Sonar's latest blog posts
State of Code Developer Survey report: The current reality of AI coding
Sonar analyzes over 750 billion lines of code every day. This gives us a unique, high-level view of the state of code quality and security across the globe.
Shadow AI is already writing your code
In the third chapter of the report, we examine the tools developers are choosing to get the job done. The data reveals a fragmented landscape where standard corporate toolkits are competing with a massive wave of "bring your own AI" adoption.
Read article >
How to choose your LLM without ruining your Java code
When evaluating a new AI model, ensuring the code compiles and executes is only the baseline. Experienced developers know that functionality is just the first step; the true standard for production-ready software is code that is reliable, maintainable, and secure.
Read article >
Get new blog posts delivered directly to your inbox!
Stay up-to-date with the latest Sonar content. Subscribe now to receive the latest blog articles.
Stop secrets before the commit: Join the beta for SonarQube's new secrets CLI
This blog post explains why secrets detection is critical and how Sonar’s integrated approach reduces noise. It also explains how the new SonarQube Secrets CLI helps teams catch secrets locally.
Read article >
The AI trust gap: Why code verification matters
In this second chapter of our State of Code Developer Survey report, we dig deeper into the developer psyche to answer a critical question: Do developers actually trust the code that AI systems are generating?
Read article >
Modernizing finance: Insights from a platform engineering leader
We recently sat down with a Platform Engineering leader at a major financial services institution to discuss the realities of modern software development in their highly regulated, distributed environment.
Read article >
State of Code Developer Survey report: The current reality of AI coding
What we found challenges the common narrative. While AI adoption is massive, it hasn’t led to a simple, linear boost in productivity. Instead, it has shifted the bottleneck from writing code to verifying it.
Read article >
Vibe, then verify: SonarQube 2025 year in review
As we look back at the year we just closed, one thing is clear: 2025 was the year of acceleration. Development teams moved faster than ever.
Read article >
Seven indicators your codebase is unmanageable
This article outlines seven indicators of an unmanageable codebase and details how continuous, automated code review using SonarQube provides the mandatory data metrics for diagnosis, quantitative prioritization, and remediation, transforming the management of code quality issues from a severe burden into a strategic investment.
Read article >