Sonar Blog

Quality

Blog

Sonar's latest blog posts

Featured Post

What is Clean Code?

If you’ve followed us for a while, you most likely noticed that we changed the way we describe what we do: from “code quality” to “continuous code inspection,” then “code quality and code security”… to Clean Code.


But what is Clean Code, and what does it encompass?

Read More
https://assets-eu-01.kc-usercontent.com:443/221b35a8-1bfa-01c4-543d-cc939fe2eaee/ddb995eb-cb89-4435-82fb-1b937cdf11dc/what_is_clean_code_blog_feature.webp
https://assets-eu-01.kc-usercontent.com:443/221b35a8-1bfa-01c4-543d-cc939fe2eaee/09066b98-a5f5-41aa-9c0a-98ac0e42cbf8/clean_code_tips_blog_index.webp
Blog post

#CleanCodeTips: Unlock Your Coding Potential

As software development evolves, keeping up with best practices, the latest trends, and ensuring your code remains top-notch can feel like sailing uncharted waters. Sonar has the Clean Code tips for you!

Read article >

https://assets-eu-01.kc-usercontent.com:443/221b35a8-1bfa-01c4-543d-cc939fe2eaee/75e7d0c4-4811-4a1f-853b-ab1c4b907e17/r_c_e_vulnerability_mailspring_blog_index.webp
Blog post

Reply to calc: The Attack Chain to Compromise Mailspring

Learn how an attacker can combine multiple security vulnerabilities to achieve arbitrary code execution on a victim that tries to reply or forward a malicious mail in Mailspring.

Read article >

Get new blogs delivered directly to your inbox!

Stay up-to-date with the latest Sonar content. Subscribe now to receive the latest blog articles.

SonarQube and PCI DSS 4.0
Blog post

Are You Ready For PCI DSS 4.0?

PCI DSS 3.2.1 is being retired on March 31, 2024. Are you ready for the new standard, PCI DSS 4.0?

Read article >

https://assets-eu-01.kc-usercontent.com:443/221b35a8-1bfa-01c4-543d-cc939fe2eaee/9c571123-24c2-4b5a-881e-d78b383e3254/pattern_matching_in_java_blog_index%20%282%29.webp
Blog Post

Increase readability with Java's Pattern Matching

Increase readability, reduce cognitive complexity, and avoid bugs that are hard to spot with Java's Pattern Matching.

Read blog post >

https://assets-eu-01.kc-usercontent.com:443/221b35a8-1bfa-01c4-543d-cc939fe2eaee/e9c9976c-6a7a-4723-9a4a-d1ace3f30ea8/opennms_vulnerabilities_blog_index.webp
Blog post

OpenNMS Vulnerabilities: Securing Code against Attackers’ Unexpected Ways

Learn which unexpected ways attackers may take to exploit code vulnerabilities and how to secure against them.

Read article >

https://assets-eu-01.kc-usercontent.com:443/221b35a8-1bfa-01c4-543d-cc939fe2eaee/4ef3a97b-688d-40e2-b56e-f9e262a742a9/white_house_memory_safe_blog_index.webp
Blog post

White House emphasizes need for proactive coding practices to counter cyber attacks

The ONCD recent report puts a spotlight on one of the most foundational issues that result in insecure software. Sonar applauds the administration’s call for addressing software vulnerabilities at the programming language and source code levels.

Read blog post >

https://assets-eu-01.kc-usercontent.com:443/221b35a8-1bfa-01c4-543d-cc939fe2eaee/78ccb47b-5861-4529-8ae5-9cac626d51aa/sonar_updates_iso_certificate_blog_index.webp
Blog post

Sonar Reaffirms Strength of its Information Security Management Systems by Earning The Latest ISO Certification, ISO27001:2022

As part of our continuously advancing and improving security practice, we are pleased to announce that Sonar and its products are now certified to the latest version of the ISO72001 standard.

Read article >

https://assets-eu-01.kc-usercontent.com:443/221b35a8-1bfa-01c4-543d-cc939fe2eaee/839b29ec-3657-4416-aef2-e87ab4dc596f/prooblem_awareness_blog_index.webp
Blog post

How timely delivery comes from transparent outsourced software development communication

Ineffective communication impacts everything in software development. To ensure your next project meets expectations, transparent communication is essential for driving timely delivery when working with internal and external development teams.

Read article >

https://assets-eu-01.kc-usercontent.com:443/221b35a8-1bfa-01c4-543d-cc939fe2eaee/4e7b2e5e-5b8b-4ab8-8fbe-88ab1661ae77/java_immutability_blog_index%20%281%29.webp
Blog Post

Builders, Withers, and Records - Java’s path to immutability

We know that immutable objects are easier to maintain, lead to fewer errors, and are multi-thread friendly. This article will show two different approaches to creating objects: Builders and Withers, along with a new type of immutable object in Java: Records

Read blog post >

https://assets-eu-01.kc-usercontent.com:443/221b35a8-1bfa-01c4-543d-cc939fe2eaee/51277f8d-1245-4bb8-bbc4-7e0102838175/joomla_xss_vulnerabilities_blog_index.webp
Blog post

Joomla: PHP Bug Introduces Multiple XSS Vulnerabilities

Our Clean Code solution, SonarCloud, led us to a severe security issue in the popular Content Management System Joomla.

Read article >

A stylistic Venn diagram
Blog post

Union, intersection, difference, and more are coming to JavaScript Sets

The JavaScript Set was introduced to the language in the ES2015 spec, but it has always seemed incomplete. That's about to change with the addition of functions like intersection, union and difference.

Read blog post >