Sonar's latest blog posts
Solving the Engineering Productivity Paradox
Sonar CEO, Tariq Shaukat, shares how AI-generated code absolutely must be reviewed before it's merged into your codebase, and how SonarQube can help.


What Mr. Miyagi can teach you about writing Clean Code
Just like it's not enough to simply practice karate for Mr. Miyagi, it's not enough for Sonar to find and fix issues when guiding developers to practice Clean Code. Developers should be able to find, understand, and fix issues to write Clean Code optimally.
Read blog post >

Why SonarQube Server 9.9 LTS is a must-have for Java developers
Explore the game-changing features of SonarQube Server 9.9 LTS, empowering Java developers to write Clean Code with enhanced speed and precision.
Read article >
Get new blogs delivered directly to your inbox!
Stay up-to-date with the latest Sonar content. Subscribe now to receive the latest blog articles.

Hands on with the Node.js test runner
Node.js released an experimental test runner in version 18 and made that test runner stable in version 20. What does that mean for us as JavaScript developers?
Read article >

Maintainer burnout is real. Almost 60% of maintainers have quit or considered quitting maintaining one of their projects
Against a backdrop of increasing demands on open source maintainers from industry and government, we wanted to use this year’s survey to see how they are hanging in there.
Read article >

Reflections from OffensiveCon 2023
Our Vulnerability Researchers are just returning from their trip to Berlin where they attended OffensiveCon 2023! Here's what they loved about the event.
Read blog post >

8 ways to build your continuous vulnerability management strategy
These days, most software organizations have a vulnerability remediation strategy in place. It’s often a fully reactive approach
Read article >

Sonar and HashiCorp Partner to Deliver Clean Terraform Code & Good Vibes
Learn about the Sonar - HashiCorp partnership and the SonarQube Cloud Terraform Cloud integration.
Read Blog post >

SonarQube for IDE supports Go analysis!
SonarQube for IDE supports Go analysis!
Read Blog post >

Pimcore: One click, two security vulnerabilities
We discovered two vulnerabilities in Pimcore that could be chained together in one GET request to achieve RCE.
Read article >

Is Clean Code the solution to Jupyter notebook code quality?
Is Clean Code the solution to Jupyter notebook code quality?
Read Blog post >

ES2023 introduces new array copying methods to JavaScript
There are new array methods in JavaScript and they are here to make our programs more predictable and maintainable.
Read blog post >