Sonar's latest blog posts

Featured Post

Announcing SonarSweep: Improving training data quality for coding LLMs

Recent research from Anthropic has shown that even a small amount of malicious or poor quality training data can have a massively negative impact on a model’s performance, exposing users to significant security and quality issues.

Read More
https://assets-eu-01.kc-usercontent.com:443/55017e37-262d-017b-afd6-daa9468cbc30/c4c32669-0e01-4074-926a-1b257686a90c/sonarsweep_blog_or_press_featured_with_mark__2x.webp
Image for Common TypeScript Issues Nº 3: unused local variables and functions
Blog post

Common TypeScript Issues Nº 3: unused local variables and functions

We crunched the data from SonarQube for IDE to discover the top 5 most common TypeScript issues. In this 5 part series, we outline each issue and how to avoid it.

Read Blog >

Person's-fingers-typing-really-fast-on-a-keyboard-to-increase-developer-velocity.
Blog post

Increase developer velocity today with Clean as You Code

The Clean as You Code methodology allows developers to keep working on new and interesting projects without sacrificing quality or getting bogged down in refactoring legacy code.

Read Blog >

Get new blogs delivered directly to your inbox!

Stay up-to-date with the latest Sonar content. Subscribe now to receive the latest blog articles.

I do not wish to receive promotional emails about upcoming SonarQube updates, new releases, news and events.

By submitting this form, you agree to the storing and processing of your personal data as described in the Privacy Policy and Cookie Policy. You can withdraw your consent by unsubscribing at any time.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Image for We are Sonar!
Blog post

We are Sonar!

Culture is a key aspect of working at Sonar. It is our binding agent; it is what we value, what we believe in, the way we work, and the way we interact. It is what makes us SonarSourcers!

Read Blog >

Common mistake in Typescript #5
Blog post

Common TypeScript Issues Nº 4: Don't create and drop objects immediately

We crunched the data from SonarQube for IDE to discover the top 5 most common TypeScript issues. In this 5 part series, we outline each issue and how to avoid it.

Read Blog >

SonarQube LTS 9.9
Blog post

Announcing SonarQube Server 9.9 LTS!

Big year, big announcement – the most anticipated SonarQube Server 9.9 Long-Term-Support release is here! Check out this post for all details.

Read Blog >

Common mistake in Typescript #5
Blog post

Common TypeScript Issues Nº 5: Optional property declarations

We crunched the data from SonarQube for IDE to discover the top 5 most common TypeScript issues. In this 5 part series, we outline each issue and how to avoid it.

Read Blog >

Image for OpenEMR - Remote Code Execution in your Healthcare System
Blog post

OpenEMR - Remote Code Execution in your Healthcare System

We recently discovered three vulnerabilities that allow arbitrary code execution on OpenEMR. Let’s see what we can learn from them and discuss their patches!

Read Blog >

Image for Vulnerability Research Highlights 2022
Blog post

Vulnerability Research Highlights 2022

Our research team looks back at a great year and summarizes the highlights of their vulnerability research in 2022.

Read Blog >

Image for Level up your team's skills as they code
Blog post

Level up your team's skills as they code

Clear context and specific education for why an issue occurs and how to fix it should be by the developers’ side without leaving the development workflow. Sonar has your answer.

Read Blog >

Image for Lesser spotted React mistakes: What are we even rendering?
Blog post

Lesser spotted React mistakes: What are we even rendering?

This series is dedicated to the small, but common pitfalls and errors you can encounter when writing React code. Whether an experienced JavaScript | TypeScript developer or just starting out, the results can be surprising.

Read Blog >

Image for Cacti: Unauthenticated Remote Code Execution
Blog post

Cacti: Unauthenticated Remote Code Execution

Learn how we discovered a critical vulnerability in Cacti with the help of SonarQube Cloud.

Read Blog >