Sonar Logo
Start for FreeExplore Pricing

Sonar Blog

Quality

Blog

Sonar's latest blog posts

Featured Post

What is Clean Code?

If you’ve followed us for a while, you most likely noticed that we changed the way we describe what we do: from “code quality” to “continuous code inspection,” then “code quality and code security”… to Clean Code.


But what is Clean Code, and what does it encompass?

Read More
https://assets-eu-01.kc-usercontent.com:443/c9070a0b-191e-01d1-d983-7e70035d7082/ddb995eb-cb89-4435-82fb-1b937cdf11dc/what_is_clean_code_blog_feature.webp
https://assets-eu-01.kc-usercontent.com:443/c9070a0b-191e-01d1-d983-7e70035d7082/8b48b3ee-c446-482c-8c95-ceb0e3221eb7/sourceforge_blog_index.webp
Blog post

Dangerous Import: SourceForge Patches Critical Code Vulnerability

Our Vulnerability Research team discovered a critical code vulnerability in SourceForge, which attackers could have used to poison deployed files and spread malware to millions of users.

Read article >

https://assets-eu-01.kc-usercontent.com:443/c9070a0b-191e-01d1-d983-7e70035d7082/fe0eab56-9d1e-4e28-af32-cf3c66bc4192/ai_generated_code_blog_index.webp
Blog post

AI-Generated Code Demands ‘Trust, But Verify’ Approach to Software Development

Pairing the "trust, but verify" approach with the power of Sonar’s Clean Code solutions enables organizations to be confident that their AI-generated code is high-quality, maintainable, reliable, and secure.

Read blog post >

Get new blogs delivered directly to your inbox!

Stay up-to-date with the latest Sonar content. Subscribe now to receive the latest blog articles.

https://assets-eu-01.kc-usercontent.com:443/c9070a0b-191e-01d1-d983-7e70035d7082/1819ec3a-30df-49a3-bb52-3ec27a444446/c-sharp_logging_blog_index.webp
Blog post

C# Logging Best Practices with .NET

Are you writing logging code in your app? Logging correctly can be tricky. It is an important part of tracking the progress of your app while running and determining the origin of problems when they arise. In this blog post Denis Troller walks you through common pitfalls and logging best practices when coding in C# with .NET.

Read blog post >

https://assets-eu-01.kc-usercontent.com:443/c9070a0b-191e-01d1-d983-7e70035d7082/d08b7f02-7fe4-43fa-8cbe-9175e923e26a/apache_dubbo_consumer_risks_blog_index.webp
Blog post

Apache Dubbo Consumer Risks: The Road Not Taken

Explore the lesser-known Apache Dubbo risks that weren’t well documented until now, and delve into the importance of clean code ensuring clarity, maintainability, and comprehensibility.

Read article >

https://assets-eu-01.kc-usercontent.com:443/c9070a0b-191e-01d1-d983-7e70035d7082/a9721003-a658-4ae8-a32e-9fdee3a84740/java_21_new_rules_blog_index.webp
Blog Post

Ensuring the right usage of Java 21 new features

Last September 2023 Java 21 was released as the latest LTS (Long Time Support). But taking advantage of the changes and new features, which we are not used to including in our code, can be a tough task. Also, it can lead to improper use or poor uptake, bugs, or basically not taking full advantage of new improvements.

Read blog post >

https://assets-eu-01.kc-usercontent.com:443/c9070a0b-191e-01d1-d983-7e70035d7082/69c9a58f-4ba6-4c43-be6c-1b5f6d5a4db0/development_speed_and_code_quality_blog_index.webp
Blog post

Technical debt’s impact on development speed and code quality

By acknowledging the impact of technical debt and embracing proactive solutions like Sonar, development teams can mitigate its effects and build software that is resilient, reliable, and scalable.

Read article >

https://assets-eu-01.kc-usercontent.com:443/c9070a0b-191e-01d1-d983-7e70035d7082/705b838c-d9ff-4043-bfbc-f16b478b86c8/dora_compliance_blog_index.webp
Blog post

DORA Compliance for Financial Entities

Leveraging Sonar solutions to ensure code security by design

Read article >

https://assets-eu-01.kc-usercontent.com:443/c9070a0b-191e-01d1-d983-7e70035d7082/58960610-017f-4c9a-ad03-0fd8c166cd7b/vulnerabilities_in_erxes_blog_index.webp
Blog post

Micro Services, Major Headaches: Detecting Vulnerabilities in Erxes' Microservices

Our vulnerability researchers discovered critical vulnerabilities in Erxes with the help of SonarCloud. Learn about the details and how to triage such issues in your own code!

Read article >

https://assets-eu-01.kc-usercontent.com:443/c9070a0b-191e-01d1-d983-7e70035d7082/194832d8-073b-458c-b7b3-116063be9efb/dirname_in_es_modules_blog_index.webp
Blog post

__dirname is back in Node.js with ES modules

Node.js is reducing friction when using ES modules by making it easier to get the current module directory name

Read blog post >

https://assets-eu-01.kc-usercontent.com:443/c9070a0b-191e-01d1-d983-7e70035d7082/09066b98-a5f5-41aa-9c0a-98ac0e42cbf8/clean_code_tips_blog_index.webp
Blog post

#CleanCodeTips: Unlock Your Coding Potential

As software development evolves, keeping up with best practices, the latest trends, and ensuring your code remains top-notch can feel like sailing uncharted waters. Sonar has the Clean Code tips for you!

Read article >

https://assets-eu-01.kc-usercontent.com:443/c9070a0b-191e-01d1-d983-7e70035d7082/75e7d0c4-4811-4a1f-853b-ab1c4b907e17/r_c_e_vulnerability_mailspring_blog_index.webp
Blog post

Reply to calc: The Attack Chain to Compromise Mailspring

Learn how an attacker can combine multiple security vulnerabilities to achieve arbitrary code execution on a victim that tries to reply or forward a malicious mail in Mailspring.

Read article >