| Cacti: Unauthenticated Remote Code Execution |
Stefan Schiller |
Jan. 03, 2023 |
1450 |
- |
| Common TypeScript Issues Nº 5: Optional property declarations |
Phil Nash |
Jan. 30, 2023 |
661 |
- |
| Lesser spotted React mistakes: What are we even rendering? |
Gabriel Vivas |
Jan. 05, 2023 |
1547 |
- |
| Level up your team's skills as they code |
Liz Ryan |
Jan. 10, 2023 |
621 |
- |
| OpenEMR - Remote Code Execution in your Healthcare System |
Dennis Brinkrolf |
Jan. 25, 2023 |
1695 |
- |
| Vulnerability Research Highlights 2022 |
Johannes Dahse |
Jan. 11, 2023 |
1709 |
- |
| Increase developer velocity today with Clean as You Code |
Liz Ryan |
Feb. 16, 2023 |
845 |
- |
| We are Sonar! |
Marisa Davis |
Feb. 14, 2023 |
736 |
- |
| Common TypeScript Issues Nº 4: Don't create and drop objects immediately |
Phil Nash |
Feb. 07, 2023 |
674 |
- |
| Common TypeScript Issues Nº 3: unused local variables and functions |
Phil Nash |
Feb. 20, 2023 |
896 |
- |
| Clean Code: The Best Approach to Writing Secure Cloud Native Apps |
Clint Cameron |
Feb. 21, 2023 |
310 |
- |
| Empowering weak primitives: file truncation to code execution with Git |
Thomas Chauchefoin |
Feb. 27, 2023 |
1042 |
- |
| Common TypeScript Issues Nº 2: non-empty statements |
Phil Nash |
Mar. 01, 2023 |
926 |
- |
| SonarQube LTS Upgrade Checklist |
Brian Cipollone |
Mar. 06, 2023 |
912 |
- |
| Celebrating International Women's Day with the women of Sonar |
Liz Ryan |
Mar. 08, 2023 |
2577 |
- |
| Common TypeScript Issues Nº 1: assignments within sub-expressions |
Phil Nash |
Mar. 08, 2023 |
895 |
- |
| 9 more reasons to upgrade to SonarQube 9.9 LTS |
Colin Mueller |
Mar. 13, 2023 |
1021 |
- |
| Cloud native features in SonarQube 9.9 LTS |
Clint Cameron |
Mar. 16, 2023 |
488 |
- |
| The top 5 common TypeScript issues found by SonarLint |
Phil Nash |
Mar. 20, 2023 |
615 |
- |
| Your Guide to Clean Code in Cloud Native Apps |
Clint Cameron |
Mar. 23, 2023 |
306 |
- |
| Sonar is the Clean Code solution for your DevOps workflow |
Liz Ryan |
Mar. 28, 2023 |
1055 |
- |
| It’s a (SNMP) Trap: Gaining Code Execution on LibreNMS |
Stefan Schiller |
Mar. 29, 2023 |
1704 |
- |
| Announcing SonarQube 10.0 |
Kirti Joshi |
Apr. 04, 2023 |
257 |
- |
| How bad code destroys developer velocity |
Liz Ryan |
Apr. 05, 2023 |
176 |
- |
| Another 9 reasons to upgrade to SonarQube 9.9 LTS |
Colin Mueller |
Apr. 05, 2023 |
1074 |
- |
| Pretalx Vulnerabilities: How to get accepted at every conference |
Stefan Schiller |
Apr. 12, 2023 |
1786 |
- |
| Sonar ❤️ Compiler Explorer: Write clean C++ code inside your browser |
Fred Tingaud |
Apr. 16, 2023 |
1312 |
- |
| Interview with Sonar Python Developers Part 1 |
Andrew Osborne |
Apr. 17, 2023 |
1439 |
- |
| Odoo: Get your Content Type right, or else! |
Dennis Brinkrolf, Thomas Chauchefoin |
Apr. 24, 2023 |
1849 |
- |
| Interview with Sonar Python Developers Part 2 |
Andrew Osborne |
Apr. 25, 2023 |
1044 |
- |
| Reflections from DevNexus, the largest Java conference in the U.S.A. |
Jonathan Vila Lopez |
Apr. 30, 2023 |
670 |
- |
| Weird Python: 5 Unexpected Behaviors in the Python Interpreter |
Quazi Nafiul Islam |
May. 01, 2023 |
988 |
- |
| Why SonarQube 9.9 LTS is a must-have for Python developers |
Colin Mueller |
May. 04, 2023 |
1546 |
- |
| CNCF Silver membership |
Jonathan Vila |
May. 04, 2023 |
183 |
- |
| ES2023 introduces new array copying methods to JavaScript |
Phil Nash |
May. 10, 2023 |
1332 |
1 |
| Is Clean Code the solution to Jupyter notebook code quality? |
Andrew Osborne |
May. 10, 2023 |
1481 |
- |
| SonarCloud or SonarQube? - Guidance on Choosing One for Your Team |
Clint Cameron |
May. 15, 2023 |
1233 |
- |
| Pimcore: One click, two security vulnerabilities |
Yaniv Nizry |
May. 15, 2023 |
1577 |
- |
| SonarLint supports Go analysis! |
Andrew Osborne |
May. 17, 2023 |
570 |
- |
| Sonar and HashiCorp Partner to Deliver Clean Terraform Code & Good Vibes |
Clint Cameron |
May. 23, 2023 |
580 |
- |
| Reflections from OffensiveCon 2023 |
Thomas Chauchefoin |
May. 24, 2023 |
1012 |
- |
| Hands on with the Node.js test runner |
Phil Nash |
May. 30, 2023 |
2099 |
1 |
| Why SonarQube 9.9 LTS is a must-have for Java developers |
Colin Mueller |
Jun. 01, 2023 |
2003 |
- |
| What Mr. Miyagi can teach you about writing Clean Code |
Liz Ryan |
Jun. 06, 2023 |
862 |
- |
| Sonar at JSNation 2023 in Amsterdam |
Gabriel Vivas |
Jun. 08, 2023 |
676 |
- |
| Smarter Together: Fostering a culture of collaboration and growth at Sonar |
Marisa Davis |
Jun. 14, 2023 |
851 |
- |
| SonarQube 10.1 release announcement |
Kirti Joshi |
Jun. 21, 2023 |
208 |
- |
| Why SonarQube 9.9 LTS is a must-have for JavaScript and TypeScript Developers |
Colin Mueller |
Jun. 22, 2023 |
1357 |
- |
| Why ORMs and Prepared Statements Can't (Always) Win |
Thomas Chauchefoin |
Jun. 26, 2023 |
2037 |
- |
| TyphoonCon 2023 Wrap Up |
Thomas Chauchefoin |
Jun. 29, 2023 |
586 |
- |
| TROOPERS 2023 Conference Takeaways |
Stefan Schiller |
Jul. 05, 2023 |
886 |
- |
| Why SonarQube 9.9 LTS is a must-have for PHP Developers |
Colin Mueller |
Jul. 13, 2023 |
978 |
- |
| How Sonar Developer Advocates got started in their careers |
Liz Ryan |
Jul. 18, 2023 |
1837 |
- |
| New Research from Sonar on Cost of Technical Debt |
Manish Gupta |
Jul. 19, 2023 |
592 |
- |
| A Twist in the Code: OpenMeetings Vulnerabilities through Unexpected Application State |
Stefan Schiller |
Jul. 19, 2023 |
1697 |
- |
| Working with Multiple Code Variants in C++ |
Phil Nash |
Aug. 03, 2023 |
1194 |
- |
| WeAreDevelopers 2023 - what did you miss? |
Andrew Osborne |
Aug. 10, 2023 |
620 |
- |
| No, C++ static analysis does not have to be painful |
Geoffray Adde |
Aug. 13, 2023 |
1452 |
- |
| Patches, Collisions, and Root Shells: A Pwn2Own Adventure |
Paul Gerste, Thomas Chauchefoin, Stefan Schiller |
Aug. 14, 2023 |
1793 |
- |
| What is deeper SAST in JavaScript? |
Phil Nash |
Aug. 17, 2023 |
1059 |
- |
| BlackHat 2023: Hackers, Casinos, and an Exciting Announcement |
Kirti Joshi | Thomas Chauchefoin |
Aug. 18, 2023 |
834 |
- |
| Playing Dominos with Moodle's Security (1/2) |
Yaniv Nizry |
Aug. 21, 2023 |
1114 |
- |
| Enhancing SAST Detection: Leveraging Benchmarks for Measuring Progress |
Alexandre Gigleux |
Aug. 20, 2023 |
793 |
- |
| Playing Dominos with Moodle's Security (2/2) |
Yaniv Nizry |
Aug. 28, 2023 |
1522 |
- |
| Code Vulnerabilities Put Proton Mails at Risk |
Paul Gerste |
Sep. 04, 2023 |
3509 |
4 |
| Introducing SonarQube 10.2: Setting New Standards in Code Quality and Security |
Bianka Banova |
Sep. 06, 2023 |
1210 |
- |
| Get the benefits of TypeScript in your JavaScript |
Phil Nash |
Sep. 07, 2023 |
1552 |
- |
| Security Guy TV Interview - Going Deeper with SAST and Clean Code |
Katie Hyman |
Sep. 08, 2023 |
2129 |
- |
| Code Vulnerabilities Put Skiff Emails at Risk |
Paul Gerste |
Sep. 12, 2023 |
1934 |
- |
| Typing your JavaScript without writing TypeScript |
Phil Nash |
Sep. 13, 2023 |
617 |
- |
| Enhancing Software Development Practices through SonarQube: A Path to Continuous Learning |
Hannah Zimmerman |
Sep. 14, 2023 |
566 |
- |
| The new JDK LTS is out! Long live JDK 21! |
Jonathan Vila |
Sep. 19, 2023 |
953 |
- |
| Remote Code Execution in Tutanota Desktop due to Code Flaw |
Paul Gerste |
Sep. 20, 2023 |
2741 |
2 |
| 5 Clean Code Tips for Reducing Cognitive Complexity |
John Clifton |
Sep. 22, 2023 |
532 |
- |
| Open Source Summit 2023 |
Jonathan Vila |
Sep. 26, 2023 |
473 |
- |
| Source Code at Risk: Critical Code Vulnerability in CI/CD Platform TeamCity |
Stefan Schiller |
Sep. 26, 2023 |
1536 |
1 |
| Sonar's Scoring on the Top 3 Java SAST Benchmarks |
Alexandre Gigleux |
Sep. 26, 2023 |
824 |
- |
| Unzipping Dangers: OpenRefine Zip Slip Vulnerability |
Stefan Schiller |
Sep. 27, 2023 |
1276 |
- |
| A comprehensive guide to the dangers of Regular Expressions in JavaScript |
Phil Nash |
Sep. 28, 2023 |
2901 |
1 |
| Why I’m passionate about Static Analysis and how I helped make it better |
Abbas Sabra |
Oct. 02, 2023 |
2212 |
- |
| ISMG Interview - Securing Applications, Accelerating DevOps with Clean Code |
Katie Hyman |
Oct. 05, 2023 |
1975 |
- |
| Interview with Sonar Java Enthusiasts |
Tony Graham |
Oct. 09, 2023 |
1948 |
- |
| Java SAST Benchmarks: why you shouldn't trust them blindly |
Pierre-Loup Tristant |
Oct. 11, 2023 |
1111 |
- |
| Security Vulnerabilities in CasaOS |
Thomas Chauchefoin |
Oct. 17, 2023 |
2087 |
- |
| What is Clean Code? |
Gabriel Vivas |
Oct. 18, 2023 |
1552 |
- |
| Highlights from Hexacon 2023 |
Stefan Schiller |
Oct. 18, 2023 |
817 |
- |
| Shifting Right for Secure Platforms and DevOps |
Ben Dechrai |
Oct. 25, 2023 |
1430 |
- |
| 9 Steps to get the most out of your SonarCloud Trial |
Zoe Bell |
Nov. 07, 2023 |
1684 |
- |
| Linux Foundation Chat: Open Source & Clean Code |
Katie Hyman |
Nov. 07, 2023 |
300 |
- |
| Visual Studio Code Security: Deep Dive into Your Favorite Editor (1/3) |
Thomas Chauchefoin, Paul Gerste |
Nov. 07, 2023 |
3389 |
- |
| Sonar's Scoring on the Top 3 C# SAST Benchmarks |
Alexandre Gigleux |
Nov. 07, 2023 |
704 |
- |
| Visual Studio Code Security: Markdown Vulnerabilities in Third-Party Extensions (2/3) |
Paul Gerste |
Nov. 14, 2023 |
2378 |
- |
| SonarQube 10.3 Release Announcement |
Robert Curlee |
Nov. 15, 2023 |
503 |
- |
| Visual Studio Code Security: Finding New Vulnerabilities in the NPM Integration (3/3) |
Thomas Chauchefoin, Paul Gerste |
Nov. 20, 2023 |
1748 |
- |
| Top issues in Java projects |
Jonathan Vila |
Sep. 26, 2023 |
971 |
- |
| Sonar is “On the Radar”: New Omdia Report |
Katie Hyman |
Nov. 29, 2023 |
453 |
- |
| Sonar keeps your secrets from leaking … unlike that "trusted" friend from grade school |
Alexandre Gigleux |
Nov. 07, 2023 |
653 |
- |
| Unraveling the Costs of Bad Code in Software Development |
Liz Ryan |
Dec. 05, 2023 |
611 |
- |
| Stop nesting ternaries in JavaScript |
Phil Nash |
Dec. 07, 2023 |
1299 |
- |
| Spring framework pitfalls |
Jonathan Vila |
Dec. 11, 2023 |
1252 |
- |
| pfSense Security: Sensing Code Vulnerabilities with SonarCloud |
Oskar Zeino-Mahmalat |
Dec. 11, 2023 |
2177 |
- |
| Sonar @ Black Hat Europe! |
Thomas Chauchefoin |
Dec. 13, 2023 |
699 |
- |
| 2024 Security Predictions from the Sonar Research Team |
Johannes Dahse |
Dec. 14, 2023 |
621 |
- |
| 2024 DevOps Predictions from the Sonar Developer Advocate Team |
Peter McKee |
Dec. 21, 2023 |
910 |
- |
| AI-Generated Code Demands ‘Trust, But Verify’ Approach to Software Development |
Tariq Shaukat |
Apr. 11, 2024 |
1389 |
- |
| C# Logging Best Practices with .NET |
Denis Troller |
Apr. 10, 2024 |
2561 |
- |
| Apache Dubbo Consumer Risks: The Road Not Taken |
Yaniv Nizry |
Apr. 01, 2024 |
1633 |
- |
| Ensuring the right usage of Java 21 new features |
Jonathan Vila |
Apr. 01, 2024 |
1510 |
- |
| Technical debt’s impact on development speed and code quality |
Bianka Banova |
Mar. 27, 2024 |
831 |
- |
| DORA Compliance for Financial Entities: leveraging Sonar solutions to ensure code security by design |
Adam Surdy |
Mar. 22, 2024 |
933 |
- |
| Micro Services, Major Headaches: Detecting Vulnerabilities in Erxes' Microservices |
Paul Gerste |
Mar. 21, 2024 |
2210 |
- |
| __dirname is back in Node.js with ES modules |
Phil Nash |
Mar. 21, 2024 |
911 |
- |
| #CleanCodeTips: Unlock Your Coding Potential |
Peter McKee |
Mar. 12, 2024 |
830 |
- |
| Reply to calc: The Attack Chain to Compromise Mailspring |
Yaniv Nizry |
Mar. 11, 2024 |
1684 |
- |
| Are You Ready For PCI DSS 4.0? |
Robert Curlee |
Mar. 11, 2024 |
949 |
- |
| Increase readability with Java's Pattern Matching |
Jonathan Vila |
Mar. 04, 2024 |
638 |
- |
| OpenNMS Vulnerabilities: Securing Code against Attackers’ Unexpected Ways |
Stefan Schiller |
Feb. 29, 2024 |
1945 |
- |
| White House emphasizes need for proactive coding practices to counter cyber attacks |
Harry Wang |
Feb. 29, 2024 |
782 |
- |
| Sonar Reaffirms Strength of its Information Security Management Systems by Earning The Latest ISO Certification, ISO27001:2022 |
Andrea Malagodi |
Feb. 27, 2024 |
349 |
- |
| How timely delivery comes from transparent outsourced software development communication |
Liz Ryan |
Feb. 27, 2024 |
1000 |
- |
| Builders, Withers, and Records - Java’s path to immutability |
Jonathan Vila |
Feb. 21, 2024 |
927 |
- |
| Joomla: PHP Bug Introduces Multiple XSS Vulnerabilities |
Stefan Schiller |
Feb. 20, 2024 |
1259 |
- |
| Union, intersection, difference, and more are coming to JavaScript Sets |
Phil Nash |
Feb. 15, 2024 |
1280 |
- |
| Write cleaner React code with SonarQube 10.4 |
Phil Nash |
Feb. 13, 2024 |
1163 |
- |
| Introducing the new Sonar Web API V2 |
Aurélien Poscia |
Feb. 08, 2024 |
935 |
- |
| Building the foundation for a strong AI future |
Harry Wang |
Feb. 08, 2024 |
466 |
- |
| 5 Risks of Outsourcing Software Development and How to Avoid Them |
Liz Ryan |
Feb. 07, 2024 |
1281 |
- |
| SonarQube 10.4 Release Announcement |
Robert Curlee |
Feb. 06, 2024 |
665 |
- |
| Pitfalls of Desanitization: Leaking Customer Data from osTicket |
Oskar Zeino-Mahmalat |
Feb. 06, 2024 |
1991 |
- |
| Juliet C# Benchmark and the SecureString case |
Gaëtan Ferry |
Feb. 01, 2024 |
1413 |
- |
| Who are you? The Importance of Verifying Message Origins |
Stefan Schiller |
Jan. 28, 2024 |
1203 |
- |
| Excessive Expansion: Uncovering Critical Security Vulnerabilities in Jenkins |
Yaniv Nizry |
Jan. 24, 2024 |
1464 |
- |
| Sonar is helping make C# code clean as Microsoft ASP.NET Core Blazor application development grows |
Denis Troller |
Jan. 23, 2024 |
963 |
- |
| Lessons learned upgrading to React 18 in SonarQube |
Phil Nash |
Jan. 17, 2024 |
1212 |
- |
| Vulnerability Research Highlights 2023 |
Stefan Schiller |
Jan. 03, 2024 |
1572 |
- |
| Sonar's Scoring on the Top 3 Python SAST Benchmarks |
Alexandre Gigleux |
Dec. 28, 2023 |
442 |
- |