Code quality
Using dashboards in SonarQube Cloud
Visualizing key code quality and security metrics for your SonarQube Cloud projects just became easier with the general availability of customizable project dashboards.
Read article >
Stop malicious packages in your CI/CD pipeline with SonarQube
“Malware”, short for “malicious software” has been around for decades, starting with the first computer viruses of the 1990s. Early malware was mostly experimentation and pranks.
Read article >
How to choose your LLM without ruining your Java code
When evaluating a new AI model, ensuring the code compiles and executes is only the baseline. Experienced developers know that functionality is just the first step; the true standard for production-ready software is code that is reliable, maintainable, and secure.
Read article >
State of Code Developer Survey report: The current reality of AI coding
What we found challenges the common narrative. While AI adoption is massive, it hasn’t led to a simple, linear boost in productivity. Instead, it has shifted the bottleneck from writing code to verifying it.
Read article >
New data on code quality: GPT-5.2 high, Opus 4.5, Gemini 3, and more
Today, we are making all evaluations available in a new Sonar LLM leaderboard and sharing our latest findings on GPT-5.2 High, GPT-5.1 High, Gemini 3.0 Pro, Opus 4.5 Thinking, and Claude Sonnet 4.5.
Read article >
Why prioritizing code quality is the fastest way to reduce security risks
The common perception is that a security vulnerability is a rare, complex attack pattern. In reality, the journey of most flaws begins much earlier and much more simply: as a code quality issue. For both developers and security practitioners, understanding this lifecycle is crucial to building secure, reliable, and maintainable software.
Read article >