Sonar's latest blog posts
Building Confidence and Trust in AI-Generated Code
To tackle the accountability and ownership challenge accompanying AI-generated code, we are introducing Sonar AI Code Assurance


Sonar at JSNation 2023 in Amsterdam
We take a look at our highlights from JSNation 2023 in Amsterdam, including our favourite talks, memorable conversations and key takeaways.
Read Blog post >

What Mr. Miyagi can teach you about writing Clean Code
Just like it's not enough to simply practice karate for Mr. Miyagi, it's not enough for Sonar to find and fix issues when guiding developers to practice Clean Code. Developers should be able to find, understand, and fix issues to write Clean Code optimally.
Read blog post >
Get new blogs delivered directly to your inbox!
Stay up-to-date with the latest Sonar content. Subscribe now to receive the latest blog articles.

Why SonarQube Server 9.9 LTS is a must-have for Java developers
Explore the game-changing features of SonarQube Server 9.9 LTS, empowering Java developers to write Clean Code with enhanced speed and precision.
Read article >

Hands on with the Node.js test runner
Node.js released an experimental test runner in version 18 and made that test runner stable in version 20. What does that mean for us as JavaScript developers?
Read article >

Maintainer burnout is real. Almost 60% of maintainers have quit or considered quitting maintaining one of their projects
Against a backdrop of increasing demands on open source maintainers from industry and government, we wanted to use this year’s survey to see how they are hanging in there.
Read article >

Reflections from OffensiveCon 2023
Our Vulnerability Researchers are just returning from their trip to Berlin where they attended OffensiveCon 2023! Here's what they loved about the event.
Read blog post >

8 ways to build your continuous vulnerability management strategy
These days, most software organizations have a vulnerability remediation strategy in place. It’s often a fully reactive approach
Read article >

Sonar and HashiCorp Partner to Deliver Clean Terraform Code & Good Vibes
Learn about the Sonar - HashiCorp partnership and the SonarQube Cloud Terraform Cloud integration.
Read Blog post >

SonarQube for IDE supports Go analysis!
SonarQube for IDE supports Go analysis!
Read Blog post >

Pimcore: One click, two security vulnerabilities
We discovered two vulnerabilities in Pimcore that could be chained together in one GET request to achieve RCE.
Read article >

Is Clean Code the solution to Jupyter notebook code quality?
Is Clean Code the solution to Jupyter notebook code quality?
Read Blog post >