SonarQube Server 2025.4: Faster analysis, stronger security, better coverage

SonarQube's latest release introduces significant enhancements across development, security, and compliance domains, offering faster and more accurate code analysis and security measures. Development teams benefit from a 33% speed increase in C/C++ analysis due to function-based symbolic execution caching and added support for Java 23/24 and Dart 3.8. The release features advanced JavaScript/TypeScript taint analysis and improved secrets detection, with over 400 patterns for identifying vulnerabilities. Security teams gain comprehensive SAST with taint analysis for Go and VB.NET, continuous dependency vulnerability scanning, and machine-readable reports. Compliance teams can now access expanded MISRA C++:2023 rules directly in IDEs and generate detailed regulatory reports, streamlining the development process and ensuring adherence to industry standards. The release also includes guidance for upgrading to the latest version, complete with resources to assist with the transition.