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/4ed7b130-1fe0-4a03-a30c-e82614f04635/sonar-open-graph-2x-2.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"The Red Hat IPO experiment to pay maintainers: 25 years later"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Company news"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"1ecda1d5-613a-4f03-9ab1-1f1c61bc5b6d","codename":"blogpost___the_red_hat_ipo_experiment_to_pay_maint"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Sonar’s solutions, including SonarQube for IDE, SonarQube Server, and SonarQube Cloud, help you meet NIST SSDF code security requirements and enhance overall code quality. Find out how.\n"},"index_image":{"value":{"description":"How Sonar helps with NIST SSDF","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/6e7c9ecf-af4a-4cc4-9887-85b447845343/nist_ssdf_landscape_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"How Sonar Helps meeting NIST SSDF Code Security Requirements"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Governance"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code compliance"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"5eae67f2-3aeb-428b-9e3c-7686f6ebb4e3","codename":"blogpost___sonarqube_10_6_release_announcement__co"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Sonar’s R&D team discovered a Cross-Site Scripting vulnerability in Roundcube. Similar vulnerabilities in Roundcube have been used by APTs to steal government emails."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/7b9a36b1-be1e-49b0-a013-d05e8f0235ad/roundcube_landscape_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Government Emails at Risk: Critical Cross-Site Scripting Vulnerability in Roundcube Webmail"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Vulnerability research"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"27d73b7c-bf44-4410-9753-bd44d6c57d11","codename":"blogpost___government_emails_at_risk__critical_cro"}},{"value":{"index_subheadline":{"value":"Press Release"},"index_perex":{"value":"New SaaS plans provide comprehensive code quality and code security visibility for developers, software engineering managers, and business leaders"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/cb33007d-a534-44de-b0a6-e5d40d823ad2/sonarcloud_enterprise_and_team_landscape_blog_header.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"SonarQube Cloud Enterprise and Team Plans for Advanced Analysis of AI-assisted and Developer Written Code"},"index_cta":{"value":"Learn More"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"1afea4e1-e61f-485b-8a1b-49a9d96e8724"},"elements":{"name":{"value":"Press Releases"},"url_slug":{"value":"press-releases"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"1f1bde0c-06da-4fab-91e3-a4262ebc4304","codename":"press_release___sonarcloud_integration_with_amazon"}},{"value":{"index_subheadline":{"value":"Retail"},"index_perex":{"value":"Dunnhumby realized a return on investment (ROI) within the first month by automating code analysis and improving the speed and accuracy of issue detection."},"index_image":{"value":{"description":null,"height":400,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5cf9f737-0f39-4f6b-a479-2b77831da0df/tesco-dunnhumby-card-sonar.webp","width":704}},"index_icon":{"value":null},"index_headline":{"value":" Tesco Dunnhumby"},"index_cta":{"value":"Read more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"0a4f1a31-9a41-4ee9-b452-5deb1bfd1e47"},"elements":{"name":{"value":"Customer Stories"},"url_slug":{"value":"customer-stories"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Product"}}}},"name":{"value":"SonarQube Server"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Region"}}}},"name":{"value":"Europe"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Industry"}}}},"name":{"value":"Retail"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"2a4b415d-97d1-4d70-b714-ebfc8a3f7a96","codename":"customer_story___thales__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We are excited to expand our SonarQube Cloud offering with the availability of two new plans, SonarQube Cloud Enterprise and SonarQube Cloud Team."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/354e2d58-4606-4625-9017-bf9676e05fe4/sonarcloud_enterprise_and_team_landscape_blog_header%20%281%29.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Now Introducing, SonarQube Cloud Enterprise and SonarQube Cloud Team"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Governance"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Cloud"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"74ef47bc-b66f-45d9-9ef2-666c97c0d302","codename":"blogpost___autoconfig_of_c_and_c___projects__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"This blog post takes a look at the potential code issues behind the recent global CrowdStrike outage."},"index_image":{"value":{"description":null,"height":1201,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/7b69d1cd-74f7-4610-a793-6bd3e35737fa/crowdstrike_blog_featured_2x.webp","width":1201}},"index_icon":{"value":null},"index_headline":{"value":"What Code Issues Caused the CrowdStrike Outage?"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"d0feb490-3a10-4d1c-badf-0962408caa57","codename":"blogpost___what_code_issues_caused_the_crowdstrike"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Sonar recently added new rules for ASP.NET WebAPI and ASP.NET MVC. In this blog post, we discuss the details of these frameworks within ASP.NET Core and how Sonar’s solutions help keep your ASP.NET web apps clean and free of issues."},"index_image":{"value":{"description":"Deliver High-Quality ASP.NET Web Apps with Sonar","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/98b71ee5-74ab-4fdb-8030-2bd3cfb193af/asp_net_core_web_apps_landscape_blog_header.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Deliver high-quality ASP.NET Core web apps with Sonar."},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Languages & frameworks"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"9a9e6f66-b706-46b0-b47e-4e0cb0db26ec","codename":"blogpost___asp_net_core_web_apps"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"G2 has once again ranked Sonar #1 in Static Code Analysis in the Summer 2024 Grid Report. \nIn addition to leading the pack in each of the Enterprise, Mid-Market, and Small Business segments for Static Code Analysis, Sonar was also named a leader in the Static Application Security Testing (SAST) category. "},"index_image":{"value":{"description":null,"height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/2ae4d572-5445-4b1c-80ef-a8b978edabf1/g2-review-static-code-analysis-2024-summer-blog-feature.webp","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"G2 Grid Report for Static Code Analysis: Sonar Named a Leader for Sixteenth Consecutive Quarter"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Company news"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"d417754e-3a9f-4100-803e-2bb5c1f21b74","codename":"blogpost___using_and_understanding_sonarqube_for_c"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Abbas Sabra covers a groundbreaking technology: AutoConfig for C and C++. It automates the normally complex setup process, making project setup a breeze. AutoConfig is designed to make code analysis free of complications bringing Code Quality to the fingertips of every C and C++ developer."},"index_image":{"value":{"description":"AutoConfig for C and C++ Projects Image","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/9324d669-31db-4ae0-a549-9561d94dc352/autoconfig_c_landscape_blog_header.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"AutoConfig: C++ Code Analysis Redefined"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Languages & frameworks"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Server"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"21c1fe5d-28e6-4444-b234-23301e1731fb","codename":"blogpost___why_i_m_passionate_about_static_analysi_21c1fe5"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"The absence of charset information seems to be a minor issue for a web application. This blog post explains why this is a false assumption and highlights the critical security implications."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/71e5f88e-922e-42dc-91ba-b0b704fadc32/charset_matters_landscape_blog_header.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Encoding Differentials: Why Charset Matters"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Vulnerability research"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"b2ec5725-da14-43d0-ae2a-5f9ed18169e3","codename":"blogpost___encoding_differentials__why_charset_mat"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Learn about critical code vulnerabilities we discovered in Gogs, a source code hosting solution. This follow-up covers how less severe flaws can still have a critical impact."},"index_image":{"value":{"description":null,"height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/8c8293e0-1982-4dee-98ad-8ee089ea9f0b/gogs_vulnerability_square%20%281%29.webp","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"Securing Developer Tools: Unpatched Code Vulnerabilities in Gogs (2/2)"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Vulnerability research"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"d5aa07ec-a1b5-41f4-91ac-6391df1d1d27","codename":"blogpost___securing_developer_tools__unpatched_cod_d5aa07e"}},{"value":{"index_subheadline":{"value":"Financial services"},"index_perex":{"value":"M&T Bank’s investment in SonarQube Server brought a return in less than six months since implementing SonarQube Server into their development workflow"},"index_image":{"value":{"description":null,"height":400,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/96131735-1cb1-458e-af36-8872be4d1aca/m_and_t_bank_card.webp","width":704}},"index_icon":{"value":null},"index_headline":{"value":"M&T Bank"},"index_cta":{"value":"Read more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"0a4f1a31-9a41-4ee9-b452-5deb1bfd1e47"},"elements":{"name":{"value":"Customer Stories"},"url_slug":{"value":"customer-stories"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Product"}}}},"name":{"value":"SonarQube Server"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Region"}}}},"name":{"value":"North America"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Industry"}}}},"name":{"value":"Financial services"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"93acc916-6d5f-4dbd-a128-cba7a7a138e0","codename":"customer_story___bae_systems__copy_"}},{"value":{"index_subheadline":{"value":"Aerospace & Defense"},"index_perex":{"value":"To meet the demands of the business and strengthen its competitive position, Thales selected SonarQube as its preferred solution"},"index_image":{"value":{"description":null,"height":400,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/d413af2f-b0bb-4d85-958a-e6e2e867a495/thales_card.webp","width":704}},"index_icon":{"value":null},"index_headline":{"value":"ThalesRaytheon"},"index_cta":{"value":"Read more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"0a4f1a31-9a41-4ee9-b452-5deb1bfd1e47"},"elements":{"name":{"value":"Customer Stories"},"url_slug":{"value":"customer-stories"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Industry"}}}},"name":{"value":"Aerospace and defense"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Product"}}}},"name":{"value":"SonarQube Server"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Region"}}}},"name":{"value":"Europe"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"29c21374-eaf0-4e5a-8223-abaf945da8ff","codename":"customer_story___m_t_bank__copy_"}},{"value":{"index_subheadline":{"value":"Aerospace & Defense"},"index_perex":{"value":"Code Quality is critical in aerospace and defense software"},"index_image":{"value":{"description":null,"height":2400,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/fbd69afd-05db-44c0-94d2-af6d6931e37e/bae_systems_featured_customer_story.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"BAE Systems"},"index_cta":{"value":"Read more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"0a4f1a31-9a41-4ee9-b452-5deb1bfd1e47"},"elements":{"name":{"value":"Customer Stories"},"url_slug":{"value":"customer-stories"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Product"}}}},"name":{"value":"SonarQube Server"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Region"}}}},"name":{"value":"North America"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Industry"}}}},"name":{"value":"Aerospace and defense"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"ac6a0353-a415-40dd-90ae-04357b413f7d","codename":"customer_story___rr_mechatronics__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"One critical metric to gauge the effectiveness of your code testing efforts is code coverage. SonarQube Server, a powerful static code analysis solution, integrates seamlessly with code coverage tools, empowering developers to write cleaner, more secure, and thoroughly tested code."},"index_image":{"value":{"description":null,"height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/bb178dd1-7c81-43b3-95a5-0b25e0d321c9/code_coverage_blog_square.webp","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"Using and Understanding SonarQube Server for Code Coverage "},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Server"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"060482bf-07ca-4b40-913f-fcdbd2cc97a1","codename":"blogpost___green_coding_with_clean_code___a_recap_"}},{"value":{"index_subheadline":{"value":"LLM Code Generation Guide"},"index_perex":{"value":"With the rapid growth in generative AI (GenAI) and large language models (LLMs), new security risks have emerged. Developers of LLM-based apps are responsible for addressing those security risks. However, the newness of the LLM and GenAI space makes understanding and mitigating these risks more challenging than well-established domains like web application security. "},"index_image":{"value":{"description":null,"height":746,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/a77aa4c9-2ffc-439f-9e54-0b695585b62f/owasp_guide_index.webp","width":1212}},"index_icon":{"value":null},"index_headline":{"value":"How the OWASP LLM Top 10 Applies to Code Generation"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"4288f54f-c21e-46e1-9321-eaeefc10a1ca"},"elements":{"name":{"value":"White Papers"},"url_slug":{"value":"white-papers"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"06f75d44-540b-467e-842d-7b453b2968a7","codename":"white_paper_post___ai_code_generators_exec_guide__"}},{"value":{"index_subheadline":{"value":"AI Executive Guide"},"index_perex":{"value":"Software development is transforming from conventional manual coding to a new era driven by\ngenerative AI technology."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/f688ecb0-ba1a-4b1e-9819-1a5f9d9a1b26/ai_guide_landscape_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"AI code generators guide for executives & c-suite"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"4288f54f-c21e-46e1-9321-eaeefc10a1ca"},"elements":{"name":{"value":"White Papers"},"url_slug":{"value":"white-papers"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"a1c363e5-7fe6-4fbb-b2bd-3e3a11e83ce4","codename":"white_paper_post___cognitive_complexity__copy__a1c363e"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We discovered 4 critical code vulnerabilities in Gogs, a source code hosting solution, which are still unpatched. Read about the details and how to protect yourself."},"index_image":{"value":{"description":null,"height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/c56ed450-f769-40eb-b035-341c90716c4d/gogs_vulnerability_square.webp","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"Securing Developer Tools: Unpatched Code Vulnerabilities in Gogs (1/2)"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Vulnerability research"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"9f6d51e7-522a-4317-a9b4-6bef2e4cc816","codename":"blogpost___securing_developer_tools__unpatched_cod"}},{"value":{"index_subheadline":{"value":"Technology Spotlight"},"index_perex":{"value":"Addressing bad code requires a holistic approach, integrating procedural measures and a cultural shift towards clean coding practices. Organizations that prioritize these principles enhance software resilience, mitigate risks, and fortify their reputation and financial stability."},"index_image":{"value":{"description":null,"height":746,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/c8a2497c-68ef-4e79-aec3-e931cb8887b3/costly_consequences_of_bad_code_guide_index.webp","width":1212}},"index_icon":{"value":null},"index_headline":{"value":"The costly consequences of bad code for the enterprise"},"index_cta":{"value":"Read White Paper"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"4288f54f-c21e-46e1-9321-eaeefc10a1ca"},"elements":{"name":{"value":"White Papers"},"url_slug":{"value":"white-papers"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"2ac46d57-7c95-46af-8ee3-de7b55199922","codename":"white_paper_post___the_costly_consequences_of_bad__2ac46d5"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Despite advances in technology and methodologies, the costs associated with fixing bad code continue to escalate, impacting businesses financially and operationally. But what is bad code, what are the clear markers of its negative impact, and how can organizations overcome it?"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/767c21ed-a3e7-4277-b38b-ca6a02b63fd7/Cost%20of%20Bad%20Code_Landscape_Blog-Header.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"The True Cost of Bad Code in Software Development"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"a36c16bb-ff0d-4078-9d11-6d708da8cf82","codename":"blogpost___the_true_cost_of_bad_code_in_software_d"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"The 10.6 release of SonarQube Server includes some significant changes, such as autoscaling in Kubernetes,  AutoConfig for C and C++ projects, support for running in a FIPS-enforced environment, set rule priority to uphold your coding standards, easy setup of monorepos, monitoring the time it takes to upgrade, and expanded library coverage for AI/ML developers. \n"},"index_image":{"value":{"description":"SonarQube 10.6 logo","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/02649fe5-5531-4b8d-9e6a-0e410703dfe5/sq_10_6_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"SonarQube Server 10.6 Release Announcement"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Server"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Company news"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"06eb62c4-58a6-44fb-9828-6447b1dc9975","codename":"blogpost___sonarqube_10_5_release_announcement__co"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"ecoCode Challenge Paris represents an opportunity to unite innovation and sustainable coding. As a proud sponsor, we are excited to see how SonarQube Server is empowering developers to prioritize environmental sustainability in their projects.\n"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/21b7a818-f820-4ea1-b883-36e1da9b4762/green_code_with_clean_code_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Green Coding with Code Quality - A Recap of ecoCode Challenge Paris 2024"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"7a63bb32-40e2-4517-9575-cb9c989a1029","codename":"blogpost___building_the_foundation_for_a_strong_ai_7a63bb3"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Our research team discovered two vulnerabilities in mailcow, an email server solution. Attackers could compromise an instance, impersonate users, and steal emails."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/4b5946e5-53c0-4c7e-86c5-76520675cac8/mailcow_vulnerabilities_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Re-moo-te Code Execution in Mailcow: Always Sanitize Error Messages"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Vulnerability research"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"dbae94e1-dcb5-4298-ba89-2f15284ed2ce","codename":"blogpost___re_moo_te_code_execution_in_mailcow__al"}},{"value":{"index_subheadline":{"value":"Press Release"},"index_perex":{"value":"SonarQube Cloud integrates with Amazon CodeCatalyst, earns AWS Foundational Technical Review certification "},"index_image":{"value":{"description":null,"height":400,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/e47808ea-77c6-4ae7-bd2a-2447217b83c3/sc_codecatalyst_pr_card.webp","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Sonar and AWS Expand Collaboration to Drive Adoption of Code Quality Practices "},"index_cta":{"value":"Learn More"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"1afea4e1-e61f-485b-8a1b-49a9d96e8724"},"elements":{"name":{"value":"Press Releases"},"url_slug":{"value":"press-releases"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"09a589f6-5f33-4e0a-8981-3feb8c41ddfd","codename":"press_release___sonarqube_on_google_cloud_marketpl_09a589f"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Sonar recently announced the integration of SonarQube Cloud with Amazon CodeCatalyst. This blog post guides you through integrating SonarQube Cloud, a cloud-based Code Quality solution, with Amazon CodeCatalyst."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/e84165bf-fa7c-4813-91f6-c72aa4fac5d8/sonarcloud_codecatalyst_integration_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Integrating SonarQube Cloud with Amazon CodeCatalyst for Code Analysis"},"index_cta":{"value":"Read blog post"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Partner integrations"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Cloud"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"0e46fa22-78b9-4c97-8d87-6e7cc64815a3","codename":"blogpost___wearedevelopers_2023___what_did_you_mis_0e46fa2"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Sonar’s new President of Field Operations introduces herself and reiterates the company's continued commitment to enabling organizations to succeed. "},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/7dd61237-88ff-4c96-aa5b-7755f58e36eb/open_letter_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"An Open Letter to Sonar[Qube] Users"},"index_cta":{"value":"Read blog post"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Company news"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"8aa787be-6485-44be-8e2e-fc8ace6513f7","codename":"blogpost___ai_generated_code_demands__trust__but_v"}},{"value":{"index_subheadline":{"value":"Press Release"},"index_perex":{"value":"Google Cloud Marketplace listing simplifies procurement, implementation, and management for efficient Code Quality delivery"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/bed5d570-47c1-4b4c-89b4-3bcf13c1aec7/sonarqube_on_google_cloud_marketplace_pr_card.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Sonar Delivers Code Quality Solution SonarQube Server through Google Cloud Marketplace"},"index_cta":{"value":"Learn More"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"1afea4e1-e61f-485b-8a1b-49a9d96e8724"},"elements":{"name":{"value":"Press Releases"},"url_slug":{"value":"press-releases"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"b5804b3a-9e2d-4838-a9aa-bb8832ef2d1f","codename":"press_release___derek_drennan_joins_sonar_as_chief"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"XSS is a well-known bug class, but a lesser-known yet effective variant called mXSS has emerged over the last couple of years. In this blog, we will cover the fundamentals of this XSS variant and examine how you can protect against it."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/509db3a7-da2d-4fe4-8c4f-9caadf18d00f/mxss_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"mXSS: The Vulnerability Hiding in Your Code"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Vulnerability research"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"1325e9a0-9d19-4505-adb4-5a6dc47ef717","codename":"blogpost___mxss__why_should_it_interest_you"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"This post delves into an actual Jenkins vulnerability to understand the intricacies of deeper SAST for detecting deeply hidden code vulnerabilities. It illustrates how deeper SAST works and explains its impact on keeping your code clean and free of these serious issues."},"index_image":{"value":{"description":"Image of deeper SAST by Sonar","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/d08454f6-3f53-4567-92ba-4e0964506a39/deeper_sast_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Find Deeply Hidden Security Vulnerabilities with Deeper SAST by Sonar"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Server"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"dd1573ae-0562-4c6d-9889-246ffcc18d6d","codename":"blogpost___pci_dss_4_0__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Parallelism has been around for decades, but it is still a source of critical vulnerabilities nowadays. This blog post details a severe vulnerability in the remote desktop gateway Apache Guacamole, highlighting the security risks of parallelism."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/4ad4479c-ecb6-4bad-8522-a6f058ab0ae5/parallel_code_security_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Parallel Code Security: The Challenge of Concurrency"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Vulnerability research"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"d2dc2328-b1d5-4d9d-b526-b2dd5e856998","codename":"blogpost___parallel_code_security__the_challenge_o"}},{"value":{"index_subheadline":{"value":"Press Release"},"index_perex":{"value":"Tech industry veteran from GitHub and Microsoft to lead customer onboarding, training, and success at Sonar"},"index_image":{"value":{"description":null,"height":400,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/70350191-6efe-4760-837d-44e4f1fde263/derek_drennen_pr_card%20%281%29.webp","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Derek Drennan Joins Sonar as Chief Customer Officer"},"index_cta":{"value":"Learn More"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"1afea4e1-e61f-485b-8a1b-49a9d96e8724"},"elements":{"name":{"value":"Press Releases"},"url_slug":{"value":"press-releases"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"193c61c3-6645-4e37-b3d6-f67c1b04f39a","codename":"press_release___lynne_doherty_joins_sonar_as_presi"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"The rapid development of different technologies doesn’t come without risks. This blog post details a critical vulnerability in the remote desktop gateway Apache Guacamole, which showcases the challenges of code interoperability."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/0d1d74a2-aeb7-4568-8a04-60c540df4079/code_interoperability_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Code Interoperability: The Hazards of Technological Variety"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Vulnerability research"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"27334221-899c-4ea4-a049-15bd4c043bae","codename":"blogpost___code_interoperability__the_hazards_of_t"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Speed and quality are no longer trade-offs in the modern software landscape - they're a tightly interwoven dance. That's where the \"Shift Left\" philosophy comes in, urging us to move critical checks and balances like code quality analysis earlier in the development lifecycle."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/ec424b18-92f6-4541-9300-b4cbecabe266/shift_left_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Leveraging SonarQube Server, SonarQube Cloud, and SonarQube for IDE for Effective Shift Left Practices"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube for IDE"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Cloud"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Server"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"ec126c4f-670c-44d7-ab42-cde872db2d6a","codename":"blogpost__shift_left"}},{"value":{"index_subheadline":{"value":"Press Release"},"index_perex":{"value":"Former President of Worldwide Field Operations at Sumo Logic joins Code Quality market leader to accelerate revenue growth and global expansion"},"index_image":{"value":{"description":null,"height":400,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/8d511baf-aff5-4575-b7fd-c760a2c8e6e8/lynne_doherty_pr_card.webp","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Lynne Doherty Joins Sonar as President of Field Operations"},"index_cta":{"value":"Learn More"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"1afea4e1-e61f-485b-8a1b-49a9d96e8724"},"elements":{"name":{"value":"Press Releases"},"url_slug":{"value":"press-releases"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"7e337870-4c63-40b8-8248-93bcb844508b","codename":"press_release___sonar_achieves_iso27001_2022_certi"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Unit and end-to-end testing are effective in ensuring features and functionality work properly, but what about code quality? How can we ensure that our code is reliable, maintainable, and secure? Enter static code analysis. "},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/13dde10a-3227-42f0-9260-7862f2122ebb/level_up_ci_cd_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Driving DevOps Transformation: Leveling Up CI/CD with Static Code Analysis"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Partner integrations"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Governance"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"c351a47f-e7e0-4697-9c07-43748097f665","codename":"blogpost__driving_devops_transformation__leveling_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Explore how DevOps principles and practices can transform the challenge of managing legacy code into an opportunity for improvement. This piece outlines actionable strategies for refactoring, the importance of automation, and adopting a 'Clean as You Code' approach to ensure sustainable code quality and efficiency."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/7ed1e8ff-4ee0-4188-a576-26d070db2fe8/legacy_codebases_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Legacy Codebases are a DevOps Issue"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Governance"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"88d614d8-4db0-4931-bb00-56ca540e2d92","codename":"blogpost___legacy_codebases_are_a_devops_issue"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"The 10.5 release of SonarQube Server includes support for Java 21, C++23, and TypeScript 5.4. Secrets detection analysis is faster and deeper SAST coverage has increased. Project onboarding is more simplified for monorepos, Maven, and GitHub Actions. Read on to find out about these and much more."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/6776f57b-4dac-4b9d-8a52-e17cd6053939/sq_10_5_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"SonarQube Server 10.5 Release Announcement"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Server"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Company news"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"54cbf3b7-bf7f-4797-a711-d7a01f4ee7e7","codename":"blogpost___sonarqube_10_4_release_announcement__co_54cbf3b"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Our Vulnerability Research team discovered a critical code vulnerability in SourceForge, which attackers could have used to poison deployed files and spread malware to millions of users."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/8b48b3ee-c446-482c-8c95-ceb0e3221eb7/sourceforge_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Dangerous Import: SourceForge Patches Critical Code Vulnerability"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Vulnerability research"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"b923348e-ceaf-413f-96d2-4e262e33e1b9","codename":"blogpost___dangerous_import__sourceforge_patches_c"}},{"value":{"index_subheadline":{"value":"Software"},"index_perex":{"value":"Using SonarQube Server over time, CleverTap reached their target goal of a high code quality standard and also found their developers' skills improved."},"index_image":{"value":{"description":"Image of a woman holding a mobile phone.","height":400,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/1e0a353d-856e-4c53-a082-12337069db58/clevertap_card.webp","width":704}},"index_icon":{"value":null},"index_headline":{"value":"CleverTap"},"index_cta":{"value":"Read more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"0a4f1a31-9a41-4ee9-b452-5deb1bfd1e47"},"elements":{"name":{"value":"Customer Stories"},"url_slug":{"value":"customer-stories"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Product"}}}},"name":{"value":"SonarQube Server"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Region"}}}},"name":{"value":"North America"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Industry"}}}},"name":{"value":"Software"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"f2530d89-d202-452a-b063-87577c2b5ef2","codename":"customer_story___clevertap"}},{"value":{"index_subheadline":{"value":"solution brief"},"index_perex":{"value":"The enterprise-ready automated code review platform that accelerates your mission-critical software development enabling developers to reach huge productivity gains from safely leveraging AI-generated code"},"index_image":{"value":null},"index_icon":{"value":null},"index_headline":{"value":"SonarQube Server Enterprise  - Why Upgrade? "},"index_cta":{"value":"Download brief"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b17a74b6-dd65-4a0a-b279-62ed8d972f76"},"elements":{"name":{"value":"Solution briefs"},"url_slug":{"value":"solution-briefs"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Server"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"9fa3b44b-550e-4655-888f-3ba736fa7061","codename":"solution_brief___sonarqube_for_ide__copy_"}},{"value":{"index_subheadline":{"value":"solution brief"},"index_perex":{"value":"Whether you’re a new customer of Sonar or an existing customer with the goal to upgrade from Enterprise Edition, there are several advantages to utilizing the Data Center Edition of SonarQube Server."},"index_image":{"value":null},"index_icon":{"value":null},"index_headline":{"value":"SonarQube Server Data Center"},"index_cta":{"value":"Download brief"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b17a74b6-dd65-4a0a-b279-62ed8d972f76"},"elements":{"name":{"value":"Solution briefs"},"url_slug":{"value":"solution-briefs"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Server"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"04a7e450-a31c-4b0a-863e-631cb2119cf2","codename":"solution_brief___sq_s_ee_why_upgrade__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Pairing the \"trust, but verify\" approach with the power of Sonar’s Code Quality solutions enables organizations to be confident that their AI-generated code is high-quality, maintainable, reliable, and secure. \n"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/fe0eab56-9d1e-4e28-af32-cf3c66bc4192/ai_generated_code_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"AI-Generated Code Demands ‘Trust, But Verify’ Approach to Software Development"},"index_cta":{"value":"Read blog post"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"6822e699-2033-47ac-9c69-58a87aa01e93","codename":"blogpost___white_house_emphasizes_need_for_proacti"}},{"value":{"index_subheadline":{"value":"SonarQube Cloud"},"index_perex":{"value":"Announcing new Free, Team and Enterprise plans for SonarQube Cloud"},"index_image":{"value":{"description":"Image represents a media kit with boilerplate, logos and more","height":694,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5d1abba9-871b-4bd1-8ecc-2bb0b16762a3/General-Hero-2%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"New Pricing Plans"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"1afea4e1-e61f-485b-8a1b-49a9d96e8724"},"elements":{"name":{"value":"Press Releases"},"url_slug":{"value":"press-releases"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"a51153ea-10f2-42c8-90d4-ba9a0b285fd3","codename":"linter___learn__copy__a51153e"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Are you writing logging code in your app? Logging correctly can be tricky.  It is an important part of tracking the progress of your app while running and determining the origin of problems when they arise. In this blog post Denis Troller walks you through common pitfalls and logging best practices when coding in C# with .NET."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/1819ec3a-30df-49a3-bb52-3ec27a444446/c-sharp_logging_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"C# Logging Best Practices with .NET"},"index_cta":{"value":"Read blog post"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Languages & frameworks"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"5fe2c939-5226-4f61-915f-3fb541a686ef","codename":"blogpost___c__logging"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Late last week, a developer noticed some unusual behavior on their computer, investigated it, and uncovered a hack of epic scope, in an obscure but important library called xz."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/4ed7b130-1fe0-4a03-a30c-e82614f04635/sonar-open-graph-2x-2.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"xz utils hack: what is it?"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Company news"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"d85412b6-8709-40e5-99e7-8caf6bf8aec9","codename":"blogpost___xz_utils_hack__what_is_it_"}},{"value":{"index_subheadline":{"value":"Blog Post"},"index_perex":{"value":"Last September 2023 Java 21 was released as the latest LTS (Long Time Support). But taking advantage of the changes and new features, which we are not used to including in our code, can be a tough task. Also, it can lead to improper use or poor uptake, bugs, or basically not taking full advantage of new improvements.\n"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/a9721003-a658-4ae8-a32e-9fdee3a84740/java_21_new_rules_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Ensuring the right usage of Java 21 new features"},"index_cta":{"value":"Read blog post"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Languages & frameworks"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"82933d39-614c-4aa7-a447-87eda3859b68","codename":"blogpost___ensuring_the_right_usage_of_java_21_new"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Explore the lesser-known Apache Dubbo risks that weren’t well documented until now, and delve into the importance of Code Quality ensuring clarity, maintainability, and comprehensibility."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/d08b7f02-7fe4-43fa-8cbe-9175e923e26a/apache_dubbo_consumer_risks_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Apache Dubbo Consumer Risks: The Road Not Taken"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Vulnerability research"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"8164e1df-6249-452a-9b39-c2f235a420d4","codename":"blogpost___apache_dubbo_consumer_risks__the_road_n"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"By acknowledging the impact of technical debt and embracing proactive solutions like Sonar, development teams can mitigate its effects and build software that is resilient, reliable, and scalable."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/69c9a58f-4ba6-4c43-be6c-1b5f6d5a4db0/development_speed_and_code_quality_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Technical debt’s impact on development speed and code quality"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"73081b23-9596-42dc-b696-28ebb53e26ff","codename":"blogpost___how_timely_delivery_comes_from_transpar_73081b2"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Leveraging Sonar solutions to ensure code security by design"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/705b838c-d9ff-4043-bfbc-f16b478b86c8/dora_compliance_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Digital Operational Resilience Act (DORA) Compliance for Financial Entities"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Governance"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code compliance"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"f68b10ee-210f-47e4-a780-a3e6f66877ff","codename":"blogpost___dora_compliance_for_financial_entities"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Our vulnerability researchers discovered critical vulnerabilities in Erxes with the help of SonarQube Cloud. Learn about the details and how to triage such issues in your own code!"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/58960610-017f-4c9a-ad03-0fd8c166cd7b/vulnerabilities_in_erxes_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Micro Services, Major Headaches: Detecting Vulnerabilities in Erxes' Microservices"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Vulnerability research"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"21bff6ae-9388-4b4b-b490-992d61320410","codename":"blog_post___micro_services__major_headaches__detec"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Node.js is reducing friction when using ES modules by making it easier to get the current module directory name"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/194832d8-073b-458c-b7b3-116063be9efb/dirname_in_es_modules_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"__dirname is back in Node.js with ES modules"},"index_cta":{"value":"Read blog post"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Languages & frameworks"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"bb90526c-b7bd-4a23-8e00-46af27269655","codename":"blogpost_____dirname_is_back_in_node_js_with_es_mo"}},{"value":{"index_subheadline":{"value":"Software"},"index_perex":{"value":"SonarQube for IDE and SonarQube Server help the development team reach zero technical bugs and 50% code coverage."},"index_image":{"value":{"description":null,"height":400,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/72a2b172-1866-478a-98cd-2cb1a09b4f4b/axoft_card.webp","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Tango Software"},"index_cta":{"value":"Read more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"0a4f1a31-9a41-4ee9-b452-5deb1bfd1e47"},"elements":{"name":{"value":"Customer Stories"},"url_slug":{"value":"customer-stories"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Region"}}}},"name":{"value":"North America"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Product"}}}},"name":{"value":"SonarQube Server"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Product"}}}},"name":{"value":"SonarQube for IDE"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Industry"}}}},"name":{"value":"Software"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"29c04181-9495-4bf7-ab35-91a6a89a5a87","codename":"customer_story___axoft__tango_software_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"As software development evolves, keeping up with best practices, the latest trends, and ensuring your code remains top-notch can feel like sailing uncharted waters. Sonar has the Code Quality tips for you!"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/09066b98-a5f5-41aa-9c0a-98ac0e42cbf8/clean_code_tips_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"#CleanCodeTips: Unlock Your Coding Potential"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"39e177ee-d618-4298-8b3c-5675950b68ef","codename":"blogpost____cleancodetips__unlock_your_coding_pote"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Learn how an attacker can combine multiple security vulnerabilities to achieve arbitrary code execution on a victim that tries to reply or forward a malicious mail in Mailspring."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/75e7d0c4-4811-4a1f-853b-ab1c4b907e17/r_c_e_vulnerability_mailspring_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Reply to calc: The Attack Chain to Compromise Mailspring"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Vulnerability research"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"ec2d193c-9c7f-4105-9d66-7b917e091ba1","codename":"blogpost___reply_to_calc__the_attack_chain_to_comp"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"PCI DSS 3.2.1 is being retired on March 31, 2024. Are you ready for the new standard, PCI DSS 4.0?"},"index_image":{"value":{"description":"SonarQube and PCI DSS 4.0","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/0efe26e1-9bfa-49b0-a8ca-c321725f8076/pci_dss_4_0_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Are You Ready For PCI DSS 4.0?"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Governance"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code compliance"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"309537b7-1987-4751-9bef-682e19d6b53a","codename":"blogpost___sonarqube_10_4_release_announcement__co"}},{"value":{"index_subheadline":{"value":"Blog Post"},"index_perex":{"value":"Increase readability, reduce cognitive complexity, and avoid bugs that are hard to spot with Java's Pattern Matching."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/9c571123-24c2-4b5a-881e-d78b383e3254/pattern_matching_in_java_blog_index%20%282%29.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Increase readability with Java's Pattern Matching"},"index_cta":{"value":"Read blog post"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Languages & frameworks"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"798beab0-89e6-42b1-af6b-259bf78372c8","codename":"blogpost___increase_readability_with_java_s_patter"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Learn which unexpected ways attackers may take to exploit code vulnerabilities and how to secure against them."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/e9c9976c-6a7a-4723-9a4a-d1ace3f30ea8/opennms_vulnerabilities_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"OpenNMS Vulnerabilities: Securing Code against Attackers’ Unexpected Ways"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Vulnerability research"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"0180fc86-c136-4c68-8408-147b82f62180","codename":"blogpost___opennms_vulnerabilities__securing_code_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"The ONCD recent report puts a spotlight on one of the most foundational issues that result in insecure software. Sonar applauds the administration’s call for addressing software vulnerabilities at the programming language and source code levels.\n\n"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/4ef3a97b-688d-40e2-b56e-f9e262a742a9/white_house_memory_safe_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"White House emphasizes need for proactive coding practices to counter cyber attacks"},"index_cta":{"value":"Read blog post"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Governance"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"8f1fc455-fa2b-450d-a8ac-960b7963ca92","codename":"blogpost___sonar_reaffirms_strength_of_its_informa"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"As part of our continuously advancing and improving security practice, we are pleased to announce that Sonar and its products are now certified to the latest version of the ISO72001 standard."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/78ccb47b-5861-4529-8ae5-9cac626d51aa/sonar_updates_iso_certificate_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Sonar Reaffirms Strength of its Information Security Management Systems by Earning The Latest ISO Certification, ISO27001:2022 "},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Governance"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Company news"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"307df9f2-d854-4833-9c19-aff9c42ce462","codename":"blogpost___building_the_foundation_for_a_strong_ai_307df9f"}},{"value":{"index_subheadline":{"value":"Press Release"},"index_perex":{"value":"Achievement further recognizes the strength of Sonar’s commitment to maintaining the highest standards of internal compliance, security, and information management"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/662311ba-5206-4410-a205-a3f71fce801e/sonar_updates_iso_certificate_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Sonar Achieves ISO27001:2022 Certification"},"index_cta":{"value":"Read Article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"1afea4e1-e61f-485b-8a1b-49a9d96e8724"},"elements":{"name":{"value":"Press Releases"},"url_slug":{"value":"press-releases"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"190ff728-2405-4112-b2f9-34cc1b2fb874","codename":"press_release___aisic_announcement__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Ineffective communication impacts everything in software development. To ensure your next project meets expectations, transparent communication is essential for driving timely delivery when working with internal and external development teams."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/839b29ec-3657-4416-aef2-e87ab4dc596f/prooblem_awareness_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"How timely delivery comes from transparent outsourced software development communication"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Governance"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"9e688520-4316-44b8-886d-6131ebcb0336","codename":"blogpost___how_timely_delivery_comes_from_transpar"}},{"value":{"index_subheadline":{"value":"Article"},"index_perex":{"value":"Projects are successful when they meet their objectives within the defined scope, time, and budget constraints while allowing developers to remain productive. Managing scope creep is crucial for achieving project success and delivering a product that meets stakeholders' expectations."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/9097eee1-b865-481e-9293-7392ad407ab2/learn-page-graphic-02-index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Outsourced Software Development and Scope Creep: Three Ways to Manage Teams at the Code Level "},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"c678188d-3aa7-486a-84e9-69ac65768431"},"elements":{"name":{"value":"Learn articles"},"url_slug":{"value":"learn-articles"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Type"}}}},"name":{"value":"Learn article"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"4a11bc49-67b4-4dc5-a5cd-8913654087e9","codename":"outsourcing_use_case___outsourced_software_develop_4a11bc4"}},{"value":{"index_subheadline":{"value":"Blog Post"},"index_perex":{"value":"We know that immutable objects are easier to maintain, lead to fewer errors, and are multi-thread friendly. This article will show two different approaches to creating objects: Builders and Withers, along with a new type of immutable object in Java: Records"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/4e7b2e5e-5b8b-4ab8-8fbe-88ab1661ae77/java_immutability_blog_index%20%281%29.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Builders, Withers, and Records - Java’s path to immutability"},"index_cta":{"value":"Read blog post"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Languages & frameworks"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"241ac9ad-6795-431a-ac92-03dbfc952171","codename":"blogpost___builders__withers__and_records___java_s"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Our Code Quality solution, SonarQube Cloud, led us to a severe security issue in the popular Content Management System Joomla."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/51277f8d-1245-4bb8-bbc4-7e0102838175/joomla_xss_vulnerabilities_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Joomla: PHP Bug Introduces Multiple XSS Vulnerabilities"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Vulnerability research"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"e7a1c4aa-2408-4880-a754-3d0b10f3c2c0","codename":"blogpost___joomla__multiple_xss_vulnerabilities"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"The JavaScript Set was introduced to the language in the ES2015 spec, but it has always seemed incomplete. That's about to change with the addition of functions like intersection, union and difference."},"index_image":{"value":{"description":"A stylistic Venn diagram","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/ce0d4f6b-4dfa-4f4f-a8a0-6b1936bfbac5/new_set_methods_javascript_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Union, intersection, difference, and more are coming to JavaScript Sets"},"index_cta":{"value":"Read blog post"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Languages & frameworks"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"9fc6cb68-3238-41a8-8e4f-592077a0fcf0","codename":"blogpost___union__intersection__difference__and_mo"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"SonarQube Server 10.4 was recently released and it includes 48 new rules and one updated rule to help you to write Code Quality in your React applications."},"index_image":{"value":{"description":"The SonarQube and React logos","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/cfc000be-6015-4ea5-aa6b-73ffc5522661/new_react_rules_in_sq_10_3_and_10_4_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Write cleaner React code with SonarQube Server 10.4"},"index_cta":{"value":"Read blog post"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"5375c357-fda1-4364-b451-6b81dbd74fd7","codename":"blogpost___write_cleaner_react_code_with_sonarqube"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We are modernizing our Web API. In this post, Aurélien Poscia explains how and why."},"index_image":{"value":{"description":"Image of Sonar's Web API V2","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/f9f803d5-0465-47ab-b9cf-8e0c0de0f0f8/new_sonar_web_api_v2_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Introducing the new Sonar Web API V2"},"index_cta":{"value":"Read blog post"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"26a99af6-fecd-4b4c-929d-aa924d9e253f","codename":"blogpost___new_web_api_v2"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Sonar is honored to participate in the newly established U.S. Artificial Intelligence Safety Institute Consortium (AISIC) effort and is excited to join other leaders at the forefront of AI development. "},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/ad3f101d-5396-4a27-ac2d-1e6dcf361831/AISIC_blog-index%402x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Building the foundation for a strong AI future"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"AI"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Company news"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"e870e08c-3797-4d43-a75a-d5ecbb57b8f4","codename":"blogpost___sonar_s_scoring_on_the_top_3_python_sas_e870e08"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Outsourcing software development requires a clear understanding of the potential risks. In this blog, we discuss five risks of this widely adopted strategy and provide tactics to minimize risk in delivered software."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/c8c92af7-4da9-4e2e-bd0e-d24d33461ca3/risks_of_outsourcing_software_development_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"5 Risks of Outsourcing Software Development and How to Avoid Them"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Governance"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"22554131-95cc-4dec-9cdf-2eea9188ff04","codename":"blogpost___5_risks_of_outsourcing_software_develop"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"The SonarQube Server 10.4 release includes some exciting changes that show the benefit of Code Quality and the Clean as You Code methodology. Scan times are faster and connecting to SonarQube for IDE is easier. Sonar is introducing easy onboarding for GitLab, new support for Helm Charts, and much more."},"index_image":{"value":{"description":"Picture showing SonarQube 10.4 release","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/d790ff3e-7574-4af7-9ff4-14958c9dcbe0/sq_10_4_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"SonarQube Server 10.4 Release Announcement"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Server"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Company news"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"24d3baef-aa14-4470-b163-d942c3247aa3","codename":"blogpost___sonarqube_10_4_release_announcement"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"The dangerous Desanitization pattern led to an XSS vulnerability in the open-source helpdesk software osTicket, which can be used to leak customer data."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/e5212578-5794-4632-88f6-4a298bc9cb42/pitfalls_of_desanitization_leaking_customer_data_from_osticket_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Pitfalls of Desanitization: Leaking Customer Data from osTicket"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Vulnerability research"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"efc6df26-9d1b-4bd3-9e19-07fb72998c76","codename":"blogpost___pitfalls_of_desanitization__leaking_cus"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Juliet C# is a project from the National Institute of Standards and Technology of the USA. As a security benchmark project, we used Juliet C# 1.3 to test and improve our C# analyzer. Here is a glimpse of the work we did around Juliet and some of its test cases related to the SecureString .NET type.\n"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/93a64a05-fe40-4c98-9145-de84ccf8bd3b/juliet_c_security_benchmark_the_securestring_case_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Juliet C# Benchmark and the SecureString case"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Languages & frameworks"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"2545b8de-02af-4f3e-aa1f-1fedc40d5c55","codename":"blogpost___juliet_c__and_the_benchmark_initiative"}},{"value":{"index_subheadline":{"value":"Press Release"},"index_perex":{"value":"Sonar will be one of more than 200 leading AI stakeholders to help advance the development and deployment of safe, trustworthy AI under new U.S. Government safety institute"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/ad3f101d-5396-4a27-ac2d-1e6dcf361831/AISIC_blog-index%402x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Sonar Announces Participation in Department of Commerce Consortium Dedicated to AI Safety "},"index_cta":{"value":"Read Article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"1afea4e1-e61f-485b-8a1b-49a9d96e8724"},"elements":{"name":{"value":"Press Releases"},"url_slug":{"value":"press-releases"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"1162d5ab-fa1c-4624-8109-75a546a8162c","codename":"press_release___chro_press_release__copy_"}},{"value":{"index_subheadline":{"value":"Press Release"},"index_perex":{"value":"As an HR leader with over 20 years of experience building and scaling global companies, O’Connell joins the Code Quality market leader to support its next phase of growth"},"index_image":{"value":{"description":null,"height":400,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/da930ba7-6736-481b-bd72-0c3a8a77f79a/clarissa_o_connell_chro_card.webp","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Clarissa O’Connell Joins Sonar as Chief Human Resources Officer"},"index_cta":{"value":"Read Article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"1afea4e1-e61f-485b-8a1b-49a9d96e8724"},"elements":{"name":{"value":"Press Releases"},"url_slug":{"value":"press-releases"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"ac1893a0-6ef6-4163-b52d-d96e110ebc45","codename":"press_release___secrets_detection__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"This blog post highlights the importance of verifying the origin of JavaScript message events and outlines the potential impact of omitting this by detailing two critical vulnerabilities in the Squidex application."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/15632114-af55-440e-85bd-72b9a9f67069/the_importance_of_verifying_message_origins_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Who are you? The Importance of Verifying Message Origins"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Vulnerability research"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"bc5454f6-1bc1-4804-9539-cd9119823a0c","codename":"blogpost___who_are_you__the_importance_of_verifyin"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"This blog uncovers two vulnerabilities, a Critical and High severity, recently discovered by our research team. Exploiting these vulnerabilities, attackers have the potential to gain Remote Code Execution on a Jenkins instance."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/abef1f96-f752-4016-8fb8-43788dcf920e/Vulnerabilities%20in%20Jenkins_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Excessive Expansion: Uncovering Critical Security Vulnerabilities in Jenkins"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Vulnerability research"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"9dc988e6-c73e-4b8f-9d39-8031da298fef","codename":"blogpost___excessive_expansion__uncovering_critica"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Sonar is helping make C# code clean as Microsoft ASP.NET Core Blazor application development grows"},"index_image":{"value":{"description":"Image of Blazor support by Sonar","height":1254,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/8aead24f-13f1-4d91-963a-e09dae745a26/blazor_and_sonar_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Sonar is helping make C# code clean as Microsoft ASP.NET Core Blazor application development grows"},"index_cta":{"value":"Read blog post"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Languages & frameworks"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Server"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"69b88252-71a3-4e49-a349-9bd86e69828b","codename":"blogpost___blazor_applications"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We share the biggest three issues we faced and the lessons we learned as we upgraded SonarQube Server to React 18."},"index_image":{"value":{"description":"The SonarQube and React logos","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/24925689-03d1-4e05-84ea-16b2b2ab71bc/react_18_in_sonarqube_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Lessons learned upgrading to React 18 in SonarQube Server"},"index_cta":{"value":"Read blog post"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Server"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Languages & frameworks"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"2e9b9fba-ff35-4dab-a25f-a8a1b333f2cc","codename":"blogpost___lessons_learned_upgrading_to_react_18_i"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Last week an important judicial ruling came down on a very intriguing case about open source license compliance. In this post, I'll talk about what makes it so interesting and potentially impactful across our industry."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/4ed7b130-1fe0-4a03-a30c-e82614f04635/sonar-open-graph-2x-2.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Will the new judicial ruling in the Vizio lawsuit strengthen the GPL?"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"e485785c-d90f-4d43-90ac-49a34bbf94d1","codename":"blogpost___will_the_new_judicial_ruling_in_the_viz"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Our Vulnerability Research team looks back at a great year and summarizes the highlights of 2023."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/64df6ab9-c247-4c0d-b62e-3bb168077339/vulnerability_research_highlights_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Vulnerability Research Highlights 2023"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Vulnerability research"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Company news"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"7091cd35-5493-4dae-9806-c094e2681bc0","codename":"blogpost___vulnerability_research_highlights_2023"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We're excited to share not only how Sonar performs on Python benchmarks but also the ground truth corresponding to the list of expected and not-so-expected issues.\n"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/13294037-5b6b-404a-8593-5751003436e3/c_sast_benchmarks_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Sonar's Scoring on the Top 3 Python SAST Benchmarks"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"dcbd0459-d132-4617-9ca4-3b8623eb7067","codename":"blogpost___sonar_s_scoring_on_the_top_3_python_sas"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"The Developer Advocate team shares their predictions on what they foresee for DevOps trends and hot topics in 2024."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5bf25ac4-d412-48eb-a98f-1de2363ffeab/devops_predictions_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"2024 DevOps Predictions from the Sonar Developer Advocate Team"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"2bfa4046-9b6d-49e0-a8d1-da9347413203","codename":"blogpost___sonar___black_hat_europe___copy_"}},{"value":{"index_subheadline":{"value":"Software"},"index_perex":{"value":"Learn how ConfigCat, a cloud-based solution for feature flagging, faced the challenge of maintaining high code\nquality and security across a multitude of programming languages."},"index_image":{"value":{"description":null,"height":400,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/6f30e5ce-6a4f-45f1-bcf8-852623875f09/configcat_card.webp","width":704}},"index_icon":{"value":null},"index_headline":{"value":"ConfigCat"},"index_cta":{"value":"Read More"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"0a4f1a31-9a41-4ee9-b452-5deb1bfd1e47"},"elements":{"name":{"value":"Customer Stories"},"url_slug":{"value":"customer-stories"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Product"}}}},"name":{"value":"SonarQube Cloud"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Region"}}}},"name":{"value":"Europe"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Industry"}}}},"name":{"value":"Software"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"77f92f8d-6d3a-4593-85a9-bf1487f3ae1e","codename":"customer_story___recognyte__copy__77f92f8"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Reflecting on changes in the industry over the past year, as well as the research we’ve published, the Sonar Vulnerability Research team came together and compiled our thoughts on what we foresee for cybersecurity in 2024."},"index_image":{"value":{"description":null,"height":1254,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5c31ddcb-0f0b-45f6-9ef6-dbd445f6025a/2024_security_predictions_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"2024 Security Predictions from the Sonar Research Team"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"02dcafd7-9753-48d5-8b71-462bb5f268c7","codename":"blogpost___2024_security_predictions_from_the_sona"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Last week, several SonarSourcers traveled to London to attend our third Black Hat event of the year. Here's what happened!"},"index_image":{"value":{"description":null,"height":1254,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/1617c8c9-0faa-4f13-9d13-05721dd7ef2a/sonar_at_blackhat_eu_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Sonar @ Black Hat Europe!"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"51643b2c-1757-45e7-b9e2-b2ba832b12e1","codename":"untitled_content_item_51643b2"}},{"value":{"index_subheadline":{"value":"Press Release"},"index_perex":{"value":"New feature in SonarQube for IDE, SonarQube Server, and SonarQube Cloud allows developers to detect leaked secrets at multiple points in the code development process – in the IDE, throughout code repositories, and across the CI/CD lifecycle"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/98f13759-0258-4427-8deb-516d6dc77e99/secrects-detection_index.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Sonar Announces Secrets Detection to Significantly Reduce Risk of Sensitive Data Exposure and Compromise in Code"},"index_cta":{"value":"Read Article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"1afea4e1-e61f-485b-8a1b-49a9d96e8724"},"elements":{"name":{"value":"Press Releases"},"url_slug":{"value":"press-releases"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"3c9684c7-17da-4d7f-93e2-89d7bb0528a8","codename":"press_release___sonarqube_16_awards__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Our Code Quality solution SonarQube Cloud discovered multiple vulnerabilities leading to remote code execution on pfSense CE 2.7.0. Let's see how SonarQube Cloud found them and how it can keep your code clean."},"index_image":{"value":{"description":null,"height":1254,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/bf453bc7-6980-489e-9b4d-09ff939c983d/pfsense_code_vulnerabilities_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"pfSense Security: Sensing Code Vulnerabilities with SonarQube Cloud"},"index_cta":{"value":"Read blog post"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"47758af9-b6cf-406b-b21c-a70465bf493e","codename":"blogpost___pfsense_security__sensing_code_vulnerab"}},{"value":{"index_subheadline":{"value":"Technology Spotlight"},"index_perex":{"value":"There are small, but common pitfalls and errors encountered when writing React code. Learn more about how to avoid them with code examples designed to be cut, pasted, and tried by the reader, whether an experienced JavaScript | TypeScript developer or just starting out."},"index_image":{"value":{"description":"Lesser spotted react mistakes and how to avoid them guide","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/bc442218-7bb1-442b-b2cf-8dd9bd0e4c56/Lesser-Spotted-React-Mistakes_Hero-and-Index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Lesser Spotted React Mistakes and How to Avoid Them"},"index_cta":{"value":"Read White Paper"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"4288f54f-c21e-46e1-9321-eaeefc10a1ca"},"elements":{"name":{"value":"White Papers"},"url_slug":{"value":"white-papers"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"45771613-60e9-4646-840c-b41041682e30","codename":"white_paper_post___the_costly_consequences_of_bad__4577161"}},{"value":{"index_subheadline":{"value":"Blog Post"},"index_perex":{"value":"Spring framework offers a lot of help in the development, but we still have to pay attention and make the right use of it in order to avoid some issues."},"index_image":{"value":{"description":null,"height":1254,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/0618970f-52b3-4a04-9014-53fee3f88588/spring_boot_coding_pitfalls_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Spring framework pitfalls"},"index_cta":{"value":"Read blog post"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"b9883dfd-a3c4-4b36-bf9a-73fd64568172","codename":"blogpost___spring_framework_pitfalls"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Nesting ternary operators makes code more complex and less clear. Let's investigate other ways to write conditional expressions."},"index_image":{"value":{"description":" An artistic impression of nested code with a big red cross over the top right corner.","height":1254,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/f7bc5880-f1b4-4e15-a048-17be9ffa8602/stop_nesting_ternaries_in_javascript_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Stop nesting ternaries in JavaScript"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Languages & frameworks"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"ffeb467e-5ec6-4647-bcac-aceef482522c","codename":"blogpost___stop_nesting_ternaries_in_javascript"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Not only does bad code cost companies millions of dollars, but countless hours of lost time, productivity, and brand reputation too. By acknowledging the existence of bad code and implementing proactive measures to mitigate its impact, developers and organizations can steer software toward success. "},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/f520b31d-6cc5-4f3f-80e4-d85628182c31/costly_consequences_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Unraveling the Costs of Bad Code in Software Development"},"index_cta":{"value":"Read blog post"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"2bfbafa2-f392-4b55-8d3d-32faefbf2cd4","codename":"blogpost___unraveling_the_costs_of_bad_code_in_sof"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"What are hard coded secrets? Why do you care if secrets are hidden in your code? How does Sonar help prevent secrets from getting into your code, entering your repository, and leaking out from your CI/CD pipeline? In this post, Product Manager, Alex Gigleux, answers all your questions."},"index_image":{"value":{"description":"Image of preventing secrets in code","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/35ee22d4-a11d-4a8f-a32c-439250bee1f1/secrects_detection_blog_hero_and_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Sonar keeps your secrets from leaking … unlike that \"trusted\" friend from grade school"},"index_cta":{"value":"Read blog post"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"69f266b6-b925-4933-baad-36a5df1573fc","codename":"blogpost___secrets_detection"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Omdia — an analyst firm that provides decades of industry experience, world-class research and consultancy, and actionable insights in over 200 markets — has published research about Sonar, our solutions, and recent innovations of deeper SAST and zero-configuration automatic analysis for C/C++. The research digs into why Sonar should be on your radar and also takes a look at the market view as well as from a current positioning. \n"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/245aa8f4-4550-4f24-a8a7-304a93f3c0cd/omdia-hero-image.jpeg","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Sonar is “On the Radar”: New Omdia Report "},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"09128ca1-9a69-4cf9-9c4e-19d4ae3e07b3","codename":"blogpost_i_sonar_is__on_the_radar___new_omdia_repo"}},{"value":{"index_subheadline":{"value":"Technology Spotlight"},"index_perex":{"value":"In this paper, Omdia provides research notes to outline two of our recent and significant innovations that address the quality and security issues that inevitably arise as application code is being developed -  “Deeper” SAST and automatic analysis of C and C++ projects."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/a55d207b-e68f-4f27-b2b3-5cb2c34cf34f/omdia_on_the_radar_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Omdia: On the Radar"},"index_cta":{"value":"Read White Paper"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"4288f54f-c21e-46e1-9321-eaeefc10a1ca"},"elements":{"name":{"value":"White Papers"},"url_slug":{"value":"white-papers"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"09b53821-be5c-4dec-846e-ed7ccd135622","codename":"white_paper_post___omdia_white_paper__copy_"}},{"value":{"index_subheadline":{"value":"Blog Post"},"index_perex":{"value":"Let's dig into the projects using Java as language and see, according to what SonarQube for IDE telemetry shows, that there are still lots of issues that appear in the huge list of analyzed projects. "},"index_image":{"value":{"description":null,"height":1254,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/7293f25a-1ce5-4395-931d-1e612070ba78/top_issues_in_java_projects_blog_index%20%281%29.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Top issues in Java projects"},"index_cta":{"value":"Read blog post"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"18395ad5-96d5-44f1-ac47-4e20baeeaeca","codename":"blogpost___top_6_issues_in_java_projects"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"It's time to wrap up our series on the security of Visual Studio Code with new vulnerabilities in the NPM integration, bypassing the Workspace Trust security feature."},"index_image":{"value":{"description":null,"height":1254,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/c2ae785c-a6a3-410b-a598-5a4010559f0b/vs_code_security_npm_vulnerabilities_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Visual Studio Code Security: Finding New Vulnerabilities in the NPM Integration (3/3)"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"c94787d2-8ee2-4c3f-a850-72e7f3fc6677","codename":"blogpost___visual_studio_code_security__finding_ne"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"The new SonarQube Server 10.3 release is out now, including Secrets Detection at the Source, Code Quality Taxonomy & Clean as You Code Updates, Automate Provisioning GitHub Projects and Teams, 2023 CWE Top 25 Report, the Blazor Framework, and Stronger Security.\n"},"index_image":{"value":{"description":"SonarQube 10.3 Release Announcement Image","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/67857686-869c-4832-98ba-9fb30097e67a/sq_10_3_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"SonarQube Server 10.3 Release Announcement"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"a01fc05f-5f36-4826-bf67-5cac733d223b","codename":"blogpost___sonarqube_10_3_release_announcement"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We took a look at the security of the most popular code editor, Visual Studio Code! This blog post covers vulnerabilities our researchers discovered in third-party extensions."},"index_image":{"value":{"description":null,"height":1254,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/ce58b847-3724-4e35-bcfa-1c2a6e17a497/vs_code_security_markdown_vulnerabilities_in_third_party_extensions_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Visual Studio Code Security: Markdown Vulnerabilities in Third-Party Extensions (2/3)"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"9f51f2ff-5324-4187-9323-7ea0e97ed910","codename":"blogpost___visual_studio_code_security__markdown_v"}},{"value":{"index_subheadline":{"value":"Press Release"},"index_perex":{"value":"Sonar open source self-managed tool SonarQube Server recognized for supporting customers to deliver software fit for development and production"},"index_image":{"value":{"description":null,"height":1254,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/f05dee0e-bad8-4cdb-94c6-44661af5f4c0/MediaAlert_Social_2400x1256.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"SonarQube Server Receives 16 Awards from Industry Peer Review Sites for Excellence in Enabling Customers to Achieve Code Quality"},"index_cta":{"value":"Read Article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"1afea4e1-e61f-485b-8a1b-49a9d96e8724"},"elements":{"name":{"value":"Press Releases"},"url_slug":{"value":"press-releases"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"6b2f7752-b487-422e-9ff9-6dba4a1f1bbe","codename":"press_release___sonar_to_present_at_gartner_it_sym"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":" Sonar's Scoring on the Top 3 C# SAST Benchmarks"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5b5ad127-f19d-47a7-afdd-9d303324e829/c_sast_benchmarks_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Sonar's Scoring on the Top 3 C# SAST Benchmarks"},"index_cta":{"value":"Read blog post"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"b778fa6a-b0a3-4197-ada4-52ee082f1264","codename":"blogpost___sonar_s_scoring_on_the_top_3_c__sast_be"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We took a look at the security of the most popular code editor, Visual Studio Code! This blog post covers common risks and attack surfaces so you know what to expect when using it."},"index_image":{"value":{"description":null,"height":1254,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/eda788d6-c636-4492-b70d-da91a829c6d7/vs_code_security_deep_dive_into_your_favorite_editor_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Visual Studio Code Security: Deep Dive into Your Favorite Editor (1/3)"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"02b42d71-a8ae-4390-a56a-d1eee1e95904","codename":"blogpost___visual_studio_code_security__deep_dive_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Linux Foundation Executive Director Jim Zemlin joins Sonar Founder and co-CEO Olivier Gaudin to discuss Code Quality, open-source development, cybersecurity, and more! "},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/62ac0224-8354-433f-b12d-a1ce9383128f/linux_foundation_chat_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Linux Foundation Chat: Open Source & Code Quality"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"d8b23e8b-c0a4-43c0-9fbe-bb1ed1486e73","codename":"blogpost___linux_foundation_chat__open_source___cl"}},{"value":{"index_subheadline":{"value":"Software"},"index_perex":{"value":"A unified solution for an end-to-end software quality process."},"index_image":{"value":{"description":null,"height":1440,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/abb5be6e-c9b5-4edf-a1d1-e1a1d70eaf6a/datev_customerstory_square.webp","width":1440}},"index_icon":{"value":null},"index_headline":{"value":"DATEV"},"index_cta":{"value":"Read more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"0a4f1a31-9a41-4ee9-b452-5deb1bfd1e47"},"elements":{"name":{"value":"Customer Stories"},"url_slug":{"value":"customer-stories"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Product"}}}},"name":{"value":"SonarQube Server"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Region"}}}},"name":{"value":"Europe"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Industry"}}}},"name":{"value":"Software"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"cf6a4647-9ede-4dd7-9245-070461f636d5","codename":"customer_story___recognyte__copy_"}},{"value":{"index_subheadline":{"value":"Technology"},"index_perex":{"value":"RR Mechatronics’ Strategic Approach to Technical Debt with SonarQube Server"},"index_image":{"value":{"description":null,"height":1440,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/35e7e776-0abb-4826-809b-cce904ac9db2/rr_mechatronics_square.webp","width":1440}},"index_icon":{"value":null},"index_headline":{"value":"RR Mechatronics"},"index_cta":{"value":"Read more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"0a4f1a31-9a41-4ee9-b452-5deb1bfd1e47"},"elements":{"name":{"value":"Customer Stories"},"url_slug":{"value":"customer-stories"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Product"}}}},"name":{"value":"SonarQube Server"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Region"}}}},"name":{"value":"North America"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Industry"}}}},"name":{"value":"Technology"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"511b034c-7c00-489e-894f-884e3b838efa","codename":"customer_story___rr_mechatronics"}},{"value":{"index_subheadline":{"value":"Software"},"index_perex":{"value":"Discover how SonarQube Cloud Quality Gates can act as a benefit, not a bottleneck, for streamlining the DevOps workflow"},"index_image":{"value":{"description":null,"height":400,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/fd27df98-9a4a-4716-b536-1d70360a392b/recognyte_card_2x.webp","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Recognyte"},"index_cta":{"value":"Read more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"0a4f1a31-9a41-4ee9-b452-5deb1bfd1e47"},"elements":{"name":{"value":"Customer Stories"},"url_slug":{"value":"customer-stories"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Product"}}}},"name":{"value":"SonarQube Cloud"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Region"}}}},"name":{"value":"Europe"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Industry"}}}},"name":{"value":"Software"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"d47849f7-7328-4cc5-a1eb-6f7989c4c2ab","codename":"customer_story___recognyte"}},{"value":{"index_subheadline":{"value":"Technology Spotlight"},"index_perex":{"value":"This paper aims to create a deeper understanding of what bad code is and the downstream effects it can have on any organization. Bad code, characterized by functional shortcomings and readability issues, poses significant risks to software integrity and organizational well-being."},"index_image":{"value":{"description":null,"height":746,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/c8a2497c-68ef-4e79-aec3-e931cb8887b3/costly_consequences_of_bad_code_guide_index.webp","width":1212}},"index_icon":{"value":null},"index_headline":{"value":"The costly consequences of bad code for the enterprise"},"index_cta":{"value":"Read White Paper"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"4288f54f-c21e-46e1-9321-eaeefc10a1ca"},"elements":{"name":{"value":"White Papers"},"url_slug":{"value":"white-papers"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"359141da-d9f4-49ae-8a56-03646d065bdf","codename":"white_paper_post___the_costly_consequences_of_bad_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Dev tooling is not only helping shift issues left, but the tools also help identify issues that happen later, or to the right, in the development lifecycle. Like detecting secrets before they go into production or platform configuration issues."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/a2b0b9e4-30f0-4183-80c0-8dd86152a324/shifting_right_for_secure_platforms_and_devops_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Shifting Right for Secure Platforms and DevOps"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"6445db3c-5a42-465d-bdce-868e7fd9b789","codename":"blogpost___shifting_right_for_secure_platforms_and"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Those who are not using AI-based coding tools mostly have no plans to use them in the future either, with 45% selecting that option and only 6% not using them today, but planning to in the future."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/4ed7b130-1fe0-4a03-a30c-e82614f04635/sonar-open-graph-2x-2.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Younger open source maintainers are significantly more likely to use AI-based coding tools"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"43625b85-5b12-4020-a3fb-c9d8ec2dc12c","codename":"blogpost___younger_open_source_maintainers_are_sig"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Last week, members of our AppSec and Vulnerability Research teams attended the Hexacon in Paris to learn, share, and network. Read more about our highlights."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/f1052fde-539c-4934-8274-323f48ca2757/highlights_hexacon_2023_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Highlights from Hexacon 2023"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"88b452ca-0709-4727-87f5-48762e5364a5","codename":"untitled_content_item_88b452c"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"If you’ve followed us for a while, you most likely noticed that we changed the way we describe what we do. It feels like in the last couple of years, we finally managed to settle on what we had been looking for from the beginning: Code Quality. But what is Code Quality, and what does it encompass?"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/77ae853a-51ae-474b-b9ab-04e7629ada1d/what_is_clean_code_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"What is Code Quality?"},"index_cta":{"value":"Read blog post"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"91aeb9a0-06b5-49b8-892e-3fb7ccd82d3e","codename":"blogpost___what_is_clean_code_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We recently uncovered two critical code vulnerabilities in the personal cloud system CasaOS. Let's see what we can learn from them."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/3f0f356e-ad73-4f7b-8c76-ef2489feb469/Hero.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Security Vulnerabilities in CasaOS"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"fc7d8817-781b-4db1-99a1-8b7e3b8ef5a1","codename":"blogpost___security_vulnerabilities_in_casaos"}},{"value":{"index_subheadline":{"value":"Press Release"},"index_perex":{"value":"Manish Gupta, CMO of Sonar, to deliver presentation on the importance of investing in the foundation of software and the benefits of a Code Quality approach"},"index_image":{"value":{"description":null,"height":2512,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/44bbc00e-da11-4830-a795-3d18a69dcbd5/Gartner%20IT%20Symposium-Xpo_2400x1256.png","width":4800}},"index_icon":{"value":null},"index_headline":{"value":"Sonar to Present at Gartner IT Symposium/Xpo"},"index_cta":{"value":"Read Article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"1afea4e1-e61f-485b-8a1b-49a9d96e8724"},"elements":{"name":{"value":"Press Releases"},"url_slug":{"value":"press-releases"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"aeb36fcc-9479-4cf1-874a-0df0ace059fa","codename":"press_release___sonar_delivers_clean_code_with_zer_aeb36fc"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":" Java SAST Benchmarks: why you shouldn't trust them blindly"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/2f9f9f8c-2c32-4b09-9f3a-544fc9dafbaf/java_sast_benchmark_why_you_shouldnt_trust_them_blindly_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Java SAST Benchmarks: why you shouldn't trust them blindly"},"index_cta":{"value":"Read blog post"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"e45e38b7-7a4d-44a4-a54a-de29df42ef9e","codename":"blogpost___java_sast_benchmarks__why_you_shouldn_t"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Interview with Sonar Java Enthusiasts"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/7031f784-ed58-4cbb-9054-5a352e680357/interview_with_java_devs_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Interview with Sonar Java Enthusiasts"},"index_cta":{"value":"Read blog post"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"7ace5abb-8ea6-48b5-8ede-fd6e2e55ae13","codename":"blogpost___interview_with_sonar_java_enthusiasts"}},{"value":{"index_subheadline":{"value":"Blog Post"},"index_perex":{"value":"Sonar founder and co-CEO, Olivier Gaudin, sits down with ISMG's Tom Field at Black Hat USA 2023 to discuss how development can be improved to avoid security issues."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/7fdaf01f-8f86-4022-981e-a4b578ab24a2/ismg_interview_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"ISMG Interview - Securing Applications, Accelerating DevOps with Code Quality"},"index_cta":{"value":"Read blog post"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"39c0407f-0273-4ada-b839-f81458c260af","codename":"blogpost___ismg_interview___securing_applications_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":" Why I’m passionate about Static Analysis and how I helped make it better"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/78644db9-2502-475a-ae0b-ee50203bd1bf/cpp_podcast_key_take_aways_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Why I’m passionate about Static Analysis and how I helped make it better"},"index_cta":{"value":"Read blog post"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"fc69fe80-ce76-4bc6-9c5f-85f4819b4bf8","codename":"blogpost___why_i_m_passionate_about_static_analysi"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"A deep investigation into regular expression denial of service (ReDoS) vulnerabilities in JavaScript"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/22b2d211-1dae-47d2-a6a1-a733028c3381/redos_attacks_in_javascript_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"A comprehensive guide to the dangers of Regular Expressions in JavaScript"},"index_cta":{"value":"Read blog post"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"e1771e07-8c67-4cc9-9577-f4a95e592e7e","codename":"blogpost___a_comprehensive_guide_to_the_dangers_of"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Extracting archives can be very dangerous. Read more about a critical Zip Slip vulnerability SonarQube Cloud detected in the open-source application OpenRefine."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/77ca6fd8-b2f6-48fb-b993-34ffcfd141a5/openrefine_zip_slip_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Unzipping Dangers: OpenRefine Zip Slip Vulnerability"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"ec4c2cef-974c-40eb-8d23-5d532ff0013e","codename":"blogpost___unzipping_dangers__openrefine_zip_slip_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":" Enhancing SAST Detection: Sonar's Scoring on the Top 3 Java SAST Benchmarks"},"index_image":{"value":{"description":"Sonar's Scoring on the Top 3 Java SAST Benchmarks","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/31254ae7-20f3-4367-bb83-173e634e618d/java_benchmarks_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Sonar's Scoring on the Top 3 Java SAST Benchmarks"},"index_cta":{"value":"Read blog post"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"83cf8200-e5cf-47a5-822e-7236394701d7","codename":"blogpost___enhancing_sast_detection__sonar_s_scori"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Our Vulnerability Research team discovered a critical vulnerability in the popular CI/CD server TeamCity, which attackers could use to steal source code and poison build artifacts."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/c98d8cef-13c5-41ae-99a2-5d1dffaa51c9/teamcity_vulnerability_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Source Code at Risk: Critical Code Vulnerability in CI/CD Platform TeamCity"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"68819849-cb56-4af1-9e85-4223ee5d85f2","codename":"blogpost___source_code_at_risk__critical_code_vuln_6881984"}},{"value":{"index_subheadline":{"value":"Blog Post"},"index_perex":{"value":"Open Source Summit 2023"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/bc352588-9c6f-4da9-ad87-305da97379c5/open_source_summit_summary_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Open Source Summit 2023"},"index_cta":{"value":"Read blog post"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"0e0c8325-a7e3-4ef9-b1b3-53cad9f23d87","codename":"untitled_content_item_0e0c832"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Understanding how Cognitive Complexity works will help guide you on where to focus your time. This blog dives into how this Sonar-exclusive metric was formulated to accurately measure the relative understandability of methods. "},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/966004b2-df51-4096-b4e1-676024cbd862/cognitive-complexity-guide_hero-index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"5 Code Quality Tips for Reducing Cognitive Complexity"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"f1ac896c-c776-482a-b4e6-c1ddced59090","codename":"blogpost___5_clean_code_tips_for_reducing_cognitiv"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Our Research team discovered critical code vulnerabilities in Proton Mail, Skiff, and Tutanota. This post covers an XSS vulnerability in Tutanota Desktop and how it can be prevented."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/e36b96c9-2703-4d5c-9fe2-bc821c5eaaee/stealing_with_style_tutanota_blog_index_v2.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Remote Code Execution in Tutanota Desktop due to Code Flaw"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"fe792669-86e4-49d0-b15f-a8e828b682db","codename":"blogpost___remote_code_execution_in_tutanota_deskt"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Let's check what the new Java JDK21 LTS brings"},"index_image":{"value":{"description":"Java JDK 21 LTS features","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/fd9c3f5b-9e7c-43e7-81a3-dd9ed735e48e/java-jdk-21-lts_blog-index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"The new JDK LTS is out! Long live JDK 21! Well, for the next 8 years."},"index_cta":{"value":"Read blog post"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"c30c0786-17ab-4ea3-9493-657dbe0a9431","codename":"untitled_content_item_c30c078"}},{"value":{"index_subheadline":{"value":"Press Release"},"index_perex":{"value":"SonarQube Cloud zero-configuration, automatic analysis feature removes friction to analyzing C and C++ projects, regardless of compiler, to help organizations reduce technical debt"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/b1f12cb4-331d-4bba-9e9f-255b304ead1d/automatic-analysis_landscape.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Sonar Delivers Code Quality with Zero-Configuration Analysis of C and C++ Projects"},"index_cta":{"value":"Read Article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"1afea4e1-e61f-485b-8a1b-49a9d96e8724"},"elements":{"name":{"value":"Press Releases"},"url_slug":{"value":"press-releases"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"16891958-a2d7-4024-ad8c-bc5c34962412","codename":"press_release___tariq_shaukat_joins_sonar_as_co_ce"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"With SonarQube Server, organizations can readily deploy workflows integrated directly into their pipelines to build on their teams’ skill sets and create resiliency to new risks. "},"index_image":{"value":{"description":null,"height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/4289fda4-078a-471e-8279-a4f2aec97ef0/enhancing_software_dev_through_sq_blog_feature.webp","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"Enhancing Software Development Practices through SonarQube Server: A Path to Continuous Learning"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"ed7543d6-e838-40e8-b31d-b2e0a047c268","codename":"blogpost___enhancing_software_development_practice"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"TypeScript already understands JavaScript, but you can get more out of it when you add types to your JavaScript with JSDoc or TypeScript declaration files"},"index_image":{"value":{"description":"Get the benefits of TypeScript without writing TypeScript","height":2160,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/083b6b2a-e0c1-4b39-b651-9b571292ba1e/benefits-of-TypeScript-without-TypeScript-blog-feature.png","width":2160}},"index_icon":{"value":null},"index_headline":{"value":"Typing your JavaScript without writing TypeScript"},"index_cta":{"value":"Read blog post"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"e0307598-6bf8-481c-a1f4-b0e512a9c824","codename":"blogpost___typing_your_javascript_without_writing_"}},{"value":{"index_subheadline":{"value":"solution brief"},"index_perex":{"value":"Enhance your existing SonarQube setup with advanced open-source code analysis and supply chain insights so your teams can stay secure without slowing down."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/8b080417-2419-4a4c-88e2-6ce486ead20b/sonarqube_advanced_security_PR_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"SonarQube Advanced Security"},"index_cta":{"value":"Download brief"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b17a74b6-dd65-4a0a-b279-62ed8d972f76"},"elements":{"name":{"value":"Solution briefs"},"url_slug":{"value":"solution-briefs"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"eb9c6dc4-0471-4659-8d57-a39ee7cc0242","codename":"solution_brief___integrated_code_security___code_q"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Our Research team discovered critical code vulnerabilities in Proton Mail, Skiff, and Tutanota. This post covers the technical details of the XSS vulnerability in Skiff."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/335fcf6a-370b-44cf-b1c0-70a0943d9c66/stealing_with_style_skiff_blog_index_v3.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Code Vulnerabilities Put Skiff Emails at Risk"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"f4c670d1-512c-43d5-aea8-49ef330a5e5d","codename":"blogpost___skiff_mxss"}},{"value":{"index_subheadline":{"value":"Press Release"},"index_perex":{"value":"Former President of Google Cloud and Bumble joins Code Quality market leader to accelerate growth alongside Founder and CEO Olivier Gaudin"},"index_image":{"value":{"description":null,"height":200,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/f34005cd-e98b-47f5-a327-359b44ebe073/Tariq-PR-Card%402x.png","width":325}},"index_icon":{"value":null},"index_headline":{"value":"Tariq Shaukat Joins Sonar as co-CEO"},"index_cta":{"value":"Read Article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"1afea4e1-e61f-485b-8a1b-49a9d96e8724"},"elements":{"name":{"value":"Press Releases"},"url_slug":{"value":"press-releases"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"ce54a71c-6f53-40fd-9c9f-4aceb694a19e","codename":"sonar_introduces_deeper_sast_ability_to_discover_h"}},{"value":{"index_subheadline":{"value":"Cognitive Complexity"},"index_perex":{"value":"Cognitive Complexity breaks from the practice of using mathematical models to assess software maintainability. The result is a metric that developers feel is a more fair representation of complexity."},"index_image":{"value":{"description":"Cognitive Complexity guide by Ann Campbell","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/4193e3f4-39c6-42e8-b1bb-4078d87e3cd6/cognitive_complexity_guide_hero_index_v2.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"A Sonar exclusive metric that measures code readability"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"4288f54f-c21e-46e1-9321-eaeefc10a1ca"},"elements":{"name":{"value":"White Papers"},"url_slug":{"value":"white-papers"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"9fa7a261-7017-44f5-b983-a62031a82d84","codename":"dev_generic_post_white_paper_1__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Sonar CEO, Olivier Gaudin, and  Head of Research and Development, Johannes Dahse, meet with Security Guy TV’s Chuck Harold to discuss deeper SAST and the importance of Code Quality. "},"index_image":{"value":{"description":null,"height":628,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/d2904482-a417-4538-a97a-71dd20e227b0/security_guy_tv_interview_blog_index.webp","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"Security Guy TV Interview - Going Deeper with SAST and Code Quality "},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"72e65951-2388-45c8-a4e1-70cb6b6b0e12","codename":"blogpost___security_guy_tv_interview___going_deepe"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Let's dive into what you can do to get more and more of TypeScript's benefits in your JavaScript projects."},"index_image":{"value":{"description":"Get the benefits of TypeScript without writing TypeScript","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/36961122-2fd0-4bd1-8aad-40c4c5dfa139/benefits_of_typescript_without_typescript_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Get the benefits of TypeScript in your JavaScript"},"index_cta":{"value":"Read blog post"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"e3c75383-cfcb-4ea7-a0c0-bdba82b57e73","codename":"blogpost___get_the_benefits_of_typescript_in_your_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Discover the new features in SonarQube Server 10.2!"},"index_image":{"value":{"description":null,"height":628,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/d397fc0e-7eee-427a-8f60-43de4e4d1fd3/sq-10-2_blog-index.webp","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"Introducing SonarQube Server 10.2: Setting New Standards in Code Quality and Security"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"2128eaab-d6d7-45aa-b591-05b7e25f99cf","codename":"blogpost___introducing_sonarqube_10_2__setting_new"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"The Sonar Research team discovered critical code vulnerabilities in Proton Mail, Skiff and Tutanota. This post covers the technical details of the XSS vulnerability in Proton Mail."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/559de609-ecc9-4374-84cf-fbf76585abe7/stealing_with_style_protonmail_blog_index_v3.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Code Vulnerabilities Put Proton Mails at Risk"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"ed874c6e-ba04-465e-8c2b-aba7f0498a16","codename":"blogpost___code_vulnerabilities_leak_emails_in_pro"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Our security researchers recently discovered two critical vulnerabilities in Moodle that leverage the use of not impactful bugs."},"index_image":{"value":{"description":null,"height":628,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/acd1048a-2282-463c-8099-1a7b3df28d17/moodle-vulnerabilities_pt-02_blog-index.webp","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"Playing Dominos with Moodle's Security (2/2)"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"87dffe96-c818-4d2c-b87f-b115005f3fe3","codename":"blogpost___playing_dominos_with_moodle_s_security__87dffe9"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":" Enhancing Static Application Security Testing SAST,  leverage benchmarks for tracking our progress."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/6060aca5-c302-4b8b-b20e-b2ef28e54330/enhancing_sast_detection_leveraging_benchmarks_for_measuring_progress_01_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Enhancing SAST Detection: Leveraging Benchmarks for Measuring Progress"},"index_cta":{"value":"Read blog post"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"f1fde3ac-96fc-4f92-bef3-d96c92afad01","codename":"blogpost___enhancing_sast_detection__leveraging_be"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Our security researchers recently discovered two critical vulnerabilities in Moodle that leverage the use of not impactful bugs."},"index_image":{"value":{"description":null,"height":628,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/08a2c5cc-6ff7-4d35-9aa3-2a2a728cdc47/moodle-vulnerabilities_blog-index.webp","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"Playing Dominos with Moodle's Security (1/2)"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"04f6cae7-d836-4025-8ee3-46ed7020bdfb","codename":"blogpost___playing_dominos_with_moodle_s_security_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"The Sonar team of developers are just returning from their trip to Las Vegas where they attended BlackHat USA 2023.  If you were not able to make it, here is what you missed."},"index_image":{"value":{"description":"Sonar at BlackHat blog image","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/cd126f17-ed7e-479a-b9ee-7e5923557553/blackhat_2023_event_blog_index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"BlackHat 2023: Hackers, Casinos, and an Exciting Announcement"},"index_cta":{"value":"Read blog post"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"d3dcd70d-b33d-4ace-9252-7dc8b8d1ba33","codename":"blogpost___wearedevelopers_2023___what_did_you_mis_d3dcd70"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"What is SAST, what does deeper SAST mean, and how does this apply to your JavaScript and TypeScript applications?"},"index_image":{"value":{"description":null,"height":628,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/3549eb32-e816-4d63-83a7-00b150e8bfda/deeper-sast-in-javascript_blog-index.webp","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"What is deeper SAST in JavaScript?"},"index_cta":{"value":"Read blog post"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"fb6b5877-75b5-4866-a35b-e2ca60534775","codename":"untitled_content_item_fb6b587"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We dive into the technical details of the vulnerabilities we identified as part of last year's Pwn2Own competition."},"index_image":{"value":{"description":"Patches, Collisions, and Root Shells: A Pwn2Own Adventure","height":628,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/b2564189-48b0-478f-a421-8beb1f525d24/pwn2own-adventures_blog-index.webp","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"Patches, Collisions, and Root Shells: A Pwn2Own Adventure"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"cb813aea-9868-46ae-847e-495dd331fbf5","codename":"blogpost___patches__collisions__and_root_shells__a"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"No C and C++ static analysis does not need to mean difficult configuration and pain.  We explain how Sonar has made the impossible possible with one-click analysis for projects hosted in GitHub. A free automatic analysis of C and C++ projects."},"index_image":{"value":{"description":null,"height":628,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/a6d86837-3fbd-4ec4-a314-9adf7f159ab5/sc-and-c_blog-index.webp","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"No, C++ static analysis does not have to be painful"},"index_cta":{"value":"Read blog post"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"ef3d6238-a092-4701-847f-6a9e87243de2","codename":"blogpost___no__c___static_analysis_does_not_have_t"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"The Sonar team of developers are just returning from their trip to Berlin where they attended WeAreDevelopers 2023.  If you were not able to make it, here is what you missed."},"index_image":{"value":{"description":null,"height":400,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/fc26b25b-e31a-43b4-9f7c-4b7a56e79939/we_are_developers_berlin2023_event.webp","width":704}},"index_icon":{"value":null},"index_headline":{"value":"WeAreDevelopers 2023 - what did you miss?"},"index_cta":{"value":"Read blog post"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"c9e9b0a8-7cfc-47fc-8f3d-466097168e21","codename":"blogpost___wearedevelopers_2023___what_did_you_mis"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Uncovering security vulnerabilities is particularly challenging because these issues can be complex and deeply hidden when your code uses and interacts with third-party dependency code. We are excited to share more about a major breakthrough in our detection of deeply hidden security vulnerabilities that traditional tools cannot detect. "},"index_image":{"value":{"description":"Image for blog \"Uncovering hidden security vulnerabilities with deeper SAST\"","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/c1abc5cd-4ac2-4834-918d-b38cb9cffec4/deeper_sast_blog_index_v1.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Uncovering hidden security vulnerabilities with deeper SAST"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"1624ee57-ab7b-4216-acdd-fd51d7232c6d","codename":"blogpost___patches__collisions__and_root_shells__a_1624ee5"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Multiple variants of C++ code-bases at build time are a necessary evil on most projects - even if that's just debug and release. This has always made analysis more complex. But now, with first class support in SonarQube Server, multiple code variants are easier to analyze and understand."},"index_image":{"value":{"description":null,"height":628,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/df1e3ffd-80e3-46fb-b56d-df45e4f22867/multiple-code-variants_blog-index.webp","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"Working with Multiple Code Variants in C++"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"44763c9a-851a-45a6-a95c-bd803b86357a","codename":"blogpost___working_with_multiple_code_variants_in_"}},{"value":{"index_subheadline":{"value":"Press Release"},"index_perex":{"value":"New innovation discovers vulnerabilities created by the interaction of source code with third-party libraries "},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/0b9255a4-2490-4235-ab3d-7440746edfc3/deeper_sast.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Sonar’s New, Powerful Deep Analysis Capability Finds Hidden Code Level Security Issues"},"index_cta":{"value":"Read Article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"1afea4e1-e61f-485b-8a1b-49a9d96e8724"},"elements":{"name":{"value":"Press Releases"},"url_slug":{"value":"press-releases"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"869efabb-2ca1-4e19-9740-5f2aeb3e512a","codename":"wearedevelopers_conference_2023__copy_"}},{"value":{"index_subheadline":{"value":"solution brief"},"index_perex":{"value":"Find coding issues in the development workflow. Stop them from reaching production."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/1d4d808c-0a0b-4e28-af4e-381ff1f45ad7/seven%20habits_blog-index.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Integrated code security & code quality"},"index_cta":{"value":"Download brief"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b17a74b6-dd65-4a0a-b279-62ed8d972f76"},"elements":{"name":{"value":"Solution briefs"},"url_slug":{"value":"solution-briefs"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"aebd4536-be1e-4445-a9df-38256dbed428","codename":"solution_brief___sonarqube_cloud_tfc_integration__"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Unexpected application states are often overlooked and can introduce severe security vulnerabilities. Read more about this real-world example."},"index_image":{"value":{"description":"Image for the blog A Twist in the Code: OpenMeetings Vulnerabilities through Unexpected Application State","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/18048e84-4ee9-4262-bba4-461cb48b2cd3/a_twist_in_the_code_openmeetings_vulnerabilities_through_unexpected_application_state_blog.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"A Twist in the Code: OpenMeetings Vulnerabilities through Unexpected Application State"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Vulnerability research"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"69ff3fdd-9ae5-4bb8-84bd-1e068db3602e","codename":"blogpost___a_twist_in_the_code__openmeetings_vulne"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"New original research from Sonar puts a spotlight on the millions of dollars that businesses lose when they fail to implement an optimal approach for software development.  "},"index_image":{"value":{"description":"Cover image of research document","height":628,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/de60fca9-9d7e-4fcf-8663-fa7d09f3a188/cost_attributed_to_code_level_technical_debt_report_blog_index.webp","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"New Research from Sonar on Cost of Technical Debt"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"146b52c1-951c-4500-ac2f-052d69821c1d","codename":"blogpost___cloud_native_features_in_sonarqube_9_9_"}},{"value":{"index_subheadline":{"value":"Press Release"},"index_perex":{"value":"Olivier Gaudin, CEO & co-founder, to deliver main stage talk about Clean as You Code at world’s largest developer event."},"index_image":{"value":{"description":"Reflections Upon We Are Developers 2022 blog hero image","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/8659d91e-733d-48a6-a7cb-5b1454c84053/We%20Are%20Developers_Hero%20Image.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Sonar to Present at WeAreDevelopers World Congress"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"1afea4e1-e61f-485b-8a1b-49a9d96e8724"},"elements":{"name":{"value":"Press Releases"},"url_slug":{"value":"press-releases"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"53cb70e6-d3a0-4e53-8c53-eac6a66d9189","codename":"sonar_record_growth_press_release__copy__53cb70e"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Interviews with Sonar’s Developer Advocates on their careers and what Code Quality means to them."},"index_image":{"value":{"description":"Phil Nash and Ben Dechrai being interviewed about how they started their careers as developers blog image.","height":1884,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/3cdf67a2-d889-499b-a7dd-faea8f9a24b1/interview_how_i_started_my_career_developer_blog_index2.webp","width":3600}},"index_icon":{"value":null},"index_headline":{"value":"How I started my career as a developer"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"9f413575-aebd-46c7-8d67-81a6c390cc9d","codename":"blog_post___how_i_started_my_career_as_a_developer"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"PHP analysis gets faster and better with new rules, fixed false-positives, and much more in SonarQube Server 9.9 LTS."},"index_image":{"value":{"description":null,"height":628,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/0652149c-5206-45d2-8c8f-0cad23114216/sq-9-9-is-for-php-devs_blog-index.webp","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"Why SonarQube Server 9.9 LTS is a must-have for PHP Developers"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"3be23eaf-bc9b-4bed-9669-729f4c944800","codename":"blogpost___why_sonarqube_9_9_lts_is_a_must_have_fo_3be23ea"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Read about our key takeaways from the TROOPERS 2023 including our favorite talks and overall experience during the two days conference."},"index_image":{"value":{"description":null,"height":628,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/3eae80de-84b6-45c8-bf8e-30a8332a7a61/troopers-reflections_blog-index.webp","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"TROOPERS 2023 Conference Takeaways"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"cfc3ab96-31ff-479d-9308-2e48621740a8","codename":"blogpost___troopers_2023_conference_takeaways"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Last week, our Vulnerability Researchers traveled to TyphoonCon 2023 in Seoul to present their talk \"Patches, collisions and root shells: a Pwn2Own Adventure\"."},"index_image":{"value":{"description":null,"height":628,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/ef04fb57-2a75-452e-8a29-0dc699e6407d/typhooncon-reflections_blog-index.webp","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"TyphoonCon 2023 Wrap Up"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"349ea647-d5af-424d-bb21-c2e02ef3ca42","codename":"blogpost___typhooncon_2023_wrap_up"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We always assume prepared statements and ORMs are enough to protect us from SQL injection, but be careful not to misuse their APIs! Let's look into a real-world case and see what we can learn from it."},"index_image":{"value":{"description":null,"height":628,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/c51b3247-f51d-456c-a029-bcdc060acd33/why-orms-and-prepared-statements-cant-win_blog-index.webp","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"Why ORMs and Prepared Statements Can't (Always) Win"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"e50d712d-b6b4-4cf1-8041-1ff49d2c1864","codename":"blogpost___why_orms_and_prepared_statements_can_t_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Read about the new features of SonarQube Server 9.9 LTS which help JavaScript and TypeScript developers to write Code Quality."},"index_image":{"value":{"description":null,"height":628,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/cad62a32-f577-47e0-80cc-9bbe672884ec/sq-9-9-is-for-js-ts-devs_blog-index.webp","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"Why SonarQube Server 9.9 LTS is a must-have for JavaScript and TypeScript Developers"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"45717811-6c6e-4745-8c1a-c8c93aaa8ca9","codename":"blogpost___why_sonarqube_9_9_lts_is_a_must_have_fo_4571781"}},{"value":{"index_subheadline":{"value":"Blog Post"},"index_perex":{"value":"Smoother centralized access management with GitHub, multiple code variant analysis for C/C+, a big coverage boost in Java security, and more in the latest from SonarQube Server."},"index_image":{"value":{"description":"SonarQube 10.1 release","height":628,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/704c188c-4362-4184-a525-f5aebd4f4021/sq-10.1_blog-index.webp","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"SonarQube Server 10.1 is here!"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"af2af469-4e1a-495d-96d9-a88cd098ea1e","codename":"untitled_content_item_af2af46"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"The Sonar culture is the shared vision, mission, values, and behaviors that make up our day-to-day experience at Sonar. Our goal as an organization is that our culture will unite and motivate SonarSourcers to work and grow together and achieve company goals while creating meaningful benevolent relationships. Discover more about our Smarter Together core value in this blog post."},"index_image":{"value":{"description":null,"height":628,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/0c61eece-f67d-4f97-bf11-f9adfee831b7/stronger-together_blog-index.webp","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"Smarter Together: Fostering a culture of collaboration and growth at Sonar"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"b22ea1bb-ede7-43d2-b405-11516739bef4","codename":"blogpost___smarter_together__fostering_a_culture_o"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We take a look at our highlights from JSNation 2023 in Amsterdam, including our favourite talks, memorable conversations and key takeaways."},"index_image":{"value":{"description":null,"height":628,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/738d77ed-8c59-4952-b83e-0f2646e027be/js-nation-reflections_blog-index.webp","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"Sonar at JSNation 2023 in Amsterdam"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"41302a3f-76d5-43fe-8e6f-605f81eab913","codename":"blogpost___sonar_at_jsnation_2023_in_amsterdam"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Just like it's not enough to simply practice karate for Mr. Miyagi, it's not enough for Sonar to find and fix issues when guiding developers to practice Code Quality. Developers should be able to find, understand, and fix issues to write Code Quality optimally. "},"index_image":{"value":{"description":"Daniel-San balances a laptop in one hand while performing his patented crane kick. Mr. Miyagi is proud. ","height":628,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/ffe3570e-9688-4001-8529-0ff6b202e8d1/mr_miyagi_and_clean_code_blog_index.webp","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"What Mr. Miyagi can teach you about writing Code Quality"},"index_cta":{"value":"Read blog post"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"e72caf4c-db77-4a9d-ade7-f13caa455487","codename":"blogpost___what_mr__miyagi_can_teach_you_about_wri"}},{"value":{"index_subheadline":{"value":"Technology"},"index_perex":{"value":"Sonar’s SaaS capabilities decrease issues and increase development team productivity"},"index_image":{"value":{"description":"an airplane soars through the clouds. It is glorious.","height":400,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/2e084d5c-487a-44fa-89c6-03803407243e/skyscanner_card.webp","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Skyscanner"},"index_cta":{"value":"Read more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"0a4f1a31-9a41-4ee9-b452-5deb1bfd1e47"},"elements":{"name":{"value":"Customer Stories"},"url_slug":{"value":"customer-stories"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Product"}}}},"name":{"value":"SonarQube Cloud"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Region"}}}},"name":{"value":"Europe"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Industry"}}}},"name":{"value":"Technology"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"021584ca-f87c-4e2c-8b92-cb9d8a186b71","codename":"customer_story___skyscanner"}},{"value":{"index_subheadline":{"value":"Technology Spotlight"},"index_perex":{"value":"Backed by primary research data, Omdia provides their viewpoint on how organizations can achieve the best security posture through developer education and empowerment."},"index_image":{"value":{"description":null,"height":628,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/7368357d-1038-4887-9ce5-676bf491a7be/omdia-paper_1200x628_white-papers_index.webp","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"Proactive Application Security"},"index_cta":{"value":"Read White Paper"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"4288f54f-c21e-46e1-9321-eaeefc10a1ca"},"elements":{"name":{"value":"White Papers"},"url_slug":{"value":"white-papers"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"d4511882-0fcb-46ee-ae26-372ad00cee0a","codename":"white_paper_post___idc_white_paper__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Explore the game-changing features of SonarQube Server 9.9 LTS, empowering Java developers to write Code Quality with enhanced speed and precision."},"index_image":{"value":{"description":null,"height":628,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/079878db-47ec-4d8d-b0da-5b93153f750e/sq-is-for-java-devs_blog-index.webp","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"Why SonarQube Server 9.9 LTS is a must-have for Java developers"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"21a49455-261e-425b-a400-4066bee03867","codename":"blogpost___why_sonarqube_9_9_lts_is_a_must_have_fo_21a4945"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Node.js released an experimental test runner in version 18 and made that test runner stable in version 20. What does that mean for us as JavaScript developers?"},"index_image":{"value":{"description":"The Node.js logo","height":628,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/a62e7abd-0486-4d2c-a11a-11a85fee0c86/node_js_blog_index.webp","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"Hands on with the Node.js test runner"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"79a740ca-64c4-42ba-b5f7-7be236ccfca3","codename":"blogpost___hands_on_with_the_node_js_test_runner"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Against a backdrop of increasing demands on open source maintainers from industry and government, we wanted to use this year’s survey to see how they are hanging in there."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/4ed7b130-1fe0-4a03-a30c-e82614f04635/sonar-open-graph-2x-2.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Maintainer burnout is real. Almost 60% of maintainers have quit or considered quitting maintaining one of their projects"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"e00121f7-0186-46c1-a34e-d809f4e7a6cc","codename":"blogpost___maintainer_burnout_is_real"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Our Vulnerability Researchers are just returning from their trip to Berlin where they attended OffensiveCon 2023! Here's what they loved about the event."},"index_image":{"value":{"description":null,"height":628,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/b404502b-37ad-4983-8da3-cb7ee7dbaf18/offensive-con-reflections_blog-index.png","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"Reflections from OffensiveCon 2023"},"index_cta":{"value":"Read blog post"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"195b02d8-e21c-42fe-b162-479615fb6c35","codename":"blogpost___reflections_from_offensivecon_2023"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"These days, most software organizations have a vulnerability remediation strategy in place. It’s often a fully reactive approach"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/4ed7b130-1fe0-4a03-a30c-e82614f04635/sonar-open-graph-2x-2.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"8 ways to build your continuous vulnerability management strategy"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Vulnerability research"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"eb9471f0-0b0d-46aa-b534-ca0cd274d89a","codename":"blogpost___8_ways_to_build_your_continuous_vulnera"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Learn about the Sonar - HashiCorp partnership and the SonarQube Cloud Terraform Cloud integration."},"index_image":{"value":{"description":null,"height":628,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/c83333c4-67f7-4800-be5b-75026f7ba4f7/sonar-hashicorp_blog-index.webp","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"Sonar and HashiCorp Partner to Deliver Clean Terraform Code & Good Vibes"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"e41be9df-bb6b-4150-af74-f20ee4b9e089","codename":"blogpost___sonarcloud_or_sonarqube____guidance_on__e41be9d"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"SonarQube for IDE supports Go analysis!"},"index_image":{"value":{"description":null,"height":628,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/77a9629f-811d-4b16-aa3f-e8888e4fda58/sl-supports-go_blog-index.webp","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"SonarQube for IDE supports Go analysis!"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"5b48ce5e-f6c7-4997-a1c0-5a1122c94a5d","codename":"blogpost___sonarlint_supports_go_analysis_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We discovered two vulnerabilities in Pimcore that could be chained together in one GET request to achieve RCE."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/fab479cb-cff3-44a4-9fad-cb5054ed9b44/Pimcore_social-landscape.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Pimcore: One click, two security vulnerabilities"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"16f6d6b6-8edc-4c7e-8fef-31a42a3df86c","codename":"blogpost___pimcore__one_click__two_security_vulner"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Is Code Quality the solution to Jupyter notebook code quality?"},"index_image":{"value":{"description":null,"height":628,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/d1b6a85f-5b62-4512-b9ff-943f19598861/jupyter-notebook_blog-index%20%281%29.webp","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"Is Code Quality the solution to Jupyter notebook code quality?"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"972aa787-40a4-4c6c-8569-70472612bd79","codename":"blogpost___is_clean_code_the_solution_to_jupyter_n"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"There are new array methods in JavaScript and they are here to make our programs more predictable and maintainable."},"index_image":{"value":{"description":null,"height":628,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/ef97fb4e-e4f4-4a7d-8708-4872ea73e609/javascript-array-copying-methods_blog-index.webp","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"ES2023 introduces new array copying methods to JavaScript"},"index_cta":{"value":"Read blog post"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"6a98ea59-f89f-45ec-b6da-c88e14f591e9","codename":"es2023_introduces_new_array_copying_methods_to_jav"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Sonar becomes Silver member of the Cloud native computing foundation"},"index_image":{"value":{"description":null,"height":628,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/bfbd96aa-5b05-4f2f-993e-bf80c5514c15/sonar-cncf-silver-membership_blog-index.webp","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"CNCF Silver membership"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"d9ca88a8-1bf4-412d-bf09-b8005f2bcd59","codename":"blogpost___cncf_silver_membership"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Learn about the changes in SonarQube Server 9.9 LTS that help Python developers write Code Quality."},"index_image":{"value":{"description":null,"height":628,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/05f65288-fbbd-445e-86b1-f3c89902a130/sq-is-for-python-devs_blog-index.webp","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"Why SonarQube Server 9.9 LTS is a must-have for Python developers"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"9179ee16-9cff-4f4e-835d-250c868a95f4","codename":"blogpost___why_sonarqube_9_9_lts_is_a_must_have_fo"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Five ways in which Python's interpreter behaves in ways that you wouldn't expect."},"index_image":{"value":{"description":null,"height":628,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/a2b89e22-e46c-4a37-9b9e-1ee08d1350b7/weird-python-behaviors_blog-index.webp","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"Weird Python: 5 Unexpected Behaviors in the Python Interpreter"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"abd948d7-8a9c-4f09-9df8-2e7779364092","codename":"blogpost___weird_python__5_unexpected_behaviors_in"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Reflections from DevNexus, the largest Java conference in the U.S.A."},"index_image":{"value":{"description":null,"height":628,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5a163ee9-f907-45c4-a36f-eaf381c91066/devnexus-reflections_blog-index.webp","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"Reflections from DevNexus, the largest Java conference in the U.S.A."},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"90082122-5dee-4d8f-a200-2b8aaa4e6e5b","codename":"blogpost___reflections_from_devnexus__the_largest_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Latest Python developments. Interview with Python developers from Sonar."},"index_image":{"value":{"description":null,"height":628,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/ce802ac3-be3b-47a7-ae31-b2471e778d2e/interview-with-python-devs_blog-index%20%281%29.webp","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"Interview with Sonar Python Developers Part 2"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"77ee15a3-35b1-45a6-8329-c7cf93d772ad","codename":"blogpost___interview_with_sonar_python_developers__77ee15a"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"What do we need content types for anyway? Let's look into how an incorrect content type led to a real-world vulnerability in Odoo, CVE-2023-1434."},"index_image":{"value":{"description":null,"height":628,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/e8442955-a296-4bf2-8f92-69930193e34f/odoo-scripting_blog-index.webp","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"Odoo: Get your Content Type right, or else!"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"6ac16062-8134-4d52-bf50-4fd5b9ec3b1a","codename":"blogpost___odoo__get_your_content_type_right__or_e"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Why should I learn Python language? When should I use Python? Is tooling around Python development mature?"},"index_image":{"value":{"description":null,"height":628,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/ce802ac3-be3b-47a7-ae31-b2471e778d2e/interview-with-python-devs_blog-index%20%281%29.webp","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"Interview with Sonar Python Developers Part 1"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"6bddbffe-f844-4824-80ee-0c9ea22b67e2","codename":"blogpost___interview_with_sonar_python_developers_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Sonar ❤️ Compiler Explorer: Write clean C++ code inside your browser"},"index_image":{"value":{"description":"Image of Sonar Logo and Compiler Explorer integration","height":628,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/7327924f-0e59-4031-8411-e477f154d8e4/compiler-explorer-integration_blog-index%20%282%29.webp","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"Sonar ❤️ Compiler Explorer: Write clean C++ code inside your browser"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"51263347-8246-4d88-9c8f-032253151bda","codename":"blogpost____copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"It is no surprise that lots of well-intentioned people have failed to figure out how to effectively pay maintainers."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/4ed7b130-1fe0-4a03-a30c-e82614f04635/sonar-open-graph-2x-2.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Paying maintainers: the HOWTO"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"10b0b100-dbf7-411d-96f1-11a089d2c373","codename":"blogpost___paying_maintainers__the_howto"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We recently discovered two vulnerabilities in pretalx and found a generic technique to gain code execution from a file write."},"index_image":{"value":{"description":null,"height":628,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/40870ddd-2321-4066-8441-13d3aa98ce7a/get-accepted-at-every-conference_blog-index.webp","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"Pretalx Vulnerabilities: How to get accepted at every conference"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"abebc726-72e3-433b-9be6-bb8dae14a97b","codename":"blogpost___pretalx_vulnerabilities__how_to_get_acc"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"SonarQube Server 9.9 LTS is here! We're back with another 9 reasons you should prioritise upgrading as soon as possible."},"index_image":{"value":{"description":null,"height":628,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/e1c8b219-a203-4cf5-ba12-eee11888c596/another-9-reasons-to-upgrade_blog-index.webp","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"Another 9 reasons to upgrade to SonarQube Server 9.9 LTS"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"cf588e98-0a69-482c-b9ab-88a073d0e864","codename":"blogpost___another_9_reasons_to_upgrade_to_sonarqu"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"When bad code gets overlooked, it can create lasting problems and ultimately impact developer productivity and velocity. "},"index_image":{"value":{"description":null,"height":629,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/89db6937-0e09-4b6f-a9df-72f36a294a3d/dev-velocity_blog-index.png","width":1201}},"index_icon":{"value":null},"index_headline":{"value":"How bad code destroys developer velocity"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"bc0b00a7-2cc4-4538-8bb0-210c0285e7d3","codename":"blogpost___how_bad_code_destroys_developer_velocit"}},{"value":{"index_subheadline":{"value":"Blog Post"},"index_perex":{"value":"Learn what features - like faster first analysis and better user management with SCIM - are available to you and your teams in SonarQube Server 10.0!"},"index_image":{"value":{"description":null,"height":628,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/8335204d-8ea7-48bf-b064-4f71ee6fadaf/sq-10_0_social-landscape.webp","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"Announcing SonarQube Server 10.0"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"a21e39bf-e7fc-4770-9ff1-b6d420cf3546","codename":"blogpost"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Our researchers discovered a vulnerability in LibreNMS, which could be exploited by attackers to gain RCE by sending a single SNMP trap."},"index_image":{"value":{"description":null,"height":628,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/a9ccfae2-fd35-40d8-9560-332c1c04c037/librenms-malicious-trap_blog-index.webp","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"It’s a (SNMP) Trap: Gaining Code Execution on LibreNMS"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"5d146bc7-963b-4ca8-b474-d663ca6547e3","codename":"untitled_content_item_5d146bc"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Code Quality from Sonar aims to streamline your DevOps workflow so that your organization can yield the best possible results from your software."},"index_image":{"value":{"description":null,"height":628,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/6c0b7bb2-6489-47f7-9c1e-3d9ea2f54fac/what-is-sonar_blog-index%20%281%29.webp","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"Sonar is the Code Quality solution for your DevOps workflow"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"903c7d11-c353-4fb0-8f73-494e32e95ebd","codename":"blogpost___sonar_is_the_clean_code_solution_for_yo"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Companies are adopting cloud native practices because it puts their core business first and affords them speed and efficiency advantages over the competition. However, reaping these rewards requires a solid, sustainable foundation - a Code Quality foundation."},"index_image":{"value":{"description":null,"height":1254,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/51cbb0a7-98e8-453b-bab1-b07c2e14f356/Develop%20Your%20Cloud%20Native%20Apps%20the%20Sustainable%20Way_Hero.jpg","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Your Guide to Code Quality in Cloud Native Apps"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"47927e2b-801e-46ca-a67f-27cc324f4713","codename":"blogpost___develop_your_cloud_native_apps_the_sust_47927e2"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We crunched the data from SonarQube for IDE to discover the top 5 most common TypeScript issues. This is a summary of the top 5"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/fa22a480-db68-4b39-9cde-d946d1329d29/typescript-common-mistakes_recap_blog-index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"The top 5 common TypeScript issues found by SonarQube for IDE"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"5a075b07-9fe6-466e-ab24-07bf109cdcac","codename":"blogpost___the_top_5_common_typescript_issues_foun"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"The best LTS ever - SonarQube Server v9.9 - packed together a lot of new features and functionality. Read more to learn about the cloud native, IaC and serverless analysis capabilities included in the LTS."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/26ee1296-d7c5-4238-9719-c31da06d4213/cloud-native-features-sq-9.9-lts_blog-index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Cloud native features in SonarQube Server 9.9 LTS"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"a1bc4ac6-c6c1-469a-a3f3-9e611b1a772f","codename":"blogpost___the_rules_of_three__five_and_zero__copy_a1bc4ac"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"SonarQube Server 9.9 LTS is here! Not every improvement could be mentioned in the release announcement, so check out these LTS easter eggs that make this the Best LTS Ever."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/6549506f-53e4-43e1-912d-f2c3592a8838/9%20More%20Reasons%20to%20Upgrade%20to%20LTS_blog-index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"9 more reasons to upgrade to SonarQube Server 9.9 LTS"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"30081878-b058-4409-848d-11fd7d91c9fb","codename":"blogpost___9_more_reasons_to_upgrade_to_sonarqube_"}},{"value":{"index_subheadline":{"value":"solution brief"},"index_perex":{"value":"SonarQube Server is an integrated code quality and code security tool for automating reviews of all code, human-written, AI-generated, and open source. It provides actionable code intelligence directly in the developer workflow to simplify finding and fixing bugs and security vulnerabilities, freeing developers to focus on building better value, faster."},"index_image":{"value":null},"index_icon":{"value":null},"index_headline":{"value":"SonarQube Server"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b17a74b6-dd65-4a0a-b279-62ed8d972f76"},"elements":{"name":{"value":"Solution briefs"},"url_slug":{"value":"solution-briefs"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Server"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"0f843053-27dd-4dc9-948e-59a73ff8b001","codename":"legacy_code___learn_page__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We crunched the data from SonarQube for IDE to discover the top 5 most common TypeScript issues. In this 5 part series, we outline each issue and how to avoid it."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/e151a1b5-fed1-43a6-a3aa-36eadee8c189/typescript-common-mistakes-01_blog-index%20%281%29.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Common TypeScript Issues Nº 1: assignments within sub-expressions"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"be238fdb-e2ea-475d-9cd0-e864deb9a6a5","codename":"blogpost___common_typescript_issues_no_1__assignme"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Sonar is celebrating International Women's Day (March 8) with interviews from women across our many teams about their careers in technology."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/b6ceaaa2-f321-4288-adde-45cb7e3abf32/intl-womens-day_blog-index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Celebrating International Women's Day with the women of Sonar"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"1b4cf3a0-bc64-47b3-80b0-23f919bfd4e3","codename":"blogpost___celebrating_international_women_s_day_w"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"A checklist to help you upgrade to SonarQube Server LTS"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/1135a850-8143-48fd-ab3e-9cd9e973ee73/sq-lts-upgrade-checklist_blog-index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"SonarQube Server LTS Upgrade Checklist"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"1dcc5f78-ec5b-4e12-aaef-701ad06a3d61","codename":"blogpost___sonarqube_lts_upgrade_checklist"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We crunched the data from SonarQube for IDE to discover the top 5 most common TypeScript issues. In this 5 part series, we outline each issue and how to avoid it."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/81b5a506-48c4-40e0-86e0-66a87ae9d65d/typescript-common-mistakes-02_blog-index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Common TypeScript Issues Nº 2: non-empty statements"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"7bb54316-7cb2-46a4-ae29-f4c735c35e37","codename":"blogpost___common_typescript_issues_no_2__non_empt"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Let's dive into how a seemingly minor code vulnerability can hide a critical impact! "},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/7f4576b6-498d-4069-bb19-b6475faf0654/file-truncation_blog-index.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Empowering weak primitives: file truncation to code execution with Git"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"6e184b8e-9729-4d7e-b609-6d530f990f17","codename":"blogpost___empowering_weak_primitives__file_trunca"}},{"value":{"index_subheadline":{"value":"Technology Spotlight"},"index_perex":{"value":"In this paper, IDC highlights the importance of code quality and how modern tools can ensure code hygiene across the software development lifecycle without impacting velocity."},"index_image":{"value":{"description":"IDC White Paper","height":942,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/65d52b5d-7362-438f-8acd-c02fae25d5da/idc_1.webp","width":1800}},"index_icon":{"value":null},"index_headline":{"value":"DevOps Is Insufficient Without Good Code Hygiene"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"4288f54f-c21e-46e1-9321-eaeefc10a1ca"},"elements":{"name":{"value":"White Papers"},"url_slug":{"value":"white-papers"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"9cb29c50-69ec-4292-b9cc-4af427a71d61","codename":"white_paper_post___idc_white_paper"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"With Sonar and the Clean as You Code methodology, developers can directly impact the security of the cloud native apps they create."},"index_image":{"value":{"description":null,"height":1254,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/51cbb0a7-98e8-453b-bab1-b07c2e14f356/Develop%20Your%20Cloud%20Native%20Apps%20the%20Sustainable%20Way_Hero.jpg","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Code Quality: The Best Approach to Writing Secure Cloud Native Apps"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"de28282d-4121-481d-ae10-cb2a663ccad1","codename":"blogpost___clean_code__the_best_approach_to_writin_de28282"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We crunched the data from SonarQube for IDE to discover the top 5 most common TypeScript issues. In this 5 part series, we outline each issue and how to avoid it."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/67510349-fb04-43f9-a2ec-168a60163451/typescript-common-mistakes_03_blog-index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Common TypeScript Issues Nº 3: unused local variables and functions"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"3c94e3e5-268f-49fc-8a21-3722c3820bd3","codename":"blogpost___common_typescript_issues_no_3__unused_l"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"The Clean as You Code methodology allows developers to keep working on new and interesting projects without sacrificing quality or getting bogged down in refactoring legacy code."},"index_image":{"value":{"description":"Person's-fingers-typing-really-fast-on-a-keyboard-to-increase-developer-velocity. ","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/f75800a5-b3aa-4b98-8913-f51e64f43d5a/increase-dev-velocity_blog-index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Increase developer velocity today with Clean as You Code"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"b2378086-8713-444c-a2dc-14b94fa86ea2","codename":"blogpost___increase_developer_velocity_today_with_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Culture is a key aspect of working at Sonar. It is our binding agent; it is what we value, what we believe in, the way we work, and the way we interact. It is what makes us SonarSourcers!"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/7841daa4-c902-441f-a67e-36bb3d6437b4/we-are-sonar_blog-index.jpeg","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"We are Sonar!"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"92e8578c-8e7f-4e28-934a-526dad8c2209","codename":"blogpost___we_are_sonar_"}},{"value":{"index_subheadline":{"value":"solution brief"},"index_perex":{"value":"Enable your development team to deliver integrated code quality and security consistently and efficiently with a tool that integrates seamlessly into the cloud DevOps platforms and extends your CI/CD workflow. "},"index_image":{"value":null},"index_icon":{"value":null},"index_headline":{"value":"SonarQube Cloud"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b17a74b6-dd65-4a0a-b279-62ed8d972f76"},"elements":{"name":{"value":"Solution briefs"},"url_slug":{"value":"solution-briefs"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube Cloud"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"6c5ee546-3e9e-4676-80f3-53d1ffcd740a","codename":"resources___solution_briefs___sonarqube_server__co"}},{"value":{"index_subheadline":{"value":"solution brief"},"index_perex":{"value":"SonarQube for IDE is a free, open source IDE extension that provides developers with immediate coding feedback before they commit code while helping them understand why an issue is raised, what is at stake, and how to fix it."},"index_image":{"value":null},"index_icon":{"value":null},"index_headline":{"value":"SonarQube for IDE"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b17a74b6-dd65-4a0a-b279-62ed8d972f76"},"elements":{"name":{"value":"Solution briefs"},"url_slug":{"value":"solution-briefs"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube for IDE"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"fa0aa806-71d8-4587-bbbc-0ec6fe2d8afe","codename":"solution_briefs___sonarqube_cloud__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We crunched the data from SonarQube for IDE to discover the top 5 most common TypeScript issues. In this 5 part series, we outline each issue and how to avoid it."},"index_image":{"value":{"description":"Common mistake in Typescript #5","height":1254,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/ae8cec16-6a1d-4e84-b338-3435d2bd660e/TypeScript%20Common%20Mistakes-04_social-landscape_%402x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Common TypeScript Issues Nº 4: Don't create and drop objects immediately"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"aae0d252-dc2d-4881-9c3f-d67dd787fcb6","codename":"blogpost___common_typescript_issues_no_4__don_t_cr"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Big year, big announcement – the most anticipated SonarQube Server 9.9 Long-Term-Support release is here! Check out this post for all details."},"index_image":{"value":{"description":"SonarQube LTS 9.9","height":1258,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/ea6b73ac-8e4d-4f95-8da5-739dec9f3f4f/landscape_lts_9_9_web2.webp","width":2402}},"index_icon":{"value":null},"index_headline":{"value":"Announcing SonarQube Server 9.9 LTS!"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"a0a0950b-630b-42d9-b286-6fbeaf3ae38d","codename":"blogpost___sonarqube_9_9_lts_announcement_post"}},{"value":{"index_subheadline":{"value":"Press Release"},"index_perex":{"value":"The new release empowers organizations to achieve the Code Quality state quickly, securely, and at scale."},"index_image":{"value":{"description":"SonarQube LTS 9.9","height":1258,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/ea6b73ac-8e4d-4f95-8da5-739dec9f3f4f/landscape_lts_9_9_web2.webp","width":2402}},"index_icon":{"value":null},"index_headline":{"value":"Sonar Launches SonarQube Server 9.9 LTS to Help Organizations Achieve a State of Code Quality"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"1afea4e1-e61f-485b-8a1b-49a9d96e8724"},"elements":{"name":{"value":"Press Releases"},"url_slug":{"value":"press-releases"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"983f8e44-6e33-46b4-a96e-a968fce4ba9d","codename":"sonar_record_growth_press_release__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We crunched the data from SonarQube for IDE to discover the top 5 most common TypeScript issues. In this 5 part series, we outline each issue and how to avoid it."},"index_image":{"value":{"description":"Common mistake in Typescript #5","height":1254,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/94087f16-f0d4-4995-87f5-625185b5b5d4/TypeScript%20Common%20Mistakes-05_social-landscape_%402x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Common TypeScript Issues Nº 5: Optional property declarations"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"2f9b1826-19ed-45e3-815e-b1ddb5af51e7","codename":"blogpost___common_typescript_issues_no_5__optional"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We recently discovered three vulnerabilities that allow arbitrary code execution on OpenEMR. Let’s see what we can learn from them and discuss their patches!"},"index_image":{"value":{"description":null,"height":1254,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/6de6bf70-0216-4289-adc6-488e80c6d1e1/OpenEMR_blog-index-image.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"OpenEMR - Remote Code Execution in your Healthcare System"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"68fc67e1-a3ad-4a5c-b475-4e3f6659b89b","codename":"blogpost___openemr___remote_code_execution_in_your"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Our research team looks back at a great year and summarizes the highlights of their vulnerability research in 2022."},"index_image":{"value":{"description":null,"height":1254,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/205493e1-fa6f-4f9f-971f-c7d1fe1a237e/Vulnerability%20Research%20Highlights_blog%20header_1200x627%402x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Vulnerability Research Highlights 2022"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"d2f37044-e27f-45b7-9925-80cf62a6e644","codename":"blogpost___vulnerability_research_highlights_2022"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Clear context and specific education for why an issue occurs and how to fix it should be by the developers’ side without leaving the development workflow. Sonar has your answer."},"index_image":{"value":{"description":null,"height":628,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/d8dbc097-91af-469f-88ec-34a7ed9d24dc/Level%20Up%20Your%20Teams%20Skills_1200x627.jpeg","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"Level up your team's skills as they code"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"8e968683-49be-4290-a3e1-0c99e11de4ac","codename":"blogpost___the_rules_of_three__five_and_zero__copy"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"This series is dedicated to the small, but common pitfalls and errors you can encounter when writing React code.\nWhether an experienced JavaScript | TypeScript developer or just starting out, the results can be surprising."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5e4604bf-b204-4b0a-a21b-01b850094d69/Lesser%20Spotted%20React%20Mistakes_Part%203_1200x628%402x%20%281%29Updated%20Version.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Lesser spotted React mistakes: What are we even rendering?"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"77e436a1-4501-4fd2-b799-3d694243ea9a","codename":"blogpost___lesser_spotted_react_mistakes__render_w"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Learn how we discovered a critical vulnerability in Cacti with the help of SonarQube Cloud."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/2089bc3e-b584-4e9e-be19-0249145f32f1/Cacti_Unauthenticated%20Remote%20Execution_1200x628%402x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Cacti: Unauthenticated Remote Code Execution"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"18b47ec3-66d9-433a-81fd-68841b00f969","codename":"blogpost___cacti__unauthenticated_remote_code_exec"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"The latest version of SonarQube Server from Sonar has arrived. Check out what’s new in SonarQube Server 9.8 in this quick video and download it now."},"index_image":{"value":{"description":"SonarQube 9.8","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/edb301d7-e65d-4107-9209-aa69e2630cc1/SQ-9.8_blog-index.webp","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"SonarQube Server 9.8 is here!"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"758c1fef-f62b-48a6-8b86-ec27bd273a1c","codename":"blogpost___code_security_advent_calendar_2022__cop_758c1fe"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Application development using cloud native technologies is a game changer for developers. With a robust, maintainable codebase, they are positioned to do their best work. Learn how Sonar has the Code Quality game plan to perfectly complement your cloud native initiatives."},"index_image":{"value":{"description":null,"height":1254,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/51cbb0a7-98e8-453b-bab1-b07c2e14f356/Develop%20Your%20Cloud%20Native%20Apps%20the%20Sustainable%20Way_Hero.jpg","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Develop Your Cloud Native Apps the Sustainable Way"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"2f7d7a39-d315-454c-92d0-8cfb4e237f98","codename":"blogpost___develop_your_cloud_native_apps_the_sust"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Members of the Sonar Vulnerability Research team remotely participated in Pwn2Own Toronto 2022. This competition is quite special for us: we usually focus on code vulnerabilities in open-source web application projects."},"index_image":{"value":{"description":null,"height":1254,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/966f2a78-5fc4-4c0c-9e09-20b4d2d88528/Sonar%20Pwn2Own%20Toronto%202022_Hero%402x.png.jpg","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Sonar @ Pwn2Own Toronto 2022"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"8b7f2818-a998-40a6-83c0-06f57517473f","codename":"blogpost___backend_sql_injection_in_bigtree_cms_4__8b7f281"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Regardless of the company we work for, the project we contribute to, or our years of experience as individual developers or as a team, we inevitably make mistakes while coding. On average, a development team generates about 15 to 50 errors per 1,000 lines of delivered code."},"index_image":{"value":{"description":"Developer screen showing code with sonarcloud logo. ","height":627,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/de8988df-4f75-432e-94e0-c5bd35ed1ad5/How%20to%20enable%20your%20development%20team%20to%20deliver%20Clean%20Code_Hero.jpg","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"How to enable your development team to deliver Code Quality?"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"08fd261c-6c8c-412f-8ffb-bd8adab8f0db","codename":"blogpost___doing_more_with_less_in_uncertain_times"}},{"value":{"index_subheadline":{"value":"Press Release"},"index_perex":{"value":"Driven by developer value and enterprise recognition of the power of Code Quality - Sonar solution has scaled to 7 million users and 21,000 enterprise customers."},"index_image":{"value":{"description":"Record Growth - Sonar","height":400,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/dabcc09a-7777-4410-8a72-c20deada473f/Record%20Growth_PR-Card%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"SonarSource Posts Record Growth with its Code Quality Solution in 2022"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"1afea4e1-e61f-485b-8a1b-49a9d96e8724"},"elements":{"name":{"value":"Press Releases"},"url_slug":{"value":"press-releases"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"0e892552-45a4-415b-b5a8-84660db24152","codename":"javaone_press_release__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Code is at the core of your software and dictates its behavior and performance. Code Quality makes it easier for your development teams to introduce changes and enhancements to software because it is free of issues."},"index_image":{"value":{"description":"Image of different elements of clean code going across the page in different ways symbolizing the enterprise. ","height":1254,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/41fa9858-eeeb-4c54-aaa0-dc83f2953a54/Scaling%20Clean%20Code%20Across%20the%20Enterprise_Hero%402x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Scaling Code Quality Across the Enterprise"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"0409fbc2-f18d-48b4-a6ff-8d3f377f87a7","codename":"blogpost___how_to_enable_your_development_team_to_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"In this blog, I will share the story of how I got introduced to SonarQube Server and made use of it as  a team lead. I will explain how it helped us improve our code, and also assisted me in growing a team of junior developers with a Code Quality companion by their side."},"index_image":{"value":{"description":null,"height":1254,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/37cf43d2-9d57-4325-b54f-3ae361d5bfeb/What%20I%20learned%20from%20using%20SonarQube%20for%20the%20first%20time_Hero%402x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"What I learned from using SonarQube Server for the first time"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"69b52bce-fed9-452a-967a-01f764e88af9","codename":"blogpost___scaling_clean_code_across_the_enterpris"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"The year is slowly coming to an end and it’s time again to look back and reflect on the great fun and achievements of the year. This is where we would like to thank our community and share a little gift, as we do every December since 2016."},"index_image":{"value":{"description":null,"height":1254,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/b8f6faa7-8804-46c3-a94f-282058577aea/Code%20Security%20Advent%20Calendar%202022_Hero.jpg","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Code Security Advent Calendar 2022"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"05107ad0-806d-4df2-80da-1bb00e7e2537","codename":"blogpost___what_i_learned_from_using_sonarqube_for"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"This series is dedicated to the small, but common pitfalls and errors you can encounter when writing React code.\nWhether an experienced JavaScript | TypeScript developer or just starting out, the results can be surprising. Part 2."},"index_image":{"value":{"description":null,"height":1254,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/6506452b-8144-4a65-ac18-a1343a358588/Lesser%20spotted%20React%20mistakes-Zombie%20methods_Hero.jpg","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Lesser spotted React mistakes: Zombie methods"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"fd508c63-ff1f-47a9-bbe6-ff4cabe54095","codename":"blogpost___lesser_spotted_react_mistakes__hooked_o_fd508c6"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Even though efficiency of all work processes is a goal of any business striving for success, it is even more of a challenge given the current economic climate. This bar shifts higher every day."},"index_image":{"value":{"description":null,"height":1254,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/6152bf00-b2d0-4f3d-852c-6555194c1119/Doing%20More%20with%20Less%20in%20Uncertain%20Times_Hero%402x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Doing More with Less in Uncertain Times"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"5678169f-15eb-4b66-8fbc-e5ec1374981c","codename":"blogpost___sonar___pwn2own_toronto_2022__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Moment.js is a popular date-handling library that, at one point, was being downloaded nearly 15 million times a week. Despite its popularity, Moment’s open source maintainers announced in September 2020 that they were deprecating the project."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/4ed7b130-1fe0-4a03-a30c-e82614f04635/sonar-open-graph-2x-2.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"The npm package of the Moment: How we migrated from a deprecated Javascript package"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"53e66e4a-a914-4971-b823-c0ae97211183","codename":"blogpost___npm_moment_javascript_package"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"This last article of the series determines how an attacker can chain two further vulnerabilities to fully take over a Checkmk server."},"index_image":{"value":{"description":null,"height":1254,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/8d960daa-e1d0-4e94-b772-0b0a09889b66/Checkmk-Remote%20Code%20Execution_Hero%402x.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"Checkmk: Remote Code Execution by Chaining Multiple Bugs (3/3)"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"1a6b59a2-9649-48aa-b967-7b8af31e3ed1","codename":"blogpost___checkmk__remote_code_execution_by_chain_1a6b59a"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"The Sonar Team had a great time sponsoring KubeCon 2022 in Detroit. Read about our takeaways from the event..."},"index_image":{"value":{"description":"KubeCon and CloudNativeCon North America 2022","height":400,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/c8b3e4e7-1660-459b-aa74-8ab7bfc01518/KubeCon-CloudNativeCon%402x.jpg","width":704}},"index_icon":{"value":null},"index_headline":{"value":"A Look Back at KubeCon 2022"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"32822448-5e9b-491c-845a-41c8821cbd7f","codename":"blogpost___a_look_back_at_kubecon_2022"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"The second article of this series outlines how an attacker can leverage the ability to forge arbitrary LQL queries to gain access to the NagVis component."},"index_image":{"value":{"description":"The second article of this series outlines how an attacker can leverage the ability to forge arbitrary LQL queries to gain access to the NagVis component.","height":1255,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/b2b045ab-0680-4c00-b9ce-d6bfe02354a7/cover-4104c2f2-4974-48c9-bdef-ec1fdb59b3fc_CheckMK%2BRCE%2BChain-02_Blog_1200x627.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"Checkmk: Remote Code Execution by Chaining Multiple Bugs (2/3)"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"0eb27130-1dd4-48d4-af42-dc47ea6db160","codename":"blogpost___checkmk__remote_code_execution_by_chain_0eb2713"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Machine learning (ML) is the hot topic in tech circles right now, and tech lawyers are no exception. Virtually every lawyer discussion I’ve had in the last two weeks has ended with a variation on this question"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/4ed7b130-1fe0-4a03-a30c-e82614f04635/sonar-open-graph-2x-2.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Evaluating the RAIL license family"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"8c5ef0cf-b9d5-40c0-bb0c-003a42cc2dc1","codename":"blogpost___evaluating_the_rail_license_family"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We discovered multiple vulnerabilities in Checkmk, which can be chained together by an unauthenticated, remote attacker to fully take over a vulnerable server."},"index_image":{"value":{"description":"We discovered multiple vulnerabilities in Checkmk, which can be chained together by an unauthenticated, remote attacker to fully take over a vulnerable server.","height":1254,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/cec5521f-04da-46d8-a88f-82721c81c0f6/cover-b6ff7f15-3036-4275-b486-fe8beb0f33a7_CheckMK%2BRCE%2BChain_Blog_1200x627-2.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Checkmk: Remote Code Execution by Chaining Multiple Bugs (1/3)"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"c5bea16d-39c6-4560-84a6-49880889d23f","codename":"blogpost___checkmk__remote_code_execution_by_chain"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"After examining the Rules of Three, Five, and Zero, part 2 of this series looks at the exceptions that prove the rule(s). Some of them may surprise you (no, really)!"},"index_image":{"value":{"description":"After examining the Rules of Three, Five, and Zero, part 2 of this series looks at the exceptions that prove the rule(s). Some of them may surprise you (no, really)!","height":746,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/be921629-1f16-44ff-b3d3-59b0bce825e8/cover-77acaa7c-05cf-4519-b995-543fa5318dcf_Beyond%2Bthe%2BRules_blog.png","width":1422}},"index_icon":{"value":null},"index_headline":{"value":"Beyond the Rules of Three, Five and Zero"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"61a4f0c2-4a16-42fa-b203-4ed523f2a801","codename":"blogpost___beyond_the_rules_of_three__five_and_zer"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Our AppSec and Vulnerability Research teams had a great time at Hexacon 2022, here's what we enjoyed!"},"index_image":{"value":{"description":"Our AppSec and Vulnerability Research teams had a great time at Hexacon 2022, here's what we enjoyed!","height":746,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/bfebe12f-4c87-43be-82fe-d8a3745cdd8f/cover-26a71210-4bf3-455e-8303-290cbf485506_Hexacon%2BWrap-Up_01.png","width":1422}},"index_icon":{"value":null},"index_headline":{"value":"Bits from Hexacon 2022"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"22af2b80-ef2d-4239-943d-65c9838cedab","codename":"blogpost___bits_from_hexacon_2022"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"This series is dedicated to the small, but common pitfalls and errors you can encounter when writing React code.\nWhether an experienced JavaScript | TypeScript developer or just starting out, the results can be surprising."},"index_image":{"value":{"description":"This series is dedicated to the small, but common pitfalls and errors you can encounter when writing React code.\nWhether an experienced JavaScript | TypeScript developer or just starting ...","height":746,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/b7622c00-09a4-497a-99f7-9654278a3e7f/cover-4b3413e9-0843-4ca7-8ad0-55f1a28e8fea_Lesser%2BSpotted%2BReact%2BMistakes_blog.png","width":1422}},"index_icon":{"value":null},"index_headline":{"value":"Lesser spotted React mistakes: Hooked on a feeling"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"3614aa53-1b41-4194-943b-5b09822f31de","codename":"blogpost___lesser_spotted_react_mistakes__hooked_o"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Check out what’s new in SonarQube Server 9.7 in this quick video."},"index_image":{"value":{"description":null,"height":656,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/91219eab-8901-4331-a736-11e913911084/hero%402x.jpg","width":2200}},"index_icon":{"value":null},"index_headline":{"value":"SonarQube Server 9.7 is here!"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"c09b50a5-92c7-41c9-aa95-0662d459c390","codename":"blogpost___sonarqube_9_7_is_here_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We come back on a critical deserialization vulnerability identified by our SAST engine in the software Melis Platform. Let’s look at how it works under the hood and how we confirmed its exploitability."},"index_image":{"value":{"description":"We come back on a critical deserialization vulnerability identified by our SAST engine in the software Melis Platform. Let’s look at how it works under the hood and how we confirmed its e...","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/a64d8bba-5ad9-484d-8ce9-aa05af4cba52/cover-38580e6b-e5af-40d9-aa33-e4623bf3b124_Remote%2BCode%2BExecution_02.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Remote Code Execution in Melis Platform"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"d572bb66-9eef-48fe-bc93-dace7274dc7f","codename":"blogpost___remote_code_execution_in_melis_platform"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"One of the biggest AI-related headlines of 2024 has been the rapid growth and acceptance of AI-based coding tools."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/4ed7b130-1fe0-4a03-a30c-e82614f04635/sonar-open-graph-2x-2.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"AI-based coding tools are thriving, and maintainers have some valid concerns about the impact on their work"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"1bbb3dd5-c6fb-4d8a-a2a3-4e20ec3c88af","codename":"blogpost___ai_based_coding_tools_are_thriving"}},{"value":{"index_subheadline":{"value":"Press Release"},"index_perex":{"value":"Sonar will showcase the importance of Code Quality and the impact it can have on the developer community"},"index_image":{"value":{"description":"java-one logo","height":400,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/d9159794-0954-400c-a2c2-036e57b22df1/JavaOne_Small%20Card%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Sonar to Present at JavaOne"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"1afea4e1-e61f-485b-8a1b-49a9d96e8724"},"elements":{"name":{"value":"Press Releases"},"url_slug":{"value":"press-releases"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"10303e13-bf3b-4064-be35-151e3491e9c1","codename":"javaone_press_release"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Bad code doesn’t just disappear and the consequences of overlooking it can be costly. "},"index_image":{"value":{"description":"Bad code doesn’t just disappear and the consequences of overlooking it can be costly. ","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/ac7025b7-ac39-4bd1-8a23-d9b19556b4a4/cover-c84e0752-8ad2-4e98-a96a-373e531c28f0_Cost%2Bof%2BBad%2BCode_Blog%2BHeader%25402x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Bad code costs more than just your money"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"6941efea-5e7d-42e8-8033-19f3da254e93","codename":"blogpost___bad_code_costs_more_than_just_your_mone"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"The Rule of Three was coined back in 1991. That expanded to the Rule of Five with C++11's move semantics - and even that was then subsumed by The Rule of Zero. But what are all these rules? And do we have to follow them?"},"index_image":{"value":{"description":"The Rule of Three was coined back in 1991. That expanded to the Rule of Five with C++11's move semantics - and even that was then subsumed by The Rule of Zero. But what are all these rule...","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/440e6f3d-4be1-41c0-bbba-5a455ad2fe9e/cover-dfac2126-0c5b-4929-9da6-dcdf87ba7804_Rules%2Bof%2B3-5-0_02.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"The Rules of Three, Five and Zero"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"549a511c-f658-4dc9-95a4-206be0a90a8d","codename":"blogpost___the_rules_of_three__five_and_zero"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Whether you’re working on a new project or an existing one, you might think of Code Quality as an ideal, somewhere far out of reach. Let’s go over 5 key features that make SonarQube Cloud the perfect tool for developers and development teams to deliver Code Quality consistently and efficiently, without disrupting the existing development workflow."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/df8129f1-a500-413f-83e5-f954486d9ae6/Five%20Key%20Features%20of%20SonarCloud_blog%20header.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Five SonarQube Cloud features for developers that want Code Quality"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"aefd69bb-5b05-4e3b-82e4-a41393363e82","codename":"blogpost___product_portals_open__we_want_your_inpu"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"What is your worst supply chain nightmare and why is it somebody that could take over all the PHP packages at once? Let's deep dive into how we could demonstrate it!"},"index_image":{"value":{"description":"What is your worst supply chain nightmare and why is it somebody that could take over all the PHP packages at once? Let's deep dive into how we could demonstrate it!","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/8ae977db-72e1-4474-90e0-c59d20430753/cover-c83b02ac-8a39-4e4c-a02f-c1db5cafcde0_Packagist%2BRCE_Blog-Banner_Sonarsite%2B-%2B687%25402x.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"Securing Developer Tools: A New Supply Chain Attack on PHP"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"139786f1-6842-433f-9542-ba2d67176748","codename":"blogpost___securing_developer_tools__a_new_supply_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"When you think about your typical workday, how much time do you spend working on a computer? How hard would it be for you to perform your job if you did not have access to a computer?"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/9b48b8b7-1632-4607-8321-bc8d583524af/SonarQube%20Accessibility_Banner_%402x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Our journey toward accessibility"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"7f032941-61e7-4a10-8fb2-8584ba46c2e9","codename":"blogpost___code_security_advent_calendar_2022__cop_7f03294"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We recently discovered several vulnerabilities in OneDev 7.2.9 that allowed attackers to fully compromise a server and even break out of a Docker environment."},"index_image":{"value":{"description":"We recently discovered several vulnerabilities in OneDev 7.2.9 that allowed attackers to fully compromise a server and even break out of a Docker environment.","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/7079e9bd-2571-4fa5-8a98-7fd565d67932/cover-a4f60b69-48d5-4a4d-9282-d245c280324d_Vulnerability_Blog%2BHeader.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Securing Developer Tools: OneDev Remote Code Execution"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"9c2329c2-2f4c-41dd-a0a4-b8446eb9be98","codename":"blogpost___securing_developer_tools__onedev_remote"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Curious about life as a Developer at SonarSource? Join us as we discuss changes in the world of programming, the importance of Security, and writing code with SonarQube Cloud Backend Developer Claire Villard."},"index_image":{"value":{"description":"Curious about life as a Developer at SonarSource? Join us as we discuss changes in the world of programming, the importance of Security, and writing code with SonarCloud Backend Developer...","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/cfa9f281-e746-41f3-aec1-da25a22a606f/cover-8a4d225a-f323-4b60-b736-9104f266b984_Interview%2Bwith%2Ba%2BDev_01.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Interview with a SonarSource Developer"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"3ed14008-0e6a-4c4d-a522-f2a0a6a97a8b","codename":"blogpost___interview_with_a_sonarsource_developer"}},{"value":{"index_subheadline":{"value":"Press Release"},"index_perex":{"value":"Former Airbnb executive brings legal expertise to Sonar, the leader in Code Quality\n"},"index_image":{"value":{"description":"Derek Smith General Counsel","height":400,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/06afd8b6-af8d-4f22-aebf-2d01d7f24eba/Derek_PR-Card%402x.jpg","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Derek Smith Joins Sonar as General Counsel"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"1afea4e1-e61f-485b-8a1b-49a9d96e8724"},"elements":{"name":{"value":"Press Releases"},"url_slug":{"value":"press-releases"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"1183f432-7bf5-4801-8b24-a8504d9133d9","codename":"apac_announcment_press_release_page__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"In this post we will cover why it’s important to know what licenses accompany the open source in use at your organization"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/4ed7b130-1fe0-4a03-a30c-e82614f04635/sonar-open-graph-2x-2.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"The evolving landscape of open source licensing: What you need to know"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"f4ef005f-5bc1-4a6f-a992-3750adbe1d81","codename":"blogpost___the_evolving_landscape_of_open_source_l"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Code Quality—a term you may have casually used or heard before but may not have synthesized or internalized its true essence. In this post, learn what Code Quality is and why it matters. "},"index_image":{"value":{"description":"Power of Clean Code on a computer screen with gears turning around lines of code. ","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/35018049-8a67-494f-8014-978140a03c43/Power%20of%20Clean%20Code_blog%20header.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"The Power of Code Quality"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"0c2f1da4-1a08-4426-842d-b37d9dd6e0ed","codename":"blogpost___our_journey_toward_accessibility__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Our security researchers were surprised to discover a low-hanging code vulnerability in WordPress Core that we will discuss in this blog post."},"index_image":{"value":{"description":"Our security researchers were surprised to discover a low-hanging code vulnerability in WordPress Core that we will discuss in this blog post.","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/f8e0d182-af07-47b5-a344-953abeb6ac49/cover-49dee23b-88da-4410-b3f2-e709f03f2ba4_Unauthenticated%2BBlind%2BSSRF_01.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"WordPress Core - Unauthenticated Blind SSRF"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code security"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Vulnerability research"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"3fcbafee-c21e-4768-978e-86759faa72e0","codename":"blogpost___wordpress_core___unauthenticated_blind_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"In this blog, we demonstrate how you can get started with SonarQube Cloud in less than 3 minutes and ensure all new Java pull requests are clean, every time."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/4ddd2c5b-e797-448d-b264-bac59f9717d1/3%20min%20away%20from%20clean%20Java%20PRs_blog%20header.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"You’re 3 minutes away from clean Java pull requests!"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"9c798875-f1e6-4244-a3ea-ccea00a0cbd9","codename":"blogpost___five_sonarcloud_features_for_developers"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Knowing if your latest release candidate is built with Code Quality doesn’t have to be a guessing game. With Sonar at your side, you’ll know that every new line, every PR and every build is clean."},"index_image":{"value":{"description":"Knowing if your latest release candidate is built with clean code doesn’t have to be a guessing game. With Sonar at your side, you’ll know that every new line, every PR and every build is...","height":2512,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/caf5f890-f26d-4e4d-b0e3-3032321d8f21/cover-472cdc6f-bde3-4837-8399-dd16ff7dfc75_Race%2Bto%2BRelease_01.png","width":4800}},"index_icon":{"value":null},"index_headline":{"value":"Sonar Streamlines the Race to Release"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"c90a09bb-1ea0-4803-8ae9-9a08cbf0b3a8","codename":"blogpost___sonar_streamlines_the_race_to_release"}},{"value":{"index_subheadline":{"value":"Press Release"},"index_perex":{"value":"After raising $412 Million in new investment, Sonar expands to APAC \n"},"index_image":{"value":{"description":"Sonar expands to Asia Pacific","height":400,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/d52f585e-3489-4374-92e4-bc70ecf0f956/sonar-expands-to-asia-pacific_PR-Card%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Sonar Expands the Code Quality movement to Asia Pacific "},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"1afea4e1-e61f-485b-8a1b-49a9d96e8724"},"elements":{"name":{"value":"Press Releases"},"url_slug":{"value":"press-releases"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"1969da79-e7e0-43ed-a5ec-3e55fa79b735","codename":"cmo_press_release_page__copy__1969da7"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"In the third part of our Securing Developer Tools series, we look at a critical vulnerability that affects one of the most popular code editors: Visual Studio Code."},"index_image":{"value":{"description":"In the third part of our Securing Developer Tools series, we look at a critical vulnerability that affects one of the most popular code editors: Visual Studio Code.","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/08e32e7d-6a21-4f33-a2d4-426548371d47/cover-9c0429de-993d-47ff-8868-bc39709adbd4_Securing%2BDev%2BTools_06.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Securing Developer Tools: Argument Injection in Visual Studio Code"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"6e0cef91-c9b5-4b3a-a3d0-e50be6a3fa73","codename":"blogpost___securing_developer_tools__argument_inje"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Our security research led to the discovery of a flaw in a popular Apache2 authentication module. We come back on this case of parsing differential and how various languages behave when working with URLs."},"index_image":{"value":{"description":null,"height":1257,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/7d95cc85-890e-4e05-b17e-ae2e7b004b74/dfa97c39-b3be-4481-a555-e348f7c23a14_WHATWG%2BVs%2BRFC_Blog%2BHeader%402x.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"Security Implications of URL Parsing Differentials"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"23f67b36-ef75-45c3-8ee6-a6bf7e0f4aa2","codename":"blogpost___security_implications_of_url_parsing_di"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We recently found a vulnerability in Django that allows us to disclose sensitive information. Let’s review the root cause, exploiting technique, and patch."},"index_image":{"value":{"description":"We recently found a vulnerability in Django that allows us to disclose sensitive information. Let’s review the root cause, exploiting technique, and patch.","height":1257,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/d3da8074-dd9f-4c99-9d7e-6001cd3148d3/cover-707d5403-6d1c-4532-bc35-7e03c4e44177_django-vulnerability_blog-hero%25402x.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"Disclosing information with a side-channel in Django"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"9edcdbdf-97f6-4092-b4f5-13edaccf2d93","codename":"blogpost___disclosing_information_with_a_side_chan"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We recently discovered a Prototype Pollution vulnerability in Blitz.js leading to Remote Code Execution. Learn about this bug class and how to avoid it in your code!"},"index_image":{"value":{"description":"We recently discovered a Prototype Pollution vulnerability in Blitz.js leading to Remote Code Execution. Learn about this bug class and how to avoid it in your code!","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/49864ed0-3025-46f8-9dd0-26e0205e9592/cover-9400fc20-8a70-424a-b1ab-6fa8bff9b8cc_Blitz-JS_Vulnerability%25402x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Remote Code Execution via Prototype Pollution in Blitz.js"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"88df1913-492a-4607-97e0-ed9a8e3b8e11","codename":"blogpost___remote_code_execution_via_prototype_pol"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We discovered a vulnerability in Zimbra Enterprise Email that allows an unauthenticated, remote attacker fully take over Zimbra instances via a flaw in unrar."},"index_image":{"value":{"description":"We discovered a vulnerability in Zimbra Enterprise Email that allows an unauthenticated, remote attacker fully take over Zimbra instances via a flaw in unrar.","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/f8f5e822-b341-41c3-ac1d-14b8da1ff297/cover-57fb4ac4-6a48-499d-bac5-5bb7fa5eb17f_Zimbra_Blog%2BHeader%25402x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Unrar Path Traversal Vulnerability affects Zimbra Mail"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"02760eba-6ea7-4edf-b04e-f51a685a9fab","codename":"blogpost___unrar_path_traversal_vulnerability_affe"}},{"value":{"index_subheadline":{"value":"Press Release"},"index_perex":{"value":"Former Oracle and Redis executive to scale global marketing execution to further fuel developer adoption and company growth"},"index_image":{"value":{"description":"Photo of Manish Gupta Chief Marketing Officer at SonarSource","height":400,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/476887e3-70f3-440d-9962-b14365306f6c/Manish_PR-Card%402x.jpg","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Sonar Strengthens Management Team with Manish Gupta as CMO"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"1afea4e1-e61f-485b-8a1b-49a9d96e8724"},"elements":{"name":{"value":"Press Releases"},"url_slug":{"value":"press-releases"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"5ec74c72-b34b-4af9-ae9a-44ee18c842d5","codename":"cmo_press_release_page"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We discovered flaws in Zimbra, an enterprise email solution, that allow attackers to steal credentials of users and gain access to their email accounts."},"index_image":{"value":{"description":"We discovered flaws in Zimbra, an enterprise email solution, that allow attackers to steal credentials of users and gain access to their email accounts.","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/22f94cfb-b291-47d7-a281-9a816efd7bb0/cover-9c8d0d36-05c6-4114-85cc-19263bc3230e_Zimbra%2B2nd%2Bencounter%25402x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Zimbra Email - Stealing Clear-Text Credentials via Memcache injection"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"38d72d53-5fbd-4a59-8c55-f8168b3dcba5","codename":"blogpost___zimbra_email___stealing_clear_text_cred"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We've finally defined our own performance goals for analysis - so that we're no longer subjecting ourselves to apples-to-oranges comparisons with tools that may not have the same goals or outcomes. Now, we can clearly state what you can expect from analysis, and how long analysis of a project should take under standardized conditions."},"index_image":{"value":{"description":null,"height":2500,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/29c1cfd3-6f16-4cf9-8a2f-ab8784b441b4/Sonars%20Analysis%20Performance%20Targets_blog%20header.png","width":4800}},"index_icon":{"value":null},"index_headline":{"value":"Sonar’s analysis performance targets"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"5717c34f-8599-4890-a1f0-3748b0d9668b","codename":"blogpost___5_things_to_consider_in_performance_com"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We discovered vulnerabilities in Horde Webmail that allow an attacker to execute arbitrary code on Horde instances by having a victim open an email"},"index_image":{"value":{"description":"We discovered vulnerabilities in Horde Webmail that allow an attacker to execute arbitrary code on Horde instances by having a victim open an email","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/b5653f98-8350-4e11-96ca-055c4b6d1e5a/cover-0a359c54-1bf6-4318-b255-5e9ffd2bba1b_RD-154%2BHorde%2BStored%2BXSS%25402x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Horde Webmail - Remote Code Execution via Email"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"a80e5ba2-d0cf-44dd-914f-83af552321ae","codename":"blogpost___horde_webmail___remote_code_execution_v"}},{"value":{"index_subheadline":{"value":"Press Release"},"index_perex":{"value":"Former president and CEO of SolarWinds brings his expertise of high-growth scaleups and public markets to the leader in Code Quality"},"index_image":{"value":{"description":"Kevin-Thompson","height":400,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/17c64241-1ee2-4414-bf57-4929f7f39fea/Kevin-Thompson_PR-Card%402x.jpg","width":704}},"index_icon":{"value":null},"index_headline":{"value":" Sonar Appoints Kevin Thompson on its Board of Directors "},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"1afea4e1-e61f-485b-8a1b-49a9d96e8724"},"elements":{"name":{"value":"Press Releases"},"url_slug":{"value":"press-releases"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"51428cce-76e6-43c6-86b4-76c686a14048","codename":"investment_round_press_release__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We recently discovered two critical vulnerabilities in the IT monitoring dashboard Icinga Web. Let’s review their respective root cause and their patches!"},"index_image":{"value":{"description":"We recently discovered two critical vulnerabilities in the IT monitoring dashboard Icinga Web. Let’s review their respective root cause and their patches!","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/44ff6c99-894f-4ff7-a135-f468c08bdd70/cover-b6543c39-9080-4011-90ab-e078bb92dcdd_RD-165%2BIcingaweb2%25402x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Path Traversal Vulnerabilities in Icinga Web"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"f0998883-28c3-4b8f-b9c9-f9eb39952599","codename":"blogpost___path_traversal_vulnerabilities_in_icing"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"VS Code has been gaining popularity for C and C++ development. We are happy to announce that finally, we will be able to help you write clean C and C++ code in VS Code."},"index_image":{"value":{"description":"VS Code has been gaining popularity for C and C++ development. We are happy to announce that finally, we will be able to help you write clean C and C++ code in VS Code.","height":1257,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/f0f7a1b4-443d-46b8-8836-b4348948699c/cover-e2a249cc-1f9b-4afa-b40d-5ab1ffedf1bf_02_SL_c-cpp-vscode_Blog-Social%25402x.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"A C&C++ tour of SonarQube for IDE: Visual Studio Code"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"SonarQube for IDE"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Partner integrations"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"a43c7e2f-7c1e-4c95-8ea3-7f74e0568b8b","codename":"blogpost___a_c_c___tour_of_sonarlint_for_vs_code"}},{"value":{"index_subheadline":{"value":"Press Release"},"index_perex":{"value":"The company will use the investment to expand globally and propel the company to $1 billion in total revenue"},"index_image":{"value":{"description":"funding-growth-image","height":400,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/3f82e855-56a8-446a-b6fa-99619247bc7b/Funding_PR-Card%402x.png","width":704}},"index_icon":{"value":null},"index_headline":{"value":" Sonar, the Leading Platform for Code Quality, Raises $412 Million in New Investment "},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"1afea4e1-e61f-485b-8a1b-49a9d96e8724"},"elements":{"name":{"value":"Press Releases"},"url_slug":{"value":"press-releases"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"11bcf469-2d87-4b73-90f1-c5c89b2eae4e","codename":"cmo_press_release_page__copy_"}},{"value":{"index_subheadline":{"value":"Manufacturing"},"index_perex":{"value":"SonarQube Server provides a common and accepted framework for developers to properly discuss the Code Quality thresholds required for meeting the Group’s code standards."},"index_image":{"value":{"description":"Pernod Ricard","height":400,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/0626f0f7-5d69-4b52-a894-ab3a5f24cfd9/pernod_ricard_customer_story_card.webp","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Pernod Ricard"},"index_cta":{"value":"Read more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"0a4f1a31-9a41-4ee9-b452-5deb1bfd1e47"},"elements":{"name":{"value":"Customer Stories"},"url_slug":{"value":"customer-stories"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Product"}}}},"name":{"value":"SonarQube Server"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Region"}}}},"name":{"value":"Europe"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Industry"}}}},"name":{"value":"Manufacturing"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"2a2a2d47-bae1-4be1-b8c2-48bda51f5198","codename":"untitled_content_item_2a2a2d4"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We recently discovered a critical code vulnerability in RainLoop Webmail that allows attackers to steal all emails by sending a malicious mail."},"index_image":{"value":{"description":"We recently discovered a critical code vulnerability in RainLoop Webmail that allows attackers to steal all emails by sending a malicious mail.","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/0c021d54-82b7-4005-9dda-a60131458bbb/cover-35479e64-521a-475d-8547-3423ee78ec5a_RainLoop%2BWebMail%2BStored%2BXSS%25402x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"RainLoop Webmail - Emails at Risk due to Code Flaw"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"fbfac981-be4c-47fe-bd60-41538294602c","codename":"blogpost___rainloop_webmail___emails_at_risk_due_t"}},{"value":{"index_subheadline":{"value":"Press Release"},"index_perex":{"value":"Leading solutions provider for Code Quality demonstrates robust and mature approach to internal security management that meets the highest security standards"},"index_image":{"value":{"description":"iso-certification-sonar","height":400,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/9c0eae7e-f9fd-4b64-a21d-451f4419fc07/ISO-Certification_PR-Card%402x.jpg","width":704}},"index_icon":{"value":null},"index_headline":{"value":" Sonar Achieves ISO 27001 Certification "},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"1afea4e1-e61f-485b-8a1b-49a9d96e8724"},"elements":{"name":{"value":"Press Releases"},"url_slug":{"value":"press-releases"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"444e7ed8-2577-43fb-ab47-ba2f6b443e24","codename":"investment_round_press_release__copy__444e7ed"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"For the second time in a year, we identified critical code vulnerabilities in a central component of the PHP supply chain. Let's dive into it!"},"index_image":{"value":{"description":"For the second time in a year, we identified critical code vulnerabilities in a central component of the PHP supply chain. Let's dive into it!","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/c1f194e6-c628-4642-9199-7f0daa232728/cover-05529a53-c15f-4234-9be4-ad6ad769fed5_RD-137%2BPHP%2BSupply%2BChain%2BAttack%2Bon%2BPEAR%25402x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"PHP Supply Chain Attack on PEAR"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"f7ce3bca-2b39-4599-a0d6-8a70391977e2","codename":"blogpost___php_supply_chain_attack_on_pear"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"The norm for setting up your cloud-native app infrastructure is quickly becoming Infrastructure as Code (IaC). In this blog, we’ll cover how Sonar is the solution for safeguarding your IaC invoked infrastructure."},"index_image":{"value":{"description":"The norm for setting up your cloud-native app infrastructure is quickly becoming Infrastructure as Code (IaC). In this blog, we’ll cover how Sonar is the solution for safeguarding your Ia...","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/574cfd37-e4ba-4a69-942a-ca34f731d155/cover-230ef5ab-4143-4f2e-80ce-c0bea7b5c674_Infrastructure%2Bas%2BCode%25402x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Clean Your Infrastructure Code with Sonar"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"72a52b2f-46dd-4df8-9510-bd098e011b05","codename":"blogpost___clean_your_infrastructure_code_with_son"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"With this series, we present the results of our research on the security of popular developer tools with the goal of making this ecosystem safer: today’s article revisits Git integrations."},"index_image":{"value":{"description":"With this series, we present the results of our research on the security of popular developer tools with the goal of making this ecosystem safer: today’s article revisits Git integrations.","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/b1a68d81-5ea1-4df7-b44c-28f888441d53/cover-4c650341-e335-4b58-93d8-44692f9fb87f_RD-127%2BGit%2BShell%2BIntegration%25402x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Securing Developer Tools: Git Integrations"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"d72db15f-4327-43db-9547-2630e6c7791c","codename":"blogpost___securing_developer_tools__git_integrati"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Yarn, Pip, Composer & friends: Learn about 3 types of vulnerabilities we found in popular package managers that can be used by attackers to target developers."},"index_image":{"value":{"description":"Yarn, Pip, Composer & friends: Learn about 3 types of vulnerabilities we found in popular package managers that can be used by attackers to target developers.","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/7cacf865-fd71-4ebc-8e80-e418d3406abf/cover-3f4e1bd4-7c0e-4746-9b44-37be5ef94233_RD-169%2BPackage%2BManager%25402x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Securing Developer Tools: Package Managers"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"3c741ecf-e469-4bae-941c-030b3f1c1589","codename":"blogpost___securing_developer_tools__package_manag"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"When talking about static analysis and/or SAST performance comparisons - or really, comparisons of any kind of performance - what criteria do you consider? Maybe it was fast, but what did it accomplish? Here's what you ought to look at when you compare performance."},"index_image":{"value":{"description":null,"height":2512,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/611d1510-51a3-45b7-b546-e03bd6da1fbf/5%20Things%20to%20Consider%20in%20Performance%20Comparisons_blog%20header.png","width":4800}},"index_icon":{"value":null},"index_headline":{"value":"5 things to consider in performance comparisons"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Code quality"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"5835a5de-e691-4243-bca0-3c54e785d70a","codename":"blogpost___our_journey_toward_accessibility__copy__5835a5d"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"The next most common evaluation will be a simple check against a list of accepted licenses, usually the list from the Open Source Initiative, a license-scanner vendor, or from counsel."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/4ed7b130-1fe0-4a03-a30c-e82614f04635/sonar-open-graph-2x-2.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Evaluating an ethical license for corporate use"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"20ea594d-c492-4ec7-9bf5-85ea2bde966f","codename":"blogpost___evaluating_an_ethical_license_for_corpo"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We’re happy to announce that SonarQube Cloud integrates with GitHub code scanning! It’s available to everyone with a GitHub repository - private or public - independently of your SonarQube Cloud plan. If you have access to the feature on GiHub and your organization admin already accepted the update for the SonarQube Cloud app permissions, you’re all set! You should be able to start using the feature during your next code review."},"index_image":{"value":{"description":"Image of GitHub Code Scanning false positives, unit tests and fixes with SonarCloud. ","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/fe0a1cee-759e-4915-b795-d2816d753669/cover-590f6a1e-6a5c-40a1-8489-f02aeb389cc8_GitHub%2BCode%2BScanning%2BAlert%25402x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Review your security vulnerabilities in GitHub with code scanning alerts"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"5ab38a5f-fe93-42a6-8777-692a769f58da","codename":"blogpost___review_your_security_vulnerabilities_in"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We recently discovered a code vulnerability in Horde Webmail that can be used by attackers to take over email accounts by sending a malicious email."},"index_image":{"value":{"description":"We recently discovered a code vulnerability in Horde Webmail that can be used by attackers to take over email accounts by sending a malicious email.","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/89bb4a56-cfb5-4249-9c2d-1f628b10adc6/cover-0a359c54-1bf6-4318-b255-5e9ffd2bba1b_RD-154%2BHorde%2BStored%2BXSS%25402x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Horde Webmail 5.2.22 - Account Takeover via Email"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"e888e6c5-fc97-448f-8d9a-b81c9bc1017e","codename":"blogpost___horde_webmail_5_2_22___account_takeover"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"In this article we discuss the security of client-side session storages and analyze a vulnerable implementation in the IT monitoring solution Zabbix."},"index_image":{"value":{"description":"In this article we discuss the security of client-side session storages and analyze a vulnerable implementation in the IT monitoring solution Zabbix.","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/9f95c076-845c-4d25-ac28-e42b7fcae605/cover-a1691e38-7c8f-4e2e-add4-ae3675bb7489_RD-111%2Bzabbix%2Buse%2Bcase%25402x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Zabbix - A Case Study of Unsafe Session Storage"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"d2dddef9-65c1-427d-952c-70c13175c397","codename":"blogpost___zabbix___a_case_study_of_unsafe_session"}},{"value":{"index_subheadline":{"value":"Continuous Inspection"},"index_perex":{"value":"Continuous Inspection is essential to the Code Quality methodology. You can’t truly ‘shift left’ without a continuous inspection process tightly integrated into your development life cycle."},"index_image":{"value":{"description":"Continuous Inspection White Paper Cover and internal pages","height":628,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/56a48aba-a9f9-4e58-a8e9-512936b026b3/Continuous-Inspection-Small%402x.jpg","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"Unite internal code quality with SDLC"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"4288f54f-c21e-46e1-9321-eaeefc10a1ca"},"elements":{"name":{"value":"White Papers"},"url_slug":{"value":"white-papers"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"efe9cf47-502e-4b3c-9a14-41cfadaa6955","codename":"white_paper_post___continuous_inspection"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"The specific mechanisms for tracking dependencies vary across open source communities, making it challenging to compare across languages or package managers."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/4ed7b130-1fe0-4a03-a30c-e82614f04635/sonar-open-graph-2x-2.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Dependency management and your software health"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"d4d32ee4-93a4-4ac3-a4d6-21032d1efd22","codename":"blogpost___dependency_management_and_your_software"}},{"value":{"index_subheadline":{"value":"Press Release"},"index_perex":{"value":"New CTO and CFO will help Sonar continue its rapid business growth in 2022"},"index_image":{"value":{"description":"Gordon-Pothier-CFO","height":400,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/536deaa5-8ef4-4cf5-b0dc-1af2ac583215/Gordon-Pothier_CFO_PR-Card%402x.jpg","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Sonar Strengthens its Leadership Team"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"1afea4e1-e61f-485b-8a1b-49a9d96e8724"},"elements":{"name":{"value":"Press Releases"},"url_slug":{"value":"press-releases"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"4a857820-1770-45bc-ac49-d956bc6f2043","codename":"iso_certification_press_release__copy_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We discovered an interesting code vulnerability that could be used to bypass hardening mechanisms in the popular WordPress CMS."},"index_image":{"value":{"description":"We discovered an interesting code vulnerability that could be used to bypass hardening mechanisms in the popular WordPress CMS.","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/db08c2ae-ef53-4e19-b0d0-6937acb5b23d/cover-73a1a08a-f7a1-4e3c-a3ec-86d7a16fdde3_RD-108%25402x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"WordPress < 5.8.3 - Object Injection Vulnerability"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"f2a6aadb-5257-462c-b163-8b34790e3855","codename":"blogpost___wordpress___5_8_3___object_injection_vu"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"In this post, we will see how to completely disable external entities declaration and expansion, offering a quick and safe solution."},"index_image":{"value":{"description":"In this post, we will see how to completely disable external entities declaration and expansion, offering a quick and safe solution.","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/61a8dfef-a7ec-42a8-a64a-ca05f6b79980/cover-19747a85-91b5-4409-883a-33e7a50e13a3_1_3%2Bhow%2Bto%2Bfix%2BXXE%25402x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"How to disable XXE processing?"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"52fc7fec-05e0-4878-a008-bdb41eb796bc","codename":"blogpost___how_to_disable_xxe_processing_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Today XML External Entities (XXE) vulnerabilities are still ubiquitous, despite the fact that recommendations to protect against them have been an integral part of security standards for years. In this post, we will try to demystify XXE vulnerabilities and present the rule we put in place to help you detect and prevent them. "},"index_image":{"value":{"description":"Today XML External Entities (XXE) vulnerabilities are still ubiquitous, despite the fact that recommendations to protect against them have been an integral part of security standards for ...","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/54866073-5f9b-449f-844a-548f5e4386a0/cover-bcb889be-725b-49b8-8b72-6cdf073560b3_3_3%2Blearnings%2Bfrom%2BXXE%25402x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Don't be afraid of XXE vulnerabilities: understand the beast and how to detect them"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"cfb0b662-cbe3-4072-9fd7-2af3a9023a18","codename":"blogpost___don_t_be_afraid_of_xxe_vulnerabilities_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We reported a Stored XSS vulnerability in WordPress (CVE-2022-21662) which remained unpatched for more than 3 years and affected the wordpress.org website."},"index_image":{"value":{"description":"Image shows various elements of code security, languages and bugs","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/3b863d8e-28a8-49f6-8005-ad34ede82668/Generic%20Blog%20Image_A.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"WordPress 5.8.2 Stored XSS Vulnerability"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"86cce9ff-3cf6-44da-9334-e451690d02aa","codename":"blogpost___wordpress_5_8_2_stored_xss_vulnerabilit"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Our research team looks back at a great year and summarizes the highlights of their vulnerability research in 2021."},"index_image":{"value":{"description":"Vulnerability Research Highlights 2021","height":628,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5fe6951c-0f84-41af-996c-d4faf0c71d18/59d77874-0850-4af1-b4a6-7aa8c039842c_RD-143%2B2021%2BReview%2BBlogpost.png.jpeg","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"Vulnerability Research Highlights 2021"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"266a6605-108d-42fe-9d24-91f7e7d70481","codename":"blogpost___vulnerability_research_highlights_2021"}},{"value":{"index_subheadline":{"value":"Technology"},"index_perex":{"value":"Considerable resource time is saved in code reviews and feature integration"},"index_image":{"value":{"description":"Cisco IT","height":400,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/d4af9e59-d5b9-4368-a1c4-f8b5d3df653f/cisco_it_customer_story_card.webp","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Cisco"},"index_cta":{"value":"Read more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"0a4f1a31-9a41-4ee9-b452-5deb1bfd1e47"},"elements":{"name":{"value":"Customer Stories"},"url_slug":{"value":"customer-stories"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Product"}}}},"name":{"value":"SonarQube Server"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Region"}}}},"name":{"value":"North America"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Industry"}}}},"name":{"value":"Technology"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"9088b85f-6707-4c9c-a5d7-4f7c18bc1595","codename":"customer_story___cisco_it"}},{"value":{"index_subheadline":{"value":"Technology"},"index_perex":{"value":"Siemens Software Factory improves code quality across 40 million lines of code by integrating SonarQube Server with Microsoft Azure DevOps tools and technologies."},"index_image":{"value":{"description":"Siemens","height":400,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5f5369f0-8ac0-4c84-90a1-2e0c16efd360/siemens_customer_story_card.webp","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Siemens"},"index_cta":{"value":"Read more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"0a4f1a31-9a41-4ee9-b452-5deb1bfd1e47"},"elements":{"name":{"value":"Customer Stories"},"url_slug":{"value":"customer-stories"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Product"}}}},"name":{"value":"SonarQube Server"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Region"}}}},"name":{"value":"Europe"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Industry"}}}},"name":{"value":"Technology"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"288296d7-60bb-465e-876e-f081ecf4162a","codename":"customer_story___siemens"}},{"value":{"index_subheadline":{"value":"Technology"},"index_perex":{"value":"With highly customized rules and integrations and a custom Quality Gate, developers use SonarQube Server daily to ensure clean and secure code in sensitive applications."},"index_image":{"value":{"description":"technology powerhouse","height":400,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/c361227e-ecc4-405c-9047-6eecdd9b0153/technology_powerhouse_customer_story_card.webp","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Global technology powerhouse"},"index_cta":{"value":"Read more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"0a4f1a31-9a41-4ee9-b452-5deb1bfd1e47"},"elements":{"name":{"value":"Customer Stories"},"url_slug":{"value":"customer-stories"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Product"}}}},"name":{"value":"SonarQube Server"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Region"}}}},"name":{"value":"North America"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Industry"}}}},"name":{"value":"Technology"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"23b061ac-afaf-47a3-92a0-6b0d9e808835","codename":"customer_story___technology_powerhouse"}},{"value":{"index_subheadline":{"value":"Manufacturing"},"index_perex":{"value":"One of the world's leading manufacturers of automobiles and commercial vehicles adds a strong security checkpoint to its DevOps tool chain by expanding SonarQube Server and SonarQube for IDE use to 500 developers."},"index_image":{"value":{"description":"Global Car Manufacturer","height":400,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/71793a06-197d-4da0-a6bd-eae8332a5731/global_car_manufacturer_customer_story_card.webp","width":704}},"index_icon":{"value":null},"index_headline":{"value":"Global car manufacturer"},"index_cta":{"value":"Read more"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"0a4f1a31-9a41-4ee9-b452-5deb1bfd1e47"},"elements":{"name":{"value":"Customer Stories"},"url_slug":{"value":"customer-stories"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Product"}}}},"name":{"value":"SonarQube Server"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Region"}}}},"name":{"value":"North America"}}},{"elements":{"facet":{"value":{"elements":{"name":{"value":"Industry"}}}},"name":{"value":"Manufacturing"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"44b87c35-1dec-4732-9ccb-da378df48e89","codename":"customer_story___global_car_manufacturer"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"C++20 is here! It's a big release with many features designed to make your code easier, faster and safer. Let's see how the latest C++ analysis rules in SonarQube for IDE, SonarQube Server and SonarQube Cloud can help us modernize our code to take advantage of some of the new features."},"index_image":{"value":{"description":"C++20 is here! It's a big release with many features designed to make your code easier, faster and safer. Let's see how the latest C++ analysis rules in SonarLint, SonarQube and SonarClou...","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/12667470-d44e-43cd-9823-aedf5f0f802a/cover-f803320a-2249-4532-b1b3-2212a31d3c3e_Topic-%2BC%252B%252B%2B20%25402x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Modernizing your code with C++20"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"bf6c8cb5-8ecb-45ea-a082-8ed22e661473","codename":"blogpost___modernizing_your_code_with_c__20"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We recently discovered three interesting code vulnerabilities in NodeBB 1.18.4, allowing attackers to compromise servers. Find out about the details in this article!"},"index_image":{"value":{"description":"Image shows various elements of code security, languages and bugs","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/3b863d8e-28a8-49f6-8005-ad34ede82668/Generic%20Blog%20Image_A.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"NodeBB 1.18.4 - Remote Code Execution With One Shot"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"df635d6d-2d54-4688-ac1f-b48c4d2b9898","codename":"blogpost___nodebb_1_18_4___remote_code_execution_w"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Our code security advent calendar is back for the sixth consecutive year. We will release daily challenges until December 24th, get ready to fill your bag of tricks!"},"index_image":{"value":{"description":"Our code security advent calendar is back for the sixth consecutive year. We will release daily challenges until December 24th, get ready to fill your bag of tricks!","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/7f87060d-d5fa-46f8-bd98-3d3c6dd4bce3/cover-7256dcf9-9cc8-4c0c-a4d9-f51a072fe808_MKTDIGITAL-294_sonar_code_advent_2021_blogpost_socials%25402x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Code Security Advent Calendar 2021"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"3942b967-7241-46af-b6ba-5a8c50977d45","codename":"blogpost___code_security_advent_calendar_2021"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"In this blog post, we share 10 security pitfalls for Python developers that we encountered in real-world projects."},"index_image":{"value":{"description":"In this blog post, we share 10 security pitfalls for Python developers that we encountered in real-world projects.","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/b5f37741-8502-4f52-9263-f247bfa61940/cover-0f0eec7e-014c-4d3b-bbf0-60e0b6e7bee0_UPPS%2BDjango%2BSecurity%2BBlogpost%25402x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"10 Unknown Security Pitfalls for Python"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[{"elements":{"facet":{"value":{"elements":{"name":{"value":"Category"}}}},"name":{"value":"Languages & frameworks"}}}]},"index_card_clickable":{"value":null}},"system":{"id":"23433048-a28e-4cf5-911a-de1f048c6fee","codename":"blogpost___10_unknown_security_pitfalls_for_python"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We discovered 3 more code vulnerabilities in the popular GoCD CI/CD system that can be chained by attackers to leak or modify internal code. Learn more in this blog post."},"index_image":{"value":{"description":"We discovered 3 more code vulnerabilities in the popular GoCD CI/CD system that can be chained by attackers to leak or modify internal code. Learn more in this blog post.","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/78a53ec3-fac2-4d2e-b6ff-6adac91478e4/cover-003185fb-84ac-48e0-a75f-c27b730d5bbe_GOcd_blogpost%2Bfollowup%25402x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Agent 008: Chaining Vulnerabilities to Compromise GoCD"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"8e84b40c-e04e-4120-a9fe-29c9713a65a2","codename":"blogpost___agent_008__chaining_vulnerabilities_to_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Check out the details of a Cross-Site Scripting bug in the BBCode processing in SmartStoreNET and how it can be chained into arbitrary code execution!"},"index_image":{"value":{"description":"Check out the details of a Cross-Site Scripting bug in the BBCode processing in SmartStoreNET and how it can be chained into arbitrary code execution!","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/9a79bf55-8675-4306-a558-9ba715c8943d/cover-8ebeac1c-c71e-46c7-862f-4df86651fc5e_RD-37%2BsmartstoreNET%2BXSS%25402x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"SmartStoreNET - Malicious Message leading to E-Commerce Takeover"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"342ceb91-4bb3-4207-996f-99d15dca93c2","codename":"blogpost___smartstorenet___malicious_message_leadi"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We recently discovered critical security issues in the popular CI/CD solution GoCD that can be exploited by unauthenticated attackers"},"index_image":{"value":{"description":"We recently discovered critical security issues in the popular CI/CD solution GoCD that can be exploited by unauthenticated attackers","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5b8b7bc5-dca3-4b5a-841b-31218facecad/cover-fb92427d-4a4d-46f3-ab2a-863a66e82201_GOcd_blogpost_opt%25402x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Agent 007: Pre-Auth Takeover of Build Pipelines in GoCD"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"8c63298a-0eb3-4905-814c-b4e355fb3b10","codename":"blogpost___agent_007__pre_auth_takeover_of_build_p"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We are very pleased to announce that we have released a new project experience. It’s now available in SonarQube Cloud for all users. You’ll notice a few improvements the next time you open SonarQube Cloud."},"index_image":{"value":{"description":null,"height":2512,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/e289de40-8bea-42be-b6e4-7171f08e246d/Meet%20the%20New%20Project%20Experience_blog%20header.png","width":4800}},"index_icon":{"value":null},"index_headline":{"value":"Meet the new project experience for SonarQube Cloud"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"5703c2bc-3784-4a34-a3f9-6b9c201d994f","codename":"blogpost___you_re_3_minutes_away_from_clean_java_p"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We discovered and reported a vulnerability in the Squirrel VM, written in C, that allows an attacker to escape the sandbox."},"index_image":{"value":{"description":"We discovered and reported a vulnerability in the Squirrel VM, written in C, that allows an attacker to escape the sandbox.","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/139ce316-054f-4653-a633-6922b96939b6/cover-dc12e72c-0d4d-4ff6-b18a-dcd06decc32b_SquirrelLang%2BBlogpost%25402x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Squirrel Sandbox Escape allows Code Execution in Games and Cloud Services"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"9445ed6c-ea0e-48c0-8899-6f0c9cb74dab","codename":"blogpost___squirrel_sandbox_escape_allows_code_exe"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"This article talks about the powerful capabilities of the C++ analyzer with SonarQube for IDE and highlights some unique and interesting quality and security rules you might find useful. Through that lens, we demonstrate how you can leverage these rules to elevate your CLion built-in static analysis capabilities for your C++ projects."},"index_image":{"value":{"description":"This article talks about the powerful capabilities of the C++ analyzer with SonarLint and highlights some unique and interesting quality and security rules you might find useful. Through ...","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/146d4d35-6d86-431a-ac38-3c6d288eb4b2/cover-a2b38076-4674-4b3f-8729-5f8df078df6c_MKTCOL-246%2BSL%2BClion%2BCpp%25402x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Supercharge your C++ analysis with SonarQube for IDE for CLion"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"f2269e39-146c-4417-a5d8-f71c355a6d6f","codename":"blogpost___supercharge_your_c___analysis_with_sona"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Boost your productivity by automatically applying fixes to repair code quality issues in your IDE with SonarQube for IDE."},"index_image":{"value":{"description":"Boost your productivity by automatically applying fixes to repair code quality issues in your IDE with SonarLint.","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/d8722d45-b0bd-484d-8241-fcfc8843b330/cover-eac58edf-1cea-4939-b893-ee05a27a5aef_MKTCOL-245%2BSL%2BQuickfixes%25402x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Modernize Code Quality with ‘Quick Fixes’"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"ecbd2cdb-09e5-4b3c-a677-7c4c6be39fe0","codename":"blogpost___modernize_code_quality_with__quick_fixe"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We responsibly disclosed three vulnerabilities in the open-source status page Cachet, allowing attackers to take over instances. Here are all the details!"},"index_image":{"value":{"description":"We responsibly disclosed three vulnerabilities in the open-source status page Cachet, allowing attackers to take over instances. Here are all the details!","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/4eacb91e-afb6-4eeb-badc-307d6536c075/cover-123d8703-ee2c-4518-b7de-1a176fb5b5a9_Blogpost%2BCachet%25402x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Cachet 2.4: Code Execution via Laravel Configuration Injection"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"7204ccc3-4aa7-4eb3-a59d-435523e9c728","codename":"blogpost___cachet_2_4__code_execution_via_laravel_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We've recently opened up product portals on Productboard. You'll find them for SonarQube Server, SonarQube Cloud, and SonarQube for IDE. Each one shows the features we're currently working on, the ones we've released recently, and the ones we're planning. "},"index_image":{"value":{"description":null,"height":2512,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/d7f6199c-9f3d-4811-9286-4d417cf3fcc4/Product%20Portals%20Open_blog%20header.png","width":4800}},"index_icon":{"value":null},"index_headline":{"value":"Product portals open: we want your input"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"175f7b07-780c-4e62-a571-e1542ae40acb","codename":"blogpost___sonar_s_analysis_performance_targets__c"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We recently discovered an XSS vulnerability in the admin frontend of Ghost CMS 4.3.2. Find out the details and learn how to avoid such issues in your code!"},"index_image":{"value":{"description":"We recently discovered an XSS vulnerability in the admin frontend of Ghost CMS 4.3.2. Find out the details and learn how to avoid such issues in your code!","height":1200,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/6e09643a-1811-40f9-ab7b-968fa954c14a/cover-278a88f4-f948-4c9a-8ede-2a8c22f9a270_RD-34%2BGhost%2BCMS%2BDOM%2BXSS%25402x.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"Ghost CMS 4.3.2 - Cross-Origin Admin Takeover"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"cac663a2-698b-49b7-9087-9541c70b6bd3","codename":"blogpost___ghost_cms_4_3_2___cross_origin_admin_ta"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Analyzing your C or C++ code requires, in addition to the source code, the configuration that is used to build the code. Historically we have provided a tool to automate the extraction of this information, called the build wrapper. Recently we introduced another way to configure your analysis, the compilation database. Learn more about the pros and cons of each option."},"index_image":{"value":{"description":"Analyzing your C or C++ code requires, in addition to the source code, the configuration that is used to build the code. Historically we have provided a tool to automate the extraction of...","height":1201,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/54486124-5dd6-4e5f-8c6f-1b58378611d4/cover-41325528-f8ec-4888-840d-2f55a2c2b7b8_MKTCOL-240%2Bcompilation%2Bdatabase%2Bblog%2Bimage%25402x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Compilation database: An alternative way to configure your C or C++ analysis"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"d21b260f-093b-4447-8806-f415a65cf983","codename":"blogpost___compilation_database__an_alternative_wa"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Our case study of elFinder 2.1.57 describes several critical code vulnerabilities commonly found in web file managers and how to patch them."},"index_image":{"value":{"description":"Our case study of elFinder 2.1.57 describes several critical code vulnerabilities commonly found in web file managers and how to patch them.","height":1200,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/0b2f16b3-5e3a-4f36-b8f2-a303e0e4f74b/cover-287ee4a6-069f-4503-a54e-a156cf80dcfc_elFinder%2BBlogpost%2B%25402x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"elFinder - A Case Study of Web File Manager Vulnerabilities"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"c0e0e292-a30d-47e5-ad02-4af9bdaaad87","codename":"blogpost___elfinder___a_case_study_of_web_file_man"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"If you're using 3rd-party plugins for SonarQube Server, you're obviously already aware of the benefits. With this blog post, we want to make sure you're also aware of the risks. Because there are risks."},"index_image":{"value":{"description":"SonarQube has always had a rich plugin Marketplace, with much of SonarQube's functionality originally delivered as plugins and many additional needs being met by community-maintained plug...","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/19b11d95-fc33-4312-9e71-174e44421521/cover-8305912b-d946-4399-8ed1-d70c4cfb1b50_Blog%2BImage_MKTCOL-232%25402x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Use 3rd-party plugins at your own risk"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"8e400783-cf33-41ee-ab87-286fec03972e","codename":"blogpost___use_3rd_party_plugins_at_your_own_risk"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Learn how developers can safeguard their cloud 'secrets' from publicly leaking and take charge of their Code Security with SonarQube for IDE."},"index_image":{"value":{"description":"Learn how developers can safeguard their cloud 'secrets' from publicly leaking and take charge of their Code Security with SonarLint.","height":1257,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/a3de4896-7195-4625-93af-5fe5648a83fe/cover-812132b5-869f-4968-b196-cfb6854bd895_SonarLint%2BAWS%2BSecrets%2BBlog_MKTCOL-233_1-B%25402x.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"Launching ‘Secret Detection’ to keep your Cloud ‘Secrets’ safe"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"994387cb-dd74-474b-8835-96757646bb81","codename":"blogpost___launching__secret_detection__to_keep_yo"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"It can be challenging to maintain good coding vibes when your team or company often prioritizes feature delivery over code quality. If your developers are never allowed the time to work on new and exciting things they may eventually find somewhere else to bring their coding talents to."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/8b999041-a358-44d4-a738-7a25475d6d13/Blog%20-%20Retain%20Your%20Development%20Talent%402x.jpg","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"How Code Quality Practices Help You Retain Your Development Talent"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"7260ece7-80a7-4fe2-8527-101552f5e1fb","codename":"blogpost___meet_the_new_project_experience_for_son"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We discovered critical code issues in Zimbra, a popular enterprise webmail solution, that could lead to a compromise of all emails by an unauthenticated attacker."},"index_image":{"value":{"description":"We discovered critical code issues in Zimbra, a popular enterprise webmail solution, that could lead to a compromise of all emails by an unauthenticated attacker.","height":600,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/15290f85-2201-4365-9f0b-1cf4545b535e/cover-9fab1353-1d97-47a5-bb0d-184000db209c_Zimbra%2BFull%2BChain.png","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"Zimbra 8.8.15 - Webmail Compromise via Email"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"a34ac870-2f31-4e19-ae0c-f5a0c0236eb3","codename":"blogpost___zimbra_8_8_15___webmail_compromise_via_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Learn how the functionality of Quality Profiles and Quality Gates come together to enable the SonarSource Clean As You Code methodology."},"index_image":{"value":{"description":"Learn how the functionality of Quality Profiles and Quality Gates come together to enable the SonarSource Clean As You Code methodology.","height":1200,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/642e2d00-96ba-4b3f-8d16-71de7fc4cfa4/cover-fc9866f3-d3e6-4fc9-a217-61ae7a82f8cf_CAYC%2Bblogpost%25402x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Clean As You Code essentials - What are Quality Profiles and Quality Gates?"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"d788b833-4754-4333-9a9d-7f01c52894b2","codename":"blogpost___clean_as_you_code_essentials___what_are"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We discovered two code execution vulnerabilities that affected Etherpad servers and data. Learn more about the technical details and how to avoid such coding issues."},"index_image":{"value":{"description":"We discovered two code execution vulnerabilities that affected Etherpad servers and data. Learn more about the technical details and how to avoid such coding issues.","height":1200,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/1825ee47-2e1b-4855-a571-ad8947f58e1c/cover-f677a108-087d-4f93-b4f1-f0db9fab3d7a_RD-32%2BEtherpad%25402x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Etherpad 1.8.13 - Code Execution Vulnerabilities"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"d6336d83-621e-4456-bf05-a384913ee6f0","codename":"blogpost___etherpad_1_8_13___code_execution_vulner"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Discover how SonarQube Server can integrate with your existing enterprise setup (LDAP, SSO & co.) for user authentication and authorization."},"index_image":{"value":{"description":"Discover how SonarQube can integrate with your existing enterprise setup (LDAP, SSO & co.) for user authentication and authorization.","height":1201,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/33bcd465-80bc-4e99-bea2-74fa5e60f48d/cover-84b5681d-f0a0-431f-b827-7e82edc46ce4_Thumbnail_A_Enterprise%2BReady_SC_Blog%25402x.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"Enterprise-ready: Authentication & Authorization with SonarQube Server (LDAP, SSO & more)"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"d520ccea-1050-4c17-a682-cbb546cf071a","codename":"blogpost___enterprise_ready__authentication___auth"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We discovered critical code vulnerabilities in CiviCRM, a popular CRM plugin for Wordpress, Joomla and Drupal. Learn more about how to find and patch these issues."},"index_image":{"value":{"description":null,"height":600,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/87785a8e-6ea7-439d-8a9b-b6dbe41e64dc/CiviCMS.jpeg","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"CiviCRM 5.22.0 - Code Execution Vulnerability Chain Explained"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"6ae9c8b0-dbf4-43a5-adf6-d2ffa5a8f05a","codename":"blogpost___civicrm_5_22_0___code_execution_vulnera"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"SonarQube Server 8.9 LTS is here! Not every improvement could be mentioned in the release announcement, so check out these LTS easter eggs that make this the Best LTS Ever."},"index_image":{"value":{"description":"SonarQube 8.9 LTS is here! Not every improvement could be mentioned in the release announcement, so check out these LTS easter eggs that make this the Best LTS Ever.","height":1200,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/d2e2f8c8-ea3f-4976-8a14-36ff06c19742/cover-f09c9454-462c-4e42-afcc-94373fc56440_LTS%2Beaster%2Beggs%25402x.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"7 more reasons to upgrade to SonarQube Server 8.9 LTS"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"782845e6-4274-4708-825b-fe20132ed952","codename":"blogpost___7_more_reasons_to_upgrade_to_sonarqube_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"With SonarQube Server 8.9 LTS, SonarSource has made failing the pipeline available for everyone, using any CI you want. But with great power comes ... well, you know. In this post you'll learn what went into the decision to make this available and what you'll want to watch out for when you use it."},"index_image":{"value":{"description":"With SonarQube 8.9 LTS, SonarSource has made failing the pipeline available for everyone, using any CI you want. But with great power comes ... well, you know. In this post you'll learn w...","height":600,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/4fcb3a0c-6f06-40bd-9bb5-f457a8de918a/cover-9e93909f-cac7-453e-b278-3a36b24d1d6c_Failed%2BPipelines%2BMTKCOL-227.png","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"Broken pipelines for everyone!"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"9706353e-e2c1-4fef-af08-2d6c45a34fd8","codename":"blogpost___broken_pipelines_for_everyone_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We responsibly disclosed two code execution vulnerabilities in Grav CMS, one of the most popular flat-file PHP CMS in the market. Let’s see what we can learn from them and discuss their patches!"},"index_image":{"value":{"description":"Image shows various elements of code security, languages and bugs","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/641ac088-af90-4105-adeb-b808ee67a9a8/Generic%20Blog%20Image_B.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"Grav CMS 1.7.10 - Code Execution Vulnerabilities"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"f81b47b6-e3e2-4fc6-a3db-20e5de487b9f","codename":"blogpost___grav_cms_1_7_10___code_execution_vulner"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We recently discovered vulnerabilities in Rocket.Chat, a popular team communications solution, that could be used to take over Rock.Chat instances."},"index_image":{"value":{"description":"Person compromising Zimbra webmail through email on a computer","height":1200,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/2837c0b3-62f3-45e6-acde-530403d23ddd/NoSQL_Blog%20Header%20Image.jpg","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"NoSQL Injections in Rocket.Chat 3.12.1: How A Small Leak Grounds A Rocket"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"de6597dc-119e-490a-b04e-1474a9a06eea","codename":"blogpost___nosql_injections_in_rocket_chat_3_12_1_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"In April 2021, we updated our JavaScript and TypeScript SAST engines to explore more execution flows, increase performance and improve overall accuracy. It now goes far beyond what we did in the past for these languages. With this post, we’re going to tell you what you can expect for these languages, and more specifically which vulnerabilities can be detected."},"index_image":{"value":{"description":"In April 2021, we updated our JavaScript and TypeScript SAST engines to explore more execution flows, increase performance and improve overall accuracy. It now goes far beyond what we did...","height":1200,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/16281bc0-1fb7-407d-b869-63dfcf4622d5/cover-1a134350-673f-470c-9ea5-1d28507a6d76_owasp_juice_shop%25402x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"What to expect from JavaScript/TypeScript analysis on OWASP JuiceShop"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"69b6e8eb-73b7-4b5a-bc10-a7cce883dda3","codename":"blogpost___what_to_expect_from_javascript_typescri"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"SonarQube Server 8.9 Long Term Support (LTS) is officially here! Check out this list of tips & tricks on how to upgrade your environment from start to finish."},"index_image":{"value":{"description":"SonarQube 8.9 Long Term Support (LTS) is officially here! Check out this list of tips & tricks on how to upgrade your environment from start to finish.","height":601,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/ef0ec1ec-f103-4a5b-a2ec-02d8d7cf235c/cover-f3a85109-5370-45ab-ae8f-d9f92fddf16d_lts-upgrade.png","width":1201}},"index_icon":{"value":null},"index_headline":{"value":"SonarQube Server 8.9 LTS: 3 steps to a smooth upgrade"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"591ccd62-d31e-487f-a863-da6663b41e1c","codename":"blogpost___sonarqube_8_9_lts__3_steps_to_a_smooth_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We recently discovered a vulnerability in Composer, the main package manager for PHP, and were able to use it to take over the central repository, packagist.org."},"index_image":{"value":{"description":"We recently discovered a vulnerability in Composer, the main package manager for PHP, and were able to use it to take over the central repository, packagist.org.","height":601,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/581c73b8-2b6e-4c61-94c1-2303689d6f96/cover-467458c0-61ba-41e5-ad9c-caf6910e9413_php.png","width":1201}},"index_icon":{"value":null},"index_headline":{"value":"PHP Supply Chain Attack on Composer"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"f8ba1cf8-fa88-4a58-a6ba-4e474255d378","codename":"blogpost___php_supply_chain_attack_on_composer"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"In this blog post we analyze a XXE vulnerability that our analyzers discovered in WordPress, the most popular CMS, and what PHP 8 developers can learn from it."},"index_image":{"value":{"description":"In this blog post we analyze a XXE vulnerability that our analyzers discovered in WordPress, the most popular CMS, and what PHP 8 developers can learn from it.","height":601,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/0fbcda2d-af08-4b1e-af0d-c622a23093a6/cover-137de1ae-12c6-4060-a4e2-417adafe5d43_Wordpress.png","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"WordPress 5.7 XXE Vulnerability"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"eb8b429e-8eac-4179-922d-ebc04b29c099","codename":"blogpost___wordpress_5_7_xxe_vulnerability"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Our security research team discovered multiple code vulnerabilities in the NSA's Java application Emissary. Find out more about these issues and related attacks."},"index_image":{"value":{"description":"Our security research team discovered multiple code vulnerabilities in the NSA's Java application Emissary. Find out more about these issues and related attacks.","height":1200,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/74a10024-5c8b-4bf5-98f7-912db043ad58/cover-70ba2589-455f-41cb-87a0-820e0765a379_NSA_emissary_blogpost%25402x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Code Vulnerabilities in NSA Application Revealed"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"83cb8ded-6a55-4d68-ab6a-12e6ccdcd32f","codename":"blogpost___code_vulnerabilities_in_nsa_application"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Last September, we announced that mono-repository support was added for GitHub and Azure DevOps Services. The good news is: mono-repository support is now also available for Bitbucket Cloud! See what it brings and how you can configure it in SonarQube Cloud."},"index_image":{"value":{"description":"Last September, we announced that mono-repository support was added for GitHub and Azure DevOps Services. The good news is: mono-repository support is now also available for Bitbucket Clo...","height":1200,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/a4859620-f352-4192-9251-0df50527361d/cover-147699d7-60e3-40a1-b011-bc4c47b793aa_SC_BB_Monorep%25402x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Mono-repository support for Bitbucket Cloud now available for SonarQube Cloud!"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"446b1bb9-ce61-46c8-b362-f2c0998b4620","codename":"blogpost___mono_repository_support_for_bitbucket_c"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Today SonarSource is pleased to share a guest contribution to our Code Security blog series about learnings from a chain of serious vulnerabilities in MyBB."},"index_image":{"value":{"description":"Today SonarSource is pleased to share a guest contribution to our Code Security blog series about learnings from a chain of serious vulnerabilities in MyBB.","height":1200,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/5e4d7d7b-2d3a-4978-9a5b-f2f25984affb/cover-3c19f20f-8ce8-46a2-90f9-8038c5e16e7c_myBB_SonarSource%25402x.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"MyBB Remote Code Execution Chain"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"6ece8aca-71e6-4905-86c9-a8c86982e135","codename":"blogpost___mybb_remote_code_execution_chain"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Our vulnerability researchers found critical code vulnerabilities in a popular Python application that can be exploited remotely, even when the application instance is hosted locally."},"index_image":{"value":{"description":"Our vulnerability researchers found critical code vulnerabilities in a popular Python application that can be exploited remotely, even when the application instance is hosted locally.","height":600,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/1062b67f-394d-45a0-8383-ef7f2ba0b7ed/cover-55a7eab2-82af-4c50-a1d9-39e948c78128_local_stack_python.png","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"Hack the Stack with LocalStack: Code Vulnerabilities Explained"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"b4d99fb1-28e1-41c9-9477-23b20b875ace","codename":"blogpost___hack_the_stack_with_localstack__code_vu"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Due to the way regular expression matching is implemented in Java (and many other languages/libraries), matching a pattern may - depending on the regex - require stack space proportional to the length of the input. This means large inputs could cause the program to crash with a `StackOverflowException` when you try to use the regex."},"index_image":{"value":{"description":"Due to the way regular expression matching is implemented in Java (and many other languages/libraries), matching a pattern may - depending on the regex - require stack space proportional ...","height":1200,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/138905ad-1663-46bc-87e2-903683c5ba53/cover-d3a34893-54f4-42bb-9453-bc70e39868ae_03_java_regex_rules%25402x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Crafting regexes to avoid stack overflows"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"0a5bef7a-fe9c-40db-bb14-73d03c102a88","codename":"blogpost___crafting_regexes_to_avoid_stack_overflo"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Regular expressions pack a lot of power into terse little packages and unfortunately that introduces a lot of room for error. This post talks about regex boundaries, another feature that can lead to bugs when used incorrectly, and a rule of ours that can help you avoid such issues. it also covers about complexity and maintainability in regular expressions and our rule to help you find regular expressions that are too complex."},"index_image":{"value":{"description":"Regular expressions pack a lot of power into terse little packages and unfortunately that introduces a lot of room for error. This post talks about regex boundaries, another feature that ...","height":1200,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/42ce6cbf-2454-4574-8c72-cbe70cdc144b/cover-2adaddc9-a4d8-41b0-a7a7-6ebb4ebcbdaf_02_java_regex_rules%25402x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Setting the right (regex) boundaries is important"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"7ca31382-3694-4277-9a18-733f25a3147c","codename":"blogpost___setting_the_right__regex__boundaries_is"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Regular expressions are a concise and powerful tool for processing text. However, they also come with a steep learning curve and plenty of opportunities to make mistakes. This is the first in a series of posts about some specific regex pitfalls."},"index_image":{"value":{"description":"Regular expressions are a concise and powerful tool for processing text. However, they also come with a steep learning curve and plenty of opportunities to make mistakes. This is the firs...","height":1201,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/79d9b6c1-ebcd-43e5-8805-3ec0c736e076/cover-d559945a-437c-4152-b408-c581aba3dbda_java_regex_rules_hoodie%25402x.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Regular expressions present challenges even for not-so-regular developers"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"da543749-9eb1-42fe-8a82-4dd3927ec5fb","codename":"blogpost___regular_expressions_present_challenges_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"When the Server Side Public License (SSPL) was submitted to the Open Source Initiative (OSI), many people criticized it, and the license was eventually withdrawn."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/4ed7b130-1fe0-4a03-a30c-e82614f04635/sonar-open-graph-2x-2.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"What I learned from the Server Side Public License"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"079a83d1-5c0f-4fb6-a7a6-30859a74f18d","codename":"blogpost___what_i_learned_from_the_server_side_pub"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Hey SonarQube Server and SonarQube Cloud users! You now have a tool to own Code Security! \n\nSonarSource has been hard at work for the last year to give you the tooling to review and improve your code security. We're glad to say that today you have at your fingertips  unmatched precision and performance in SAST (Static Application Security Testing) analysis for five languages and counting."},"index_image":{"value":{"description":"Hey SonarQube and SonarCloud users! You now have a tool to own Code Security! \n\nSonarSource has been hard at work for the last year to give you the tooling to review and improve your code...","height":600,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/04a4d0b8-dad9-4946-adfb-867bb24ec635/cover-ecb63a50-2821-46b4-809d-c0d7e4970610_blog_secturity_present_final.png","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"Code security: now there's a tool for developers"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"8e25137b-5d4a-4d9f-9a6c-2566b11cbe79","codename":"blogpost___code_security__now_there_s_a_tool_for_d"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"It's time to have some December fun! We have 24 little challenge gifts awaiting you that hide security vulnerabilities in real-world Java, C#, PHP and Python code. Can you spot the vulnerability?"},"index_image":{"value":{"description":"It's time to have some December fun! We have 24 little challenge gifts awaiting you that hide security vulnerabilities in real-world Java, C#, PHP and Python code. Can you spot the vulner...","height":601,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/463bb917-8b99-4412-9d48-162bf3a9e693/cover-60a07d49-42a6-4a14-98f0-9f9f43450160_security_advent_calendar.png","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"Code Security Advent Calendar 2020"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"46193ca4-9266-47e9-b1c2-d65683adc5ae","codename":"blogpost___code_security_advent_calendar_2020"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"SonarQube Server Developer Edition overlays Code Quality and Security™ right onto your projects. Your pull requests are automatically analyzed and decorated with a clear Go/No Go Quality Gate so you only merge clean, quality code! 👏"},"index_image":{"value":{"description":"SonarQube Developer Edition overlays Code Quality and Security™ right onto your projects. Your pull requests are automatically analyzed and decorated with a clear Go/No Go Quality Gate so...","height":600,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/ebebd2d0-e34d-4655-957c-8bf9c8d2dc19/cover-8bc69cde-7db2-4eae-9dc8-ef9445e3bc20_SPRK_default_preset_name_custom%2B%25E2%2580%2593%2B3.png","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"Make Code Quality & Security™ an integral part of your workflow"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"6a1314c6-324a-40ae-ad6c-512536567b1d","codename":"blogpost___make_code_quality___securitytm_an_integ"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"As developers, there always comes a time when we find a bug in production and wonder how it passed all our quality checks. Let's go over a few Bugs we found with SonarQube Cloud and see why it is able to detect them when popular linters don't .\n\n"},"index_image":{"value":{"description":"","height":600,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/4849fcf9-8702-4539-b821-90b05d8000e2/cover-bcb5e9ca-8c91-4adb-aa9c-4d334973af01_SC_python_blog.png","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"How SonarQube Cloud finds bugs in high-quality Python projects"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"3ac35b87-79dd-4cb7-b7f0-ba39bd9d0904","codename":"blogpost___how_sonarcloud_finds_bugs_in_high_quali"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Recently, we discovered several code vulnerabilities in OpenEMR 5.0.2.1. A combination of these vulnerabilities allowed remote attackers to execute arbitrary system commands on any OpenEMR server that uses the Patient Portal component. This can lead to the compromise of sensitive patient data, or worse, to a compromise of critical infrastructure."},"index_image":{"value":{"description":"OpenEMR is the most popular open source software for electronic health record and medical practice management. It is used world-wide to manage sensitive patient data, including informatio...","height":600,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/c0d98af7-6fcf-4743-b562-af6b7a610cab/cover-92be9e22-afe0-4a95-a91d-f479e8a89281_hero%2Brisk.png","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"Code vulnerabilities put health records at risk"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"0cc0c26e-94c4-4299-b9f6-6dfa81a737f5","codename":"blogpost___code_vulnerabilities_put_health_records"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Security is an eternal race between the techniques and technologies of attackers and those of the defenders. Today, I'm proud to announce a step forward for defenders with a new rule to detect a literal race condition: TOCTOU (or TOCTTOU) vulnerabilities, known in long-form as Time Of Check (to) Time Of Use. "},"index_image":{"value":{"description":"Security is an eternal race between the techniques and technologies of attackers and those of the defenders. Today, I'm proud to announce a step forward for defenders with a new rule to d...","height":601,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/ca7a1339-ce07-48bd-af56-20e4ecbab830/cover-654d62d7-4766-449e-ba1f-c2969b875c5e_TOCTOU_blogpost_twitter.png","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"Winning the race against TOCTOU vulnerabilities in C & C++"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"ce09c7a2-212a-4bca-b394-5c890bda1baf","codename":"blogpost___winning_the_race_against_toctou_vulnera"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Take a tour of SonarQube Cloud's integration with mono-repositories in GitHub and Azure DevOps Services. This new feature allows you to define multiple Quality Gates per project and receive multiple results in your pull requests."},"index_image":{"value":{"description":"Take a tour of SonarCloud's integration with mono-repositories in GitHub and Azure DevOps Services. This new feature allows you to define multiple Quality Gates per project and receive mu...","height":600,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/7dedc0a5-8d63-4e6a-bc74-ed492fd0633c/cover-ddad169b-0568-4744-a488-948d294168b7_mono-repo.png","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"Mono-repository support for GitHub and Azure DevOps Services available now!"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"671240e1-8a3d-4fdc-a1ba-072fb0771ae4","codename":"blogpost___mono_repository_support_for_github_and_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"How code vulnerabilities in your web application can be the single point of failure for your IT infrastructure’s security."},"index_image":{"value":{"description":"How code vulnerabilities in your web application can be the single point of failure for your IT infrastructure’s security.","height":600,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/9a503c9b-9147-4b3e-9356-9635c21254bb/cover-f19d17a4-2bdb-41f4-b1b6-2275d5077ce9_pandora_fms_blogpost.png","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"Pandora FMS 742: Critical Code Vulnerabilities Explained"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"97e14702-ead4-4fd0-a460-b24cb48ec418","codename":"blogpost___pandora_fms_742__critical_code_vulnerab"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"When writing a rule for static analysis, it’s possible that in some cases, the rule does not give the results that were expected. Unfortunately, naming a false positive is often far easier than fixing it. Learn how the different types of rules give rise to different types of false positives, which ones are easier to fix than others, and how you can help."},"index_image":{"value":{"description":"When writing a rule for static analysis, it’s possible that in some cases, the rule does not give the results that were expected. Unfortunately, naming a false positive is often far easie...","height":280,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/49d99852-9e41-487a-a47c-3b1728234358/cover-0823006a-4a0c-4d89-9c5a-dabaf7f709fa_blogpost%2Bfalse%2Bpositives%2B1.png","width":710}},"index_icon":{"value":null},"index_headline":{"value":"False positives are our enemies, but may still be your friends"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"e7a553e3-3b46-4e75-a958-19983930c724","codename":"blogpost___false_positives_are_our_enemies__but_ma"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We analyze the root cause of three critical security vulnerabilities that enabled a complete board take over, and how to correctly prevent these in your code."},"index_image":{"value":{"description":"Image shows various elements of code security, languages and bugs","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/3b863d8e-28a8-49f6-8005-ad34ede82668/Generic%20Blog%20Image_A.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"Codoforum 4.8.7: Critical Code Vulnerabilities Explained"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"47c1e83c-2e7b-4250-afe0-ac8c2990ca1d","codename":"blogpost___codoforum_4_8_7__critical_code_vulnerab"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"On July 27th 2020 we learned through media coverage that Till Kottmann was able to access non open-source source code from various companies. This is our public response to the incident."},"index_image":{"value":{"description":"Image shows various elements of code security, languages and bugs","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/641ac088-af90-4105-adeb-b808ee67a9a8/Generic%20Blog%20Image_B.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"About the recent code leaks from SonarQube Server instances"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"edab355a-7c06-4f80-9fff-55e92f836f9a","codename":"blogpost___about_the_recent_code_leaks_from_sonarq"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"How do you write super Code Quality without disrupting your workflow? Join me as I show you how SonarQube Server Pull Request Decoration gets you there!"},"index_image":{"value":{"description":"Image shows various elements of code security, languages and bugs","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/550ac517-ee6c-44ec-99b6-94f1418e6fce/Generic%20Blog%20Image_C.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"Take Control of Code Quality with SonarQube Server Pull Request Decoration in Your Workflow"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"e621a35b-0e79-47a6-8bf3-0939a5aaab69","codename":"blogpost___take_control_of_code_quality_with_sonar"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"The Google monorepo has been blogged about, talked about at conferences, and written up in Communications of the ACM."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/4ed7b130-1fe0-4a03-a30c-e82614f04635/sonar-open-graph-2x-2.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"How Google manages open source"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"e90f291b-839f-4296-9870-a037832519c6","codename":"blogpost___how_google_manages_open_source"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Recently I looked at the state of 2FA support across package managers. 2FA adds a layer of security by requiring two sources of authentication from maintainers when publishing packages."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/4ed7b130-1fe0-4a03-a30c-e82614f04635/sonar-open-graph-2x-2.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Package signing across package managers"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"82c57050-b2d3-4e5e-9378-a520edd24697","codename":"blogpost___package_signing_across_package_managers"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We discovered a severe command injection vulnerability in Apache Kylin that allows malicious users to execute arbitrary OS commands."},"index_image":{"value":{"description":"Image shows various elements of code security, languages and bugs","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/3b863d8e-28a8-49f6-8005-ad34ede82668/Generic%20Blog%20Image_A.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"Apache Kylin 3.0.1 Command Injection Vulnerability"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"16763728-127a-48da-94d3-acbc365e0bd6","codename":"blogpost___apache_kylin_3_0_1_command_injection_vu"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Teams will be joining forces in building best-in-class Static Application Security Testing (SAST) products that help development teams and organizations deliver more secure software."},"index_image":{"value":{"description":"Teams will be joining forces in building best-in-class Static Application Security Testing (SAST) products that help development teams and organizations deliver more secure software.","height":600,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/430a97d8-f5b9-40e4-80ad-7d002c4f10ff/cover-52bc22cc-d6b3-4e25-8142-08866265032a_rips-hero-image.png","width":1200}},"index_icon":{"value":null},"index_headline":{"value":"SonarSource acquires RIPS Technologies"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"25ac9212-185c-420f-947f-58accbbf24e3","codename":"blogpost___sonarsource_acquires_rips_technologies"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Hibernate is among one of the most commonly found database libraries used in Java web applications, shipping with its own query language. This technical post will teach you how to detect and exploit Hibernates very own vulnerability: The HQL Injection."},"index_image":{"value":{"description":"Hibernate is among one of the most commonly found database libraries used in Java web applications, shipping with its own query language. This technical post will teach you how to detect ...","height":425,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/c9d01eb1-8419-4ee1-b684-0422af5d5960/cover-448bd0b1-07a1-4f58-a250-e53ee45e91eb_exploiting-hibernate.png","width":715}},"index_icon":{"value":null},"index_headline":{"value":"Exploiting Hibernate Injections"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"fe02558f-f15c-4178-b14b-c70439badb9f","codename":"blogpost___exploiting_hibernate_injections"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"In large systems, finding the bad actors is easier said than done. First you have to find all the places you accept data from users, and then you have to sanitize the data before you use it. The hard part is making sure you've found all the sources of user data and intervened before any kind of use. That's where taint analysis comes in. "},"index_image":{"value":{"description":"","height":1728,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/9e3545dc-b15f-4293-b591-1df3761cfd2d/body-1a08fe56-2df2-46b9-b433-22157ef1940f_taintAnalysis1.png","width":3268}},"index_icon":{"value":null},"index_headline":{"value":"What is 'taint analysis' and why do I care?"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"e94924a9-cb7d-4602-a7ed-9bc5afbda5fa","codename":"blogpost___what_is__taint_analysis__and_why_do_i_c"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"In this post, I want to go a little deeper into one important type of license: those that require sharing of modifications under certain conditions, often called “copyleft” or “reciprocal” licenses"},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/4ed7b130-1fe0-4a03-a30c-e82614f04635/sonar-open-graph-2x-2.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"The state of the copyleft license"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"0d3d5582-fa6e-4518-b51b-99d026cab934","codename":"blogpost___the_state_of_the_copyleft_license"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"This blog post details an authenticated Remote Code Execution (RCE) vulnerability in the WordPress core that bypasses hardening mechanisms. The vulnerability is present in the WordPress core in versions prior to 5.2.4"},"index_image":{"value":{"description":"This blog post details an authenticated Remote Code Execution (RCE) vulnerability in the WordPress core that bypasses hardening mechanisms. The vulnerability is present in the WordPress c...","height":425,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/687905c6-6561-4ecd-af30-dbc1132ee89a/cover-a5df5815-4cfe-4d8e-a79d-6a57aa2f8272_wordpress-hardening-bypass.png","width":715}},"index_icon":{"value":null},"index_headline":{"value":"WordPress <= 5.2.3: Hardening Bypass"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"630d7bbd-6b54-4ed0-8a73-99e9ee61320c","codename":"blogpost___wordpress____5_2_3__hardening_bypass"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Analyzing a legacy project can be overwhelming. Learn how to Clean as You Code to make sure that the code you release into production tomorrow is at least as good as - and probably better than! - the code that's in production today."},"index_image":{"value":{"description":"Image shows various elements of code security, languages and bugs","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/3b863d8e-28a8-49f6-8005-ad34ede82668/Generic%20Blog%20Image_A.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"Clean as You Code: How to win at Code Quality without even trying"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"b25ac339-e300-4c4a-9107-4c800385f216","codename":"blogpost___clean_as_you_code__how_to_win_at_code_q"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Your code is rotting right now. Every day, each one of your production services, internal tools, and open source libraries decays a little bit."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/4ed7b130-1fe0-4a03-a30c-e82614f04635/sonar-open-graph-2x-2.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Bit Rot: the silent killer"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"c9cf2176-6cc7-4c38-8eb7-bb485be2f7fd","codename":"blogpost___bit_rot__the_silent_killer"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Application developers today are used to relying on and pulling in a number of open source libraries to help them focus on the functionality that’s important to their business."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/4ed7b130-1fe0-4a03-a30c-e82614f04635/sonar-open-graph-2x-2.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Package management: a brief history"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"53510173-0a58-4c25-9e4e-dc0a492b0ce7","codename":"blogpost___package_management__a_brief_history"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"If you aren’t using open source components to build your apps, you’re not living in 2019. Our research suggests 92% of professional applications are built using open source."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/4ed7b130-1fe0-4a03-a30c-e82614f04635/sonar-open-graph-2x-2.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"The simple magic of package manifests and lockfiles"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"cbf57f5c-cf67-479e-a6eb-071058259786","codename":"blogpost___the_simple_magic_of_package_manifests_a"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"BigTree is a small content management system which does not depend on many frameworks and advertises itself as user friendly and developer ready. In this blog post, we will take a look at a few vulnerabilities we have detected in the codebase of BigTree."},"index_image":{"value":{"description":"BigTree is a small content management system which does not depend on many frameworks and advertises itself as user friendly and developer ready. In this blog post, we will take a look at...","height":425,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/490a607e-7aaf-4eda-acc2-1d80390ca4d0/cover-7d2a0237-0354-48e2-8991-dbbf7b46a6e7_bigtree446_blog.png","width":715}},"index_icon":{"value":null},"index_headline":{"value":"Backend SQL Injection in BigTree CMS 4.4.6"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"c7614667-86ed-44f2-bec7-1ba435c53557","codename":"blogpost___backend_sql_injection_in_bigtree_cms_4_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"In this post, we share the third of eight key findings. If you don’t wait to wait for the rest of the results, you can download the full survey report right now at the link below."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/4ed7b130-1fe0-4a03-a30c-e82614f04635/sonar-open-graph-2x-2.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"How much time do developers spend actually writing code?"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"25dbfcdb-fa9e-45a8-83b2-5e9f5134156d","codename":"blogpost___how_much_time_do_developers_spend_actua"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"In this technical blog post we will examine how a drive by exploit in the Pimcore release 6.2.0 allows an attacker to execute OS commands."},"index_image":{"value":{"description":null,"height":426,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/7ddf0933-4fb6-487c-bcc3-b93685017340/driveby-rce-exploit-pimcore.png.webp","width":715}},"index_icon":{"value":null},"index_headline":{"value":"Drive By RCE Exploit in Pimcore 6.2.0"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"249669de-e59e-4e15-9d6d-2d0a3262a32c","codename":"blogpost___drive_by_rce_exploit_in_pimcore_6_2_0"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"WooCommerce is the most popular e-commerce plugin for WordPress with over 5 million installations. We detected a code vulnerability in the way WooCommerce handles imports of products."},"index_image":{"value":{"description":"WooCommerce is the most popular e-commerce plugin for WordPress with over 5 million installations. We detected a code vulnerability in the way WooCommerce handles imports of products.","height":425,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/50e60f37-40a8-4af3-a242-f5c78a9962d6/cover-8d0b1e65-ffef-4811-a2b4-7fbf34d8a6a4_woocommerce-csrf-to-stored-xss.png","width":715}},"index_icon":{"value":null},"index_headline":{"value":"WooCommerce 3.6.4 - CSRF Bypass to Stored XSS"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"a1bfbae1-e46b-46c4-a462-1c0aee60bdfd","codename":"blogpost___woocommerce_3_6_4___csrf_bypass_to_stor"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"In this blog post we analyse how the insecure extraction of a compressed TAR archive lead to a critical vulnerability in Bitbucket (CVE-2019-3397)."},"index_image":{"value":{"description":"In this blog post we analyse how the insecure extraction of a compressed TAR archive lead to a critical vulnerability in Bitbucket (CVE-2019-3397).","height":425,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/a822c048-5948-4f07-bb4d-ad99f694d981/cover-55f11e9b-42c6-4253-947a-f80c2b381697_bitbucket611-path-traversal-to-rce.png","width":715}},"index_icon":{"value":null},"index_headline":{"value":"Bitbucket 6.1.1 Path Traversal to RCE"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"cfc65864-24c4-4fae-90fe-911645a35ff7","codename":"blogpost___bitbucket_6_1_1_path_traversal_to_rce"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"In this blog post we will see how a vulnerable web application deployed in the internal network of your company can act as a charming entry gateway for any adversary."},"index_image":{"value":{"description":null,"height":578,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/343713ba-0a38-438b-b4c8-e3af1021661d/suitecrm_security.png.webp","width":953}},"index_icon":{"value":null},"index_headline":{"value":"SuiteCRM 7.11.4 - Breaking Into Your Internal Network"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"02b6d4d9-e4c8-4957-a168-a34a15fcf83b","codename":"blogpost___suitecrm_7_11_4___breaking_into_your_in"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We detected a highly critical vulnerability in the OXID eShop software that allows unauthenticated attackers to takeover an eShop remotely in less than a few seconds - all on default configurations."},"index_image":{"value":{"description":null,"height":425,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/1741d7ea-15b7-434e-88a6-d34ecaebcf41/oxid_eshop.png.webp","width":715}},"index_icon":{"value":null},"index_headline":{"value":"Pre-Auth Takeover of OXID eShops"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"e6031894-d68c-4d28-9b2b-4268fa09eedd","codename":"blogpost___pre_auth_takeover_of_oxid_eshops"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"In this technical blog post we examine a critical vulnerability in the core of the TYPO3 CMS (CVE-2019-12747). A reliable exploit allows the execution of arbitrary PHP code on the underlying system as authenticated user."},"index_image":{"value":{"description":"In this technical blog post we examine a critical vulnerability in the core of the TYPO3 CMS (CVE-2019-12747). A reliable exploit allows the execution of arbitrary PHP code on the underly...","height":426,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/a8834381-d86f-4112-9552-b460479b2a9d/cover-851999ef-7835-4b1a-a312-70384c0a094a_typo3.png","width":716}},"index_icon":{"value":null},"index_headline":{"value":"TYPO3 9.5.7: Overriding the Database to Execute Code"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"48065642-6476-44cd-8b24-7f0c1bf64850","codename":"blogpost___typo3_9_5_7__overriding_the_database_to"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"This blog post shows how the combination of a HTML sanitizer bug and a Phar Deserialization in the popular eCommerce solution Magento <=2.3.1 lead to a high severe exploit chain. This chain can be abused by an unauthenticated attacker to fully takeover certain Magento stores and to redirect payments."},"index_image":{"value":{"description":"This blog post shows how the combination of a HTML sanitizer bug and a Phar Deserialization in the popular eCommerce solution Magento <=2.3.1 lead to a high severe exploit chain. This cha...","height":609,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/f26aef10-ba29-4894-a9db-1caefe2e178b/cover-76f33de6-af4a-46d6-94c0-72cbbaa55514_magento-xss-to-rce.png","width":1015}},"index_icon":{"value":null},"index_headline":{"value":"Magento 2.3.1: Unauthenticated Stored XSS to RCE"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"e04be553-dc46-4c5a-b865-3feb913341a9","codename":"blogpost___magento_2_3_1__unauthenticated_stored_x"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"In this blog post we will show how to exploit a SQL injection vulnerability (CVE-2019-12872) found by RIPS Code Analysis in the popular java-based content management system dotCMS and how we escalated it to execute code remotely."},"index_image":{"value":{"description":"In this blog post we will show how to exploit a SQL injection vulnerability (CVE-2019-12872) found by RIPS Code Analysis in the popular java-based content management system dotCMS and how...","height":425,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/45ef9188-4134-473a-8d97-327f4d960a08/cover-0a438144-5457-4ad5-83a5-8c1683deffea_dotcms515-sqli-to-rce.png","width":715}},"index_icon":{"value":null},"index_headline":{"value":"dotCMS 5.1.5: Exploiting H2 SQL injection to RCE"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"899ffd36-c064-4006-9071-0a002d9118c0","codename":"blogpost___dotcms_5_1_5__exploiting_h2_sql_injecti"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"This blog post shows how an attacker can take over any board hosted with MyBB prior to version 1.8.21 by sending a malicious private message to an administrator or by creating a malicious post. We use a chain of two security vulnerabilities detected in the code."},"index_image":{"value":{"description":"This blog post shows how an attacker can take over any board hosted with MyBB prior to version 1.8.21 by sending a malicious private message to an administrator or by creating a malicious...","height":425,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/b31f2ae1-7a51-4e07-83f0-f1c1355780ec/cover-1a98294f-1687-4ba8-ba34-d49382ce8984_mybb-stored-xss.png","width":715}},"index_icon":{"value":null},"index_headline":{"value":"MyBB <= 1.8.20: From Stored XSS to RCE"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"37297e8b-c776-4834-af06-84c8dda582d7","codename":"blogpost___mybb____1_8_20__from_stored_xss_to_rce"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Archives such as Zip, Tar, Jar or 7z are useful formats to collect and compress multiple files or directories in a container-like structure. However, the extraction of archives can introduce security risks which resulted in multiple critical vulnerabilities in popular applications in the past. In this post we explain the risk behind archive extraction and show how to securely extract archives in Java."},"index_image":{"value":{"description":"Archives such as Zip, Tar, Jar or 7z are useful formats to collect and compress multiple files or directories in a container-like structure. However, the extraction of archives can introd...","height":425,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/171a263e-34f2-47b9-a6e8-947cb4b6b809/cover-bcdd4761-dbbd-433d-bc87-beaee50bfe00_hidden-flaws-of-archives-java.png","width":715}},"index_icon":{"value":null},"index_headline":{"value":"The Hidden Flaws of Archives in Java"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"d5ea6bdc-6d68-43e6-a148-cee1e3e5e30e","codename":"blogpost___the_hidden_flaws_of_archives_in_java"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Here is a story of a rule, from concept to production. While the selected rule is for C++, this story contains interesting insight on the craft of rule development, no matter the target language."},"index_image":{"value":{"description":"Image shows various elements of code security, languages and bugs","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/3b863d8e-28a8-49f6-8005-ad34ede82668/Generic%20Blog%20Image_A.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"The NeverEnding Story of writing a rule for argument passing in C++"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"8b5ba368-04c7-4f49-a70f-4e6dbfb968e8","codename":"blogpost___the_neverending_story_of_writing_a_rule"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"At a recent meetup, a few of us developers got into a discussion about \"dependency hell\"—the condition when one or more pieces of software need two or more conflicting dependencies (usually transitive ones) installed in the same environment."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/4ed7b130-1fe0-4a03-a30c-e82614f04635/sonar-open-graph-2x-2.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Dependency hell: a complete guide"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"23708886-b20e-4d80-93e8-103f76e91d82","codename":"blogpost___dependency_hell__a_complete_guide"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"In our latest survey, which we ran in November and December of last year, we set out to answer some of the follow-up questions that arose after we analyzed the earlier results. Nearly 300 developers responded to our survey, which dives deeper into how professional developers use open source today."},"index_image":{"value":{"description":null,"height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/4ed7b130-1fe0-4a03-a30c-e82614f04635/sonar-open-graph-2x-2.png","width":2400}},"index_icon":{"value":null},"index_headline":{"value":"Developers spend 30% of their time on code maintenance: our latest survey results, part 3"},"index_cta":{"value":"Read article"},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"778d9b2c-9afa-4ed2-984c-0d607d49f8b3","codename":"blogpost___developers_spend_30__of_their_time_on_c"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"This blog post reveals another critical exploit chain for WordPress 5.1 that enables an unauthenticated attacker to gain remote code execution (CVE-2019-9787)."},"index_image":{"value":{"description":"This blog post reveals another critical exploit chain for WordPress 5.1 that enables an unauthenticated attacker to gain remote code execution (CVE-2019-9787).","height":425,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/c6886a49-ab97-4bc2-871a-60c0cd6fd1c7/cover-422dea0b-4993-4392-aa7e-4dea5c084960_wordpress-csrf-to-rce.png","width":716}},"index_icon":{"value":null},"index_headline":{"value":"WordPress 5.1 CSRF to Remote Code Execution"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"cadd7a97-e3ff-4c6d-91a2-7d7daee7746b","codename":"blogpost___wordpress_5_1_csrf_to_remote_code_execu"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"SonarSource is proud to be a launch partner of the Atlassian Bitbucket Pipes. Thanks to the SonarQube Cloud Scan Pipe, you can configure code analysis in your Bitbucket Pipeline in no time."},"index_image":{"value":{"description":"Image shows various elements of code security, languages and bugs","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/641ac088-af90-4105-adeb-b808ee67a9a8/Generic%20Blog%20Image_B.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"Announcing the SonarQube Cloud Pipe for Bitbucket Cloud users!"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"2ef85148-a736-494e-b428-140e7ca2a3b2","codename":"blogpost___announcing_the_sonarcloud_pipe_for_bitb"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"This blog post details how a combination of a Path Traversal and Local File Inclusion vulnerability lead to Remote Code Execution in the WordPress core (CVE-2019-8943). The vulnerability remained uncovered in the WordPress core for over 6 years."},"index_image":{"value":{"description":"This blog post details how a combination of a Path Traversal and Local File Inclusion vulnerability lead to Remote Code Execution in the WordPress core (CVE-2019-8943). The vulnerability ...","height":425,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/0672c2e3-055a-49f8-a85a-e2dba3b69ae2/cover-2a09c502-a762-4b1c-8672-18ed7147a380_wordpress-image-rce.png","width":715}},"index_icon":{"value":null},"index_headline":{"value":"WordPress 5.0.0 Remote Code Execution"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"8dd674d5-6295-4629-9ddf-e5b11ba867b7","codename":"blogpost___wordpress_5_0_0_remote_code_execution"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"A recent Capture-The-Flag tournament hosted by Insomni’hack challenged participants to craft an attack payload for Drupal 7. This blog post will demonstrate our solution for a PHP Object Injection with a complex POP gadget chain."},"index_image":{"value":{"description":"A recent Capture-The-Flag tournament hosted by Insomni’hack challenged participants to craft an attack payload for Drupal 7. This blog post will demonstrate our solution for a PHP Object ...","height":426,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/a4e254ee-75f3-42b9-b761-0f61c7d0b427/cover-9eb7a2a1-fc7e-433d-af24-77983df2f26c_drupal-pop-chain-2.png","width":715}},"index_icon":{"value":null},"index_headline":{"value":"CTF Writeup: Complex Drupal POP Chain"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"e6c46ed7-f978-4421-bc8a-c9912b5dd487","codename":"blogpost___ctf_writeup__complex_drupal_pop_chain"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"A logic flaw in the way WordPress created blog posts allowed attackers to access features only administrators were supposed to have (CVE-2018-20152). This lead to a Stored XSS and Object Injection in the WordPress core and more severe vulnerabilities in WordPress’s most popular plugins Contact Form 7 and Jetpack."},"index_image":{"value":{"description":"A logic flaw in the way WordPress created blog posts allowed attackers to access features only administrators were supposed to have (CVE-2018-20152). This lead to a Stored XSS and Object ...","height":425,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/6fc8e9c4-018f-43c2-8275-a4c1af3a20d2/cover-41e273ec-5dfa-453f-94c3-ba642ce8db22_wordpress-post-type-privesc.png","width":715}},"index_icon":{"value":null},"index_headline":{"value":"WordPress Privilege Escalation through Post Types"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"32aac189-2f60-4088-9018-b06c59b71f49","codename":"blogpost___wordpress_privilege_escalation_through_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"A new PHP exploit technique affects the most famous forum software phpBB3. The vulnerability allows attackers who gain access to an administrator account to execute arbitrary PHP code and to take over the entire board (CVE-2018-19274)."},"index_image":{"value":{"description":"A new PHP exploit technique affects the most famous forum software phpBB3. The vulnerability allows attackers who gain access to an administrator account to execute arbitrary PHP code and...","height":425,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/b625b62f-b997-4c5a-9a15-06d9304cb04d/cover-fa5f71d1-eeee-4d71-94cb-53a63849cc50_phar_deserialization.png","width":715}},"index_icon":{"value":null},"index_headline":{"value":"phpBB 3.2.3: Phar Deserialization to RCE"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"87c116be-f81e-4889-9203-a387713570a9","codename":"blogpost___phpbb_3_2_3__phar_deserialization_to_rc"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"WordPress Design Flaw Leads to WooCommerce RCEA flaw in the way WordPress handles privileges can lead to a privilege escalation in plugins. This affects for example the popular WooCommerce."},"index_image":{"value":{"description":null,"height":425,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/6b3ecba1-9977-4f64-9083-ad0b880c00a4/wordpress-design-flaw.png.webp","width":715}},"index_icon":{"value":null},"index_headline":{"value":"WordPress Design Flaw Leads to WooCommerce RCE"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"770555bd-d83a-4ed7-af42-7150f3f6fb6e","codename":"blogpost___wordpress_design_flaw_leads_to_woocomme"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"A very common and critical vulnerability in PHP applications is PHP Object Injection. This blog post explains how they work and how they can lead to a full site takeover by remote attackers."},"index_image":{"value":{"description":"A very common and critical vulnerability in PHP applications is PHP Object Injection. This blog post explains how they work and how they can lead to a full site takeover by remote attackers.","height":426,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/c5cdcf61-b15e-4489-b704-6c39f58cb0f5/cover-fd7ed5ab-d270-45e6-8e9d-8ae50c9d7b59_drupal-pop-chain.png","width":715}},"index_icon":{"value":null},"index_headline":{"value":"PHP Object Injection"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"9c44b7b6-2aa2-4214-b34e-2c2797053a1a","codename":"blogpost___php_object_injection"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Catch builds constructed from poor quality code before they make it to production. Discover how to integrate Artifactory and SonarQube Server."},"index_image":{"value":{"description":"Image shows various elements of code security, languages and bugs","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/3b863d8e-28a8-49f6-8005-ad34ede82668/Generic%20Blog%20Image_A.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"Fully Automated Promotion Pipelines with SonarQube Server and Artifactory"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"eb4a0576-6114-473b-98ab-524999290f5b","codename":"blogpost___fully_automated_promotion_pipelines_wit"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"What's it like to interview with SonarSource?  Read on and find out!"},"index_image":{"value":{"description":"Image shows various elements of code security, languages and bugs","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/550ac517-ee6c-44ec-99b6-94f1418e6fce/Generic%20Blog%20Image_C.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"My Journey Interviewing with SonarSource..."},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"7fe3aefc-71ef-4612-a1ce-cad8f30d27fc","codename":"blogpost___my_journey_interviewing_with_sonarsourc"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Last week a new exploitation technique for PHP applications was announced at the BlackHat USA conference. Find out everything you need to know in this blog post."},"index_image":{"value":{"description":"Last week a new exploitation technique for PHP applications was announced at the BlackHat USA conference. Find out everything you need to know in this blog post.","height":425,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/6cfea2df-674b-4757-9b95-da3cdd8bc32a/cover-96e38dab-c577-420c-a5af-d04e534d651d_php_object_injection.png","width":715}},"index_icon":{"value":null},"index_headline":{"value":"What is Phar Deserialization"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"7d179995-19bf-49a2-a49c-750d971c1aab","codename":"blogpost___what_is_phar_deserialization"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Injection security vulnerabilities (OWASP-A1) can run scared, as latest SonarQube Cloud updates now provide advanced security checks to continuously detect them."},"index_image":{"value":{"description":"Image shows various elements of code security, languages and bugs","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/641ac088-af90-4105-adeb-b808ee67a9a8/Generic%20Blog%20Image_B.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"Protect your code against injection vulnerabilities with SonarQube Cloud!"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"19b5dd6b-3218-48b5-a2f0-77eb9e9fc8e7","codename":"blogpost___protect_your_code_against_injection_vul"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"In this blog post we introduce an authenticated arbitrary file deletion vulnerability (CVE-2018-20714) in the WordPress core that can lead to attackers executing arbitrary code."},"index_image":{"value":{"description":"In this blog post we introduce an authenticated arbitrary file deletion vulnerability (CVE-2018-20714) in the WordPress core that can lead to attackers executing arbitrary code.","height":425,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/65b9b3f3-6b42-452c-acd7-02d34753c097/cover-2bae7cbf-e095-445c-a459-2c31cd8f5338_wp-rce.png","width":715}},"index_icon":{"value":null},"index_headline":{"value":"WordPress File Delete to Code Execution"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"55ec8a9a-f111-46bf-89b9-da485c87d0fb","codename":"blogpost___wordpress_file_delete_to_code_execution"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"In this post we will examine the technical intrinsics of a critical vulnerability in the previous Moodle release (CVE-2018-1133)."},"index_image":{"value":{"description":"In this post we will examine the technical intrinsics of a critical vulnerability in the previous Moodle release (CVE-2018-1133).","height":425,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/619e65f6-b4ea-46cc-9d48-148613044cf8/cover-118df7fc-998d-46f3-a374-2821e90d555e_code_injection_moodle.png","width":715}},"index_icon":{"value":null},"index_headline":{"value":"Evil Teacher: Code Injection in Moodle"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"b7df17d3-283a-4275-b6f8-099ab566c47b","codename":"blogpost___evil_teacher__code_injection_in_moodle"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Over the past 2 weeks, the following new features were deployed on SonarQube Cloud: import of issues from external linters with built-in support for TypeScript projects, support for the Go language, graceful handling of username change, first version of the GitHub Application, new rules for Python, Java and Swift"},"index_image":{"value":{"description":"Image shows various elements of code security, languages and bugs","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/3b863d8e-28a8-49f6-8005-ad34ede82668/Generic%20Blog%20Image_A.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"Import issues of your favorite linters in SonarQube Cloud!"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"3baf65ad-5a30-42b8-86e0-ccc70da82052","codename":"blogpost___import_issues_of_your_favorite_linters_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"PrestaShop is one of the most popular e-commerce solutions. We detected a highly critical vulnerability that allows to execute arbitrary code on any installation with version <= 1.7.2.4. In this technical blog post we present the vulnerability and the exploitation technique that could have been misused by attackers (CVE-2018-20717)."},"index_image":{"value":{"description":"Image shows various elements of code security, languages and bugs","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/641ac088-af90-4105-adeb-b808ee67a9a8/Generic%20Blog%20Image_B.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"A Salesmans Code Execution: PrestaShop 1.7.2.4"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"f67addca-73a2-4c4a-a402-9b20d87dc819","codename":"blogpost___a_salesmans_code_execution__prestashop_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"We detected two vulnerabilities in LimeSurvey < 2.72.3: An unauthenticated persistent cross-site scripting vulnerability (CVE-2017-18358) and an authenticated arbitrary file write vulnerability which can be chained."},"index_image":{"value":{"description":null,"height":425,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/37dcd70e-a0d8-43b3-8677-a0cae59488d9/limesurvey_attack.jpg.webp","width":715}},"index_icon":{"value":null},"index_headline":{"value":"LimeSurvey 2.72.3 - Persistent XSS to Code Execution"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"951e363a-a35c-43a7-983c-b775d73960e6","codename":"blogpost___limesurvey_2_72_3___persistent_xss_to_c"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Joomla! is one of the biggest players in the market of content management systems and the second most used CMS on the web. We discovered a second-order SQL injection (CVE-2018-6376) that could be used by attackers to leverage lower permissions and to escalate them into full admin permissions on Joomla! prior version 3.8.4."},"index_image":{"value":{"description":"Image shows various elements of code security, languages and bugs","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/550ac517-ee6c-44ec-99b6-94f1418e6fce/Generic%20Blog%20Image_C.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"Joomla! 3.8.3: Privilege Escalation via SQL Injection"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"59b3031a-8b64-4d5c-81b5-00e233856470","codename":"blogpost___joomla__3_8_3__privilege_escalation_via"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"After an upgrade people are sometimes surprised to find that the next analysis of a project with no real changes shows a significant drop in coverage. Believe it or not, that really is a feature, not a bug, and it's called Executable Lines."},"index_image":{"value":{"description":"Image shows various elements of code security, languages and bugs","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/550ac517-ee6c-44ec-99b6-94f1418e6fce/Generic%20Blog%20Image_C.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"Why did my coverage just drop?!"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"4bb2ab0f-48c5-4433-a148-6940878d749c","codename":"blogpost___why_did_my_coverage_just_drop__"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"CubeCart is an open source e-commerce solution. In one of our latest security analysis we found two flaws in this web application that allow an attacker to circumvent the authentication mechanism required to login as an administrator (CVE-2018-20716)."},"index_image":{"value":{"description":"Image shows various elements of code security, languages and bugs","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/3b863d8e-28a8-49f6-8005-ad34ede82668/Generic%20Blog%20Image_A.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"CubeCart 6.1.12 - Admin Authentication Bypass"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"044f837d-6cc3-4821-9114-f2c924d041cd","codename":"blogpost___cubecart_6_1_12___admin_authentication_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Support for SonarQube Server analysis of projects in the new MSBuild v15 format has been one of the features most requested by the Microsoft community, now it's done !"},"index_image":{"value":{"description":"Image shows various elements of code security, languages and bugs","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/641ac088-af90-4105-adeb-b808ee67a9a8/Generic%20Blog%20Image_B.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"Supporting analysis of .NET Core projects"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"088a5e50-6601-45ae-a349-1a84e34eb8c1","codename":"blogpost___supporting_analysis_of__net_core_projec"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Shopware is a popular e-commerce software that bases on Symfony, Doctrine and the Zend Framework. In this blog post we investigate the exploitation of a rare PHP object instantiation vulnerability (CVE-2017-18357)."},"index_image":{"value":{"description":null,"height":425,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/e735ea2e-b5be-42e7-b491-050d72711136/shopware_exploit.jpg","width":715}},"index_icon":{"value":null},"index_headline":{"value":"Shopware 5.3.3: PHP Object Instantiation to Blind XXE"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"453ccf4f-3ec7-4bbe-a2ac-0d813b33dfd5","codename":"blogpost___shopware_5_3_3__php_object_instantiatio"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Joomla! is one of the most popular content management systems. We detected a previously unknown LDAP injection vulnerability in the login controller that could allow remote attackers to leak the super user password and to fully take over any Joomla! installation."},"index_image":{"value":{"description":"Joomla! is one of the most popular content management systems. We detected a previously unknown LDAP injection vulnerability in the login controller that could allow remote attackers to l...","height":443,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/620b7232-2543-4caa-9cd1-b4a703d523a5/cover-88c19140-558c-4364-bbc1-17e417959d4b_joomla_ldap_injection.png","width":788}},"index_icon":{"value":null},"index_headline":{"value":"Joomla! 3.7.5 - Takeover in 20 Seconds with LDAP Injection"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"e440859d-52dd-4cfa-b552-a0dd3f1b0895","codename":"blogpost___joomla__3_7_5___takeover_in_20_seconds_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"SugarCRM is one of the most popular customer relationship management solutions. We uncovered critical security issues that could allow attackers to steal customer data or sensitive files from the server."},"index_image":{"value":{"description":null,"height":425,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/480d06ea-3df3-43e0-93c0-15256c00cc2e/SugarCRM_security.png","width":715}},"index_icon":{"value":null},"index_headline":{"value":"SugarCRM's Security Diet - Multiple Vulnerabilities"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"3f92ce00-4af4-47be-b13e-4c3297504768","codename":"blogpost___sugarcrm_s_security_diet___multiple_vul"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Learn how memory corruption bugs in the PHP core itself can affect your PHP application."},"index_image":{"value":{"description":null,"height":425,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/4ba7774f-9f96-48ec-a70c-d5819140a8d0/ca5a7ab4-6eca-4203-9eac-34cff3a67d59_php_core_security.png","width":715}},"index_icon":{"value":null},"index_headline":{"value":"How security flaws in PHP's core can affect your application"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"d317a6ed-c410-4e63-99ce-90388a550be0","codename":"blogpost___how_security_flaws_in_php_s_core_can_af"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"For those not familiar with ARM (Advanced RISC Machine), let's start by sharing some numbers: in 2011, the 32-bit ARM architecture was the most widely used architecture in mobile devices and the most popular 32-bit one in embedded systems (see). Moreover in 2013, 10 billion were produced (see) and \"ARM-based chips are found in nearly 60 percent of the world’s mobile devices\" (see)."},"index_image":{"value":{"description":"Image shows various elements of code security, languages and bugs","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/3b863d8e-28a8-49f6-8005-ad34ede82668/Generic%20Blog%20Image_A.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"SonarCFamily Now Supports ARM Compilers"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"e59e44be-5490-4469-a7d0-0c401fe52666","codename":"blogpost___sonarcfamily_now_supports_arm_compilers"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Recently, many critical security vulnerabilities were fixed in popular PHP applications such as Roundcube, Wikimedia and Zend Framework that based on insecure usage of the PHP mail() function. In this post, we have a look at the common ground of these vulnerabilities and how to use mail() securely."},"index_image":{"value":{"description":"Recently, many critical security vulnerabilities were fixed in popular PHP applications such as Roundcube, Wikimedia and Zend Framework that based on insecure usage of the PHP mail() func...","height":425,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/60208d5b-f892-4d40-ba71-7a73c9193790/cover-33828ad6-b471-473c-b184-1a5b978881b1_mail.gif","width":717}},"index_icon":{"value":null},"index_headline":{"value":"Why mail() is dangerous in PHP"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"ef13731e-5afc-4bf4-9bcf-1be0a03f0ede","codename":"blogpost___why_mail___is_dangerous_in_php"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"One of the most requested feature regarding SonarQube Server Scanners is the ability to fail the build when quality level is not at the expected level. We have this built-in concept of quality gate in SonarQube Server, and we used to have a BuildBreaker plugin for this exact use case. But starting from version 5.2, aggregation of metrics is done asynchronously on SonarQube Server side. It means build/scanner process would finish successfully just after publishing raw data to the SonarQube Server, without waiting for the aggregation to complete."},"index_image":{"value":{"description":"Image shows various elements of code security, languages and bugs","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/641ac088-af90-4105-adeb-b808ee67a9a8/Generic%20Blog%20Image_B.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"Breaking the SonarQube Server Analysis with Jenkins Pipelines"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"8625d5c0-1f3d-4314-9cd7-301e97d58030","codename":"blogpost___breaking_the_sonarqube_analysis_with_je"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"In this blog post, we present a beautiful chain of vulnerabilities which, in the end, allows an attacker to remotely execute arbitrary PHP code in the open source marketplace software osClass 3.6.1 used for creating classifieds sites."},"index_image":{"value":{"description":"In this blog post, we present a beautiful chain of vulnerabilities which, in the end, allows an attacker to remotely execute arbitrary PHP code in the open source marketplace software osC...","height":425,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/cb71a345-f28b-427f-ba57-f4baa3f4dd8b/cover-8f420be1-3769-452a-9fc2-c71fef771d38_osclass.png","width":715}},"index_icon":{"value":null},"index_headline":{"value":"osClass 3.6.1: Remote Code Execution via Image File"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"3fa422b4-0383-40de-86b2-bdc83d5a6138","codename":"blogpost___osclass_3_6_1__remote_code_execution_vi"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Cyclomatic Complexity works very well for measuring testability, but not for maintainability. That's why we're introducing Cognitive Complexity, which you'll begin seeing in upcoming versions of our language analyzers."},"index_image":{"value":{"description":"Image shows various elements of code security, languages and bugs","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/3b863d8e-28a8-49f6-8005-ad34ede82668/Generic%20Blog%20Image_A.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"Cognitive Complexity, Because Testability != Understandability"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"245979b6-0e19-42cb-9f5f-d76fdcee46b5","codename":"blogpost___cognitive_complexity__because_testabili"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"In this post, we show how a malicious user can remotely execute arbitrary commands on the underlying operating system, simply by writing an email in Roundcube 1.2.2 (>= 1.0). This vulnerability is highly critical because all default installations are affected."},"index_image":{"value":{"description":"In this post, we show how a malicious user can remotely execute arbitrary commands on the underlying operating system, simply by writing an email in Roundcube 1.2.2 (>= 1.0). This vulnera...","height":425,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/6b45e442-7ff1-4dd0-ace0-a8da528b330b/cover-988b28ce-ef35-40e3-82bb-88a862eb6fc6_roundcube.png","width":715}},"index_icon":{"value":null},"index_headline":{"value":"Roundcube 1.2.2: Command Execution via Email"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"ae1a0e15-6535-4bd4-83ae-ca1443e89b2c","codename":"blogpost___roundcube_1_2_2__command_execution_via_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"With the release of SonarQube Server 5.6, we introduced the SonarQube Server Quality Model, which pulls Bugs and Vulnerabilities out into separate categories to give them the prominence they deserve. Now we're tackling the other half of the job: \"sane-itizing\" rule severities, because not every bug is Critical."},"index_image":{"value":{"description":"Image shows various elements of code security, languages and bugs","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/3b863d8e-28a8-49f6-8005-ad34ede82668/Generic%20Blog%20Image_A.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"We Are Adjusting Rules Severities"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"8ddcbe11-1ab1-4c61-a990-066402bc8103","codename":"blogpost___we_are_adjusting_rules_severities"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"If you’ve been following the releases of the Scanner for MsBuild and the C# plugin over the last two years, you must have noticed that we significantly improved our integration with the build tool and at the same time added a lot of new rules. Also, we introduced SonarQube for IDE: Visual Studio, a new tool to analyze code inside the IDE. With these steps completed we are deprecating the SonarQube Server ReSharper plugin to be able to provide a consistent, high-level experience among our tools."},"index_image":{"value":{"description":"Image shows various elements of code security, languages and bugs","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/550ac517-ee6c-44ec-99b6-94f1418e6fce/Generic%20Blog%20Image_C.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"SonarAnalyzer for C#: The Rule Engine You Want to Use"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"76a217b1-869e-4c7d-9563-c4072ec0c22e","codename":"blogpost___sonaranalyzer_for_c___the_rule_engine_y"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"In SonarQube Server 5.5 we adopted an evolved quality model, the SonarQube Server Quality Model, that takes the best from SQALE and adds what was missing. In doing so, we've highlighted project risks while retaining technical debt."},"index_image":{"value":{"description":"Image shows various elements of code security, languages and bugs","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/550ac517-ee6c-44ec-99b6-94f1418e6fce/Generic%20Blog%20Image_C.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"Bugs and Vulnerabilities are 1st Class Citizens in SonarQube Server Quality Model along with Code Smells"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"9c9aa0bd-485a-4f43-9ced-f3797c3aafa7","codename":"blogpost___bugs_and_vulnerabilities_are_1st_class_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"There have been some heated discussions recently about the Build Breaker plugin... SonarSource doesn't want to continue the feature. The community has come to see it as a must have... So I'd like to explain why at SonarSource we no longer think it should be used."},"index_image":{"value":{"description":"Image shows various elements of code security, languages and bugs","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/550ac517-ee6c-44ec-99b6-94f1418e6fce/Generic%20Blog%20Image_C.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"Why You Shouldn't Use Build Breaker"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"93577a8b-da9a-46de-aa3c-a88b8f136b7a","codename":"blogpost___why_you_shouldn_t_use_build_breaker"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"At the end of April 2015 during the Build Conference, Microsoft and SonarSource Announced SonarQube Server integration with MSBuild and Team Build. Today, half a year later, we’re releasing the SonarQube Server Scanner for MSBuild 1.0.2. But what exactly is the SonarQube Server Scanner for MSBuild? Let’s find out!"},"index_image":{"value":{"description":"Image shows various elements of code security, languages and bugs","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/3b863d8e-28a8-49f6-8005-ad34ede82668/Generic%20Blog%20Image_A.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"Analysis of Visual Studio Solutions with the SonarQube Server Scanner for MSBuild"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"64fe873a-dc7a-4256-b20a-25dedbbc0f8f","codename":"blogpost___analysis_of_visual_studio_solutions_wit"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"A few months ago, at the end of a customer presentation about “The Code Quality Paradigm Change”, I was approached by an attendee who said, “I have been following SonarQube Server & SonarSource for the last 4-5 years and I am wondering how I could have missed the stuff you just presented. Where do you publish this kind of information?”. I told him that it was all on our blog and wiki and that I would send him the links. Well..."},"index_image":{"value":{"description":"Image shows various elements of code security, languages and bugs","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/3b863d8e-28a8-49f6-8005-ad34ede82668/Generic%20Blog%20Image_A.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"Water Leak Changes the Game for Technical Debt Management"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"d8e5be2e-6fce-47d9-be0f-5114e9ad723f","codename":"blogpost___water_leak_changes_the_game_for_technic"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Starting with Java Ecosystem version 2.2 (compatible with SonarQube Server version 4.2+), we no longer drive the execution of unit tests during Maven analysis. Dropping this feature seemed like such a natural step to us that we were a little surprised when people asked us why we'd taken it."},"index_image":{"value":{"description":"Image shows various elements of code security, languages and bugs","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/641ac088-af90-4105-adeb-b808ee67a9a8/Generic%20Blog%20Image_B.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"Unit Test Execution in SonarQube Server"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"8c166592-d6e9-4b63-950c-fea5be67603a","codename":"blogpost___unit_test_execution_in_sonarqube"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"As a quality-first focus becomes increasingly important in modern software development, more and more developers are asking how to find new issues before they check their code in. \n\nFor some of you, it's a point of pride. For others, it's a question of keeping management off your back, and for still others it's simply a matter of not embarrassing yourself publicly. Fortunately, the SonarQube Server developers (being developers themselves) understand the problem and have come up with three different ways of dealing with it: the Eclipse plugin, the IntelliJ plugin, and the Issues Report plugin."},"index_image":{"value":{"description":"Image shows various elements of code security, languages and bugs","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/641ac088-af90-4105-adeb-b808ee67a9a8/Generic%20Blog%20Image_B.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"Three options for pre-commit analysis"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"eaf9ae4b-9e4c-4d0a-a27a-a1f526b4a5dd","codename":"blogpost___three_options_for_pre_commit_analysis"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Already 158 Checkstyle and PMD rules deprecated by SonarQube Server Java rules"},"index_image":{"value":{"description":"Image shows various elements of code security, languages and bugs","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/550ac517-ee6c-44ec-99b6-94f1418e6fce/Generic%20Blog%20Image_C.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"Already 158 Checkstyle and PMD rules deprecated by SonarQube Server Java rules"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"290c4176-10a6-47e3-a2d5-6c3de6e1ed27","codename":"blogpost___already_158_checkstyle_and_pmd_rules_de"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Something occurred to me recently that I wanted to share. Sometimes I'm late to the party, so this may have been obvious to you all along, but it didn't jump out at me at first, so I thought it might be worth talking about. It's the fact that the Views plugin turns a project into just another component."},"index_image":{"value":{"description":"Image shows various elements of code security, languages and bugs","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/3b863d8e-28a8-49f6-8005-ad34ede82668/Generic%20Blog%20Image_A.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"Everything's a component"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"f2b26f52-c20b-48d1-895a-52de6de2b44b","codename":"blogpost___everything_s_a_component"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"After a Sonar analysis, it's easy to see your project's current state - just browse to the project dashboard and it's laid out for you. Want details? Just start clicking. But it's not always enough to know where you are. Sometimes, you need to know where you are in comparison to where you've been."},"index_image":{"value":{"description":"Image shows various elements of code security, languages and bugs","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/3b863d8e-28a8-49f6-8005-ad34ede82668/Generic%20Blog%20Image_A.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"Differentials: Four ways to see what's changed"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"3d935b2a-3740-4806-8900-48a35fc57a6d","codename":"blogpost___differentials__four_ways_to_see_what_s_"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Sonar is a super-radiator for code quality and as such, you can expect it brings value to all stakeholders in a development group. To achieve this, Sonar must be able to show only relevant information in a certain context and shut off the noise to facilitate investigation and decision making. In this post, I will show how to customize Sonar to fit your needs by:"},"index_image":{"value":{"description":"Image shows various elements of code security, languages and bugs","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/550ac517-ee6c-44ec-99b6-94f1418e6fce/Generic%20Blog%20Image_C.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"Customizing Sonar to Fit Your Needs"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"dc2f2744-652a-42c0-b999-1d375eb14ed5","codename":"blogpost___customizing_sonar_to_fit_your_needs"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"If you use Sonar already, I am sure that you know already the worse of all 7 developer's deadly sins:\n\nAnd if you don't, I would assume you know about duplicated / cloned / similar code when you talk about quality of code and that you have heard of tools such PMD CPD or Simian.\n\nBut why does copy paste matters from a code quality point of view? How can you benefit from Sonar to improve this? Let’s try to figure this out."},"index_image":{"value":{"description":"Image shows various elements of code security, languages and bugs","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/641ac088-af90-4105-adeb-b808ee67a9a8/Generic%20Blog%20Image_B.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"Manage Duplicated Code with Sonar"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"1715993b-1078-4c80-82f4-0eaa6c509eca","codename":"blogpost___manage_duplicated_code_with_sonar"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"At SonarSource, we like eating our own dog food as much as possible. This is not always the case in software development, but in our case since we develop software for software companies, we can do it. We therefore have an instance of Sonar that analyses all our products daily. "},"index_image":{"value":{"description":"Image shows various elements of code security, languages and bugs","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/550ac517-ee6c-44ec-99b6-94f1418e6fce/Generic%20Blog%20Image_C.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"Effective Code Review with Sonar"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"8670b58c-263b-418e-bc85-80f840158be9","codename":"blogpost___effective_code_review_with_sonar"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Six months ago, we would never have believed that one day we would be happy and excited to write about the implementation of a Quality Model in Sonar. Indeed the Quality Models that we knew at the time (most of them are based on ISO 9126 standard) are complex, expensive to implement, can be understood only by an elite of quality experts and are not fun at all. "},"index_image":{"value":{"description":"Image shows various elements of code security, languages and bugs","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/3b863d8e-28a8-49f6-8005-ad34ede82668/Generic%20Blog%20Image_A.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"SQALE, the ultimate Quality Model to assess Technical Debt"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"2430a634-9a92-4a61-8dca-ea9e6e739b8e","codename":"blogpost___sqale__the_ultimate_quality_model_to_as"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Up to version 2.1, Sonar was relying only on external coding rules engines such as Checkstyle, PMD and Findbugs to report violations on Java applications. But since version 2.1, Sonar also provides its own rules engine to work on Java dependencies. This rules engine is based on Squid and three rules are currently available :"},"index_image":{"value":{"description":"Image shows various elements of code security, languages and bugs","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/641ac088-af90-4105-adeb-b808ee67a9a8/Generic%20Blog%20Image_B.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"Detect Dead Code and Calls to Deprecated Methods with Sonar Squid"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"46d57307-b3ac-460a-8831-015cd39b04d1","codename":"blogpost___detect_dead_code_and_calls_to_deprecate"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"When used out-of-the-box, Sonar is a code quality radiator accessible by everyone at anytime. Like for JIRA, Hudson, a post-it dashboard or any other piece of the development toolset transparency is a key success factor for adoption. So, by default in Sonar, anyone can access any project under continuous inspection and navigate through it."},"index_image":{"value":{"description":"Image shows various elements of code security, languages and bugs","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/550ac517-ee6c-44ec-99b6-94f1418e6fce/Generic%20Blog%20Image_C.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"Securing access to projects in Sonar"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"e78f389a-251f-47d5-aee3-467e528c91c0","codename":"blogpost___securing_access_to_projects_in_sonar"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"During the last few months, Sonar has definitely become the leading Open Source Platform to manage Java code quality. The objective to democratize access to code quality is becoming concrete. However when analyzing source code, quality is only one aspect of things... "},"index_image":{"value":{"description":"Image shows various elements of code security, languages and bugs","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/641ac088-af90-4105-adeb-b808ee67a9a8/Generic%20Blog%20Image_B.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"Sonar to identify security vulnerabilities"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"74b702ea-aed2-4ec9-96fc-1a6270609262","codename":"blogpost___sonar_to_identify_security_vulnerabilit"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Reuse in Sonar unit test reports generated by other systems"},"index_image":{"value":{"description":"Image shows various elements of code security, languages and bugs","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/641ac088-af90-4105-adeb-b808ee67a9a8/Generic%20Blog%20Image_B.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"Reuse in Sonar unit test reports generated by other systems"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"4ddaa065-a83d-48f5-85bf-1ce78ee17337","codename":"blogpost___reuse_in_sonar_unit_test_reports_genera"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Last month, Sonar 1.6 was released. The main feature of the new version is the ability to manage quality profiles. The purpose of this post is to explain what gap the functionality fills, to define what is a quality profile and to explain how to use it.\n\nPrior to Sonar 1.6, it was only possible to run analysis with one set of defined coding rules per instance of Sonar. It means that within an instance of Sonar, it was not possible to process differently various types of projects (legacy application, technical libraries, new projects, ...). They were all analyzed with the same set of rules. Therefore there was sometimes unnecessary noise around the quality data that made it difficult to see quickly what real action was required. Sonar 1.6 turns off this noise by allowing to define and simultaneously use several quality profiles."},"index_image":{"value":{"description":"Image shows various elements of code security, languages and bugs","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/550ac517-ee6c-44ec-99b6-94f1418e6fce/Generic%20Blog%20Image_C.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"Using quality profiles in Sonar"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"1f7d4a58-d92d-43b6-b357-c5002985a873","codename":"blogpost___using_quality_profiles_in_sonar"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"There is often some misunderstanding when people talk about coding rules engines. Everyone tries to take position in favor of his preferred tool and does his best to explain what are the weaknesses of the other ones."},"index_image":{"value":{"description":"Image shows various elements of code security, languages and bugs","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/641ac088-af90-4105-adeb-b808ee67a9a8/Generic%20Blog%20Image_B.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"What makes Checkstyle, PMD, Findbugs and Macker complementary ?"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"fc07f6c7-cc05-41f2-a4b7-d31912ad4555","codename":"blogpost___what_makes_checkstyle__pmd__findbugs_an"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"Googling on Cyclomatic Complexity (CC), gives some interesting results... Among those results, you'll find the two following definitions :"},"index_image":{"value":{"description":"Image shows various elements of code security, languages and bugs","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/3b863d8e-28a8-49f6-8005-ad34ede82668/Generic%20Blog%20Image_A.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"Discussing Cyclomatic Complexity"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"8e76e111-e1c8-4c84-bf0b-9e63f8637118","codename":"blogpost___discussing_cyclomatic_complexity"}},{"value":{"index_subheadline":{"value":"Blog post"},"index_perex":{"value":"When talking about source code quality, there are always voices to tell you that metrics mean nothing and that plenty of projects have great metrics and poor quality! Let's look at one particular metric: the code coverage by unit tests."},"index_image":{"value":{"description":"Image shows various elements of code security, languages and bugs","height":1256,"url":"https://assets-eu-01.kc-usercontent.com:443/ef593040-b591-0198-9506-ed88b30bc023/3b863d8e-28a8-49f6-8005-ad34ede82668/Generic%20Blog%20Image_A.png","width":2401}},"index_icon":{"value":null},"index_headline":{"value":"Is 80% of code coverage any good ?"},"index_cta":{"value":""},"category":{"value":{"__typename":"kontent_item_article_category","system":{"id":"b631c0f5-2815-4ce6-8680-5e5fd3ce7ea7"},"elements":{"name":{"value":"Blog"},"url_slug":{"value":"blog"}}}},"tags":{"value":[]},"index_card_clickable":{"value":null}},"system":{"id":"885b2238-9ce3-4062-a5d9-586ce7237064","codename":"blogpost___is_80__of_code_coverage_any_good__"}}]}}}