189 blog posts published by month since the start of 2023. Start from a different year:

Posts year-to-date
3 (19 posts by this month last year.)
Average posts per month since 2023
5.3

Post details (2023 to today)

Title Author Date Word count HN points
Cacti: Unauthenticated Remote Code Execution Stefan Schiller Jan 03, 2023 1450 -
Common TypeScript Issues Nº 5: Optional property declarations Phil Nash Jan 30, 2023 661 -
Lesser spotted React mistakes: What are we even rendering? Gabriel Vivas Jan 05, 2023 1547 -
Level up your team's skills as they code Liz Ryan Jan 10, 2023 621 -
OpenEMR - Remote Code Execution in your Healthcare System Dennis Brinkrolf Jan 25, 2023 1695 -
Vulnerability Research Highlights 2022 Johannes Dahse Jan 11, 2023 1709 -
Increase developer velocity today with Clean as You Code Liz Ryan Feb 16, 2023 845 -
We are Sonar! Marisa Davis Feb 14, 2023 736 -
Common TypeScript Issues Nº 4: Don't create and drop objects immediately Phil Nash Feb 07, 2023 674 -
Common TypeScript Issues Nº 3: unused local variables and functions Phil Nash Feb 20, 2023 896 -
Clean Code: The Best Approach to Writing Secure Cloud Native Apps Clint Cameron Feb 21, 2023 310 -
Empowering weak primitives: file truncation to code execution with Git Thomas Chauchefoin Feb 27, 2023 1042 -
Common TypeScript Issues Nº 2: non-empty statements Phil Nash Mar 01, 2023 926 -
SonarQube LTS Upgrade Checklist Brian Cipollone Mar 06, 2023 912 -
Celebrating International Women's Day with the women of Sonar Liz Ryan Mar 08, 2023 2577 -
Common TypeScript Issues Nº 1: assignments within sub-expressions Phil Nash Mar 08, 2023 895 -
9 more reasons to upgrade to SonarQube 9.9 LTS Colin Mueller Mar 13, 2023 1021 -
Cloud native features in SonarQube 9.9 LTS Clint Cameron Mar 16, 2023 488 -
The top 5 common TypeScript issues found by SonarLint Phil Nash Mar 20, 2023 615 -
Your Guide to Clean Code in Cloud Native Apps Clint Cameron Mar 23, 2023 306 -
Sonar is the Clean Code solution for your DevOps workflow Liz Ryan Mar 28, 2023 1055 -
It’s a (SNMP) Trap: Gaining Code Execution on LibreNMS Stefan Schiller Mar 29, 2023 1704 -
Announcing SonarQube 10.0 Kirti Joshi Apr 04, 2023 257 -
How bad code destroys developer velocity Liz Ryan Apr 05, 2023 176 -
Another 9 reasons to upgrade to SonarQube 9.9 LTS Colin Mueller Apr 05, 2023 1074 -
Pretalx Vulnerabilities: How to get accepted at every conference Stefan Schiller Apr 12, 2023 1786 -
Sonar ❤️ Compiler Explorer: Write clean C++ code inside your browser Fred Tingaud Apr 16, 2023 1312 -
Interview with Sonar Python Developers Part 1 Andrew Osborne Apr 17, 2023 1439 -
Odoo: Get your Content Type right, or else! Dennis Brinkrolf, Thomas Chauchefoin Apr 24, 2023 1849 -
Interview with Sonar Python Developers Part 2 Andrew Osborne Apr 25, 2023 1044 -
Reflections from DevNexus, the largest Java conference in the U.S.A. Jonathan Vila Lopez Apr 30, 2023 670 -
Weird Python: 5 Unexpected Behaviors in the Python Interpreter Quazi Nafiul Islam May 01, 2023 988 -
Why SonarQube 9.9 LTS is a must-have for Python developers Colin Mueller May 04, 2023 1546 -
CNCF Silver membership Jonathan Vila May 04, 2023 183 -
ES2023 introduces new array copying methods to JavaScript Phil Nash May 10, 2023 1332 1
Is Clean Code the solution to Jupyter notebook code quality? Andrew Osborne May 10, 2023 1481 -
SonarCloud or SonarQube? - Guidance on Choosing One for Your Team Clint Cameron May 15, 2023 1233 -
Pimcore: One click, two security vulnerabilities Yaniv Nizry May 15, 2023 1577 -
SonarLint supports Go analysis! Andrew Osborne May 17, 2023 570 -
Sonar and HashiCorp Partner to Deliver Clean Terraform Code & Good Vibes Clint Cameron May 23, 2023 580 -
Reflections from OffensiveCon 2023 Thomas Chauchefoin May 24, 2023 1012 -
Hands on with the Node.js test runner Phil Nash May 30, 2023 2099 1
Why SonarQube 9.9 LTS is a must-have for Java developers Colin Mueller Jun 01, 2023 2003 -
What Mr. Miyagi can teach you about writing Clean Code Liz Ryan Jun 06, 2023 862 -
Sonar at JSNation 2023 in Amsterdam Gabriel Vivas Jun 08, 2023 676 -
Smarter Together: Fostering a culture of collaboration and growth at Sonar Marisa Davis Jun 14, 2023 851 -
SonarQube 10.1 release announcement Kirti Joshi Jun 21, 2023 208 -
Why SonarQube 9.9 LTS is a must-have for JavaScript and TypeScript Developers Colin Mueller Jun 22, 2023 1357 -
Why ORMs and Prepared Statements Can't (Always) Win Thomas Chauchefoin Jun 26, 2023 2037 -
TyphoonCon 2023 Wrap Up Thomas Chauchefoin Jun 29, 2023 586 -
TROOPERS 2023 Conference Takeaways Stefan Schiller Jul 05, 2023 886 -
Why SonarQube 9.9 LTS is a must-have for PHP Developers Colin Mueller Jul 13, 2023 978 -
How Sonar Developer Advocates got started in their careers Liz Ryan Jul 18, 2023 1837 -
New Research from Sonar on Cost of Technical Debt Manish Gupta Jul 19, 2023 592 -
A Twist in the Code: OpenMeetings Vulnerabilities through Unexpected Application State Stefan Schiller Jul 19, 2023 1697 -
Working with Multiple Code Variants in C++ Phil Nash Aug 03, 2023 1194 -
WeAreDevelopers 2023 - what did you miss? Andrew Osborne Aug 10, 2023 620 -
No, C++ static analysis does not have to be painful Geoffray Adde Aug 13, 2023 1452 -
Patches, Collisions, and Root Shells: A Pwn2Own Adventure Paul Gerste, Thomas Chauchefoin, Stefan Schiller Aug 14, 2023 1793 -
What is deeper SAST in JavaScript? Phil Nash Aug 17, 2023 1059 -
BlackHat 2023: Hackers, Casinos, and an Exciting Announcement Kirti Joshi | Thomas Chauchefoin Aug 18, 2023 834 -
Playing Dominos with Moodle's Security (1/2) Yaniv Nizry Aug 21, 2023 1114 -
Enhancing SAST Detection: Leveraging Benchmarks for Measuring Progress Alexandre Gigleux Aug 20, 2023 793 -
Playing Dominos with Moodle's Security (2/2) Yaniv Nizry Aug 28, 2023 1522 -
Code Vulnerabilities Put Proton Mails at Risk Paul Gerste Sep 04, 2023 3509 4
Introducing SonarQube 10.2: Setting New Standards in Code Quality and Security Bianka Banova Sep 06, 2023 1210 -
Get the benefits of TypeScript in your JavaScript Phil Nash Sep 07, 2023 1552 -
Security Guy TV Interview - Going Deeper with SAST and Clean Code Katie Hyman Sep 08, 2023 2129 -
Code Vulnerabilities Put Skiff Emails at Risk Paul Gerste Sep 12, 2023 1934 -
Typing your JavaScript without writing TypeScript Phil Nash Sep 13, 2023 617 -
Enhancing Software Development Practices through SonarQube: A Path to Continuous Learning Hannah Zimmerman Sep 14, 2023 566 -
The new JDK LTS is out! Long live JDK 21! Jonathan Vila Sep 19, 2023 953 -
Remote Code Execution in Tutanota Desktop due to Code Flaw Paul Gerste Sep 20, 2023 2741 2
5 Clean Code Tips for Reducing Cognitive Complexity John Clifton Sep 22, 2023 532 -
Open Source Summit 2023 Jonathan Vila Sep 26, 2023 473 -
Source Code at Risk: Critical Code Vulnerability in CI/CD Platform TeamCity Stefan Schiller Sep 26, 2023 1536 1
Sonar's Scoring on the Top 3 Java SAST Benchmarks Alexandre Gigleux Sep 26, 2023 824 -
Unzipping Dangers: OpenRefine Zip Slip Vulnerability Stefan Schiller Sep 27, 2023 1276 -
A comprehensive guide to the dangers of Regular Expressions in JavaScript Phil Nash Sep 28, 2023 2901 3
Why I’m passionate about Static Analysis and how I helped make it better Abbas Sabra Oct 02, 2023 2212 -
ISMG Interview - Securing Applications, Accelerating DevOps with Clean Code Katie Hyman Oct 05, 2023 1975 -
Interview with Sonar Java Enthusiasts Tony Graham Oct 09, 2023 1948 -
Java SAST Benchmarks: why you shouldn't trust them blindly Pierre-Loup Tristant Oct 11, 2023 1111 -
Security Vulnerabilities in CasaOS Thomas Chauchefoin Oct 17, 2023 2087 -
What is Clean Code? Gabriel Vivas Oct 18, 2023 1552 -
Highlights from Hexacon 2023 Stefan Schiller Oct 18, 2023 817 -
Shifting Right for Secure Platforms and DevOps Ben Dechrai Oct 25, 2023 1430 -
9 Steps to get the most out of your SonarCloud Trial Zoe Bell Nov 07, 2023 1684 -
Linux Foundation Chat: Open Source & Clean Code Katie Hyman Nov 07, 2023 300 -
Visual Studio Code Security: Deep Dive into Your Favorite Editor (1/3) Thomas Chauchefoin, Paul Gerste Nov 07, 2023 3389 -
Sonar's Scoring on the Top 3 C# SAST Benchmarks Alexandre Gigleux Nov 07, 2023 704 -
Visual Studio Code Security: Markdown Vulnerabilities in Third-Party Extensions (2/3) Paul Gerste Nov 14, 2023 2378 -
SonarQube 10.3 Release Announcement Robert Curlee Nov 15, 2023 503 -
Visual Studio Code Security: Finding New Vulnerabilities in the NPM Integration (3/3) Thomas Chauchefoin, Paul Gerste Nov 20, 2023 1748 -
Top issues in Java projects Jonathan Vila Sep 26, 2023 971 -
Sonar is “On the Radar”: New Omdia Report Katie Hyman Nov 29, 2023 453 -
Sonar keeps your secrets from leaking … unlike that "trusted" friend from grade school Alexandre Gigleux Nov 07, 2023 653 -
Unraveling the Costs of Bad Code in Software Development Liz Ryan Dec 05, 2023 611 -
Stop nesting ternaries in JavaScript Phil Nash Dec 07, 2023 1299 2
Spring framework pitfalls Jonathan Vila Dec 11, 2023 1252 -
pfSense Security: Sensing Code Vulnerabilities with SonarCloud Oskar Zeino-Mahmalat Dec 11, 2023 2177 3
Sonar @ Black Hat Europe! Thomas Chauchefoin Dec 13, 2023 699 -
2024 Security Predictions from the Sonar Research Team Johannes Dahse Dec 14, 2023 621 -
2024 DevOps Predictions from the Sonar Developer Advocate Team Peter McKee Dec 21, 2023 910 -
AI-Generated Code Demands ‘Trust, But Verify’ Approach to Software Development Tariq Shaukat Apr 11, 2024 1389 -
C# Logging Best Practices with .NET Denis Troller Apr 10, 2024 2561 -
Apache Dubbo Consumer Risks: The Road Not Taken Yaniv Nizry Apr 01, 2024 1633 -
Ensuring the right usage of Java 21 new features Jonathan Vila Apr 01, 2024 1510 -
Technical debt’s impact on development speed and code quality Bianka Banova Mar 27, 2024 831 -
DORA Compliance for Financial Entities: leveraging Sonar solutions to ensure code security by design Adam Surdy Mar 22, 2024 933 -
Micro Services, Major Headaches: Detecting Vulnerabilities in Erxes' Microservices Paul Gerste Mar 21, 2024 2210 -
__dirname is back in Node.js with ES modules Phil Nash Mar 21, 2024 911 3
#CleanCodeTips: Unlock Your Coding Potential Peter McKee Mar 12, 2024 830 -
Reply to calc: The Attack Chain to Compromise Mailspring Yaniv Nizry Mar 11, 2024 1684 -
Are You Ready For PCI DSS 4.0? Robert Curlee Mar 11, 2024 949 -
Increase readability with Java's Pattern Matching Jonathan Vila Mar 04, 2024 638 1
OpenNMS Vulnerabilities: Securing Code against Attackers’ Unexpected Ways Stefan Schiller Feb 29, 2024 1945 -
White House emphasizes need for proactive coding practices to counter cyber attacks Harry Wang Feb 29, 2024 782 -
Sonar Reaffirms Strength of its Information Security Management Systems by Earning The Latest ISO Certification, ISO27001:2022 Andrea Malagodi Feb 27, 2024 349 -
How timely delivery comes from transparent outsourced software development communication Liz Ryan Feb 27, 2024 1000 -
Builders, Withers, and Records - Java’s path to immutability Jonathan Vila Feb 21, 2024 927 -
Joomla: PHP Bug Introduces Multiple XSS Vulnerabilities Stefan Schiller Feb 20, 2024 1259 -
Union, intersection, difference, and more are coming to JavaScript Sets Phil Nash Feb 15, 2024 1280 115
Write cleaner React code with SonarQube 10.4 Phil Nash Feb 13, 2024 1163 -
Introducing the new Sonar Web API V2 Aurélien Poscia Feb 08, 2024 935 -
Building the foundation for a strong AI future Harry Wang Feb 08, 2024 466 -
5 Risks of Outsourcing Software Development and How to Avoid Them Liz Ryan Feb 07, 2024 1281 -
SonarQube 10.4 Release Announcement Robert Curlee Feb 06, 2024 665 -
Pitfalls of Desanitization: Leaking Customer Data from osTicket Oskar Zeino-Mahmalat Feb 06, 2024 1991 -
Juliet C# Benchmark and the SecureString case Gaëtan Ferry Feb 01, 2024 1413 -
Who are you? The Importance of Verifying Message Origins Stefan Schiller Jan 28, 2024 1203 -
Excessive Expansion: Uncovering Critical Security Vulnerabilities in Jenkins Yaniv Nizry Jan 24, 2024 1464 1
Sonar is helping make C# code clean as Microsoft ASP.NET Core Blazor application development grows Denis Troller Jan 23, 2024 963 -
Lessons learned upgrading to React 18 in SonarQube Phil Nash Jan 17, 2024 1212 -
Vulnerability Research Highlights 2023 Stefan Schiller Jan 03, 2024 1572 -
Sonar's Scoring on the Top 3 Python SAST Benchmarks Alexandre Gigleux Dec 28, 2023 442 -
Green Coding with Clean Code - A Recap of ecoCode Challenge Paris 2024 Fabrice Bellingard Jun 20, 2024 542 -
Re-moo-te Code Execution in Mailcow: Always Sanitize Error Messages Paul Gerste Jun 17, 2024 1978 -
Integrating SonarCloud with Amazon CodeCatalyst for Code Analysis Manish Kapur Jun 10, 2024 668 -
An Open Letter to Sonar[Qube] Users Lynne Doherty Jun 06, 2024 558 -
mXSS: The Vulnerability Hiding in Your Code Yaniv Nizry May 27, 2024 2965 1
Sonar Named Leader in G2 Spring Report Zoe Bell May 20, 2024 331 -
Find Deeply Hidden Security Vulnerabilities with Deeper SAST by Sonar Johannes Dahse May 15, 2024 1054 -
Parallel Code Security: The Challenge of Concurrency Stefan Schiller May 14, 2024 2946 -
Code Interoperability: The Hazards of Technological Variety Stefan Schiller May 07, 2024 3428 -
Leveraging SonarQube, SonarCloud, and SonarLint for Effective Shift Left Practices Manish Kapur May 01, 2024 1240 -
Driving DevOps Transformation: Leveling Up CI/CD with Static Code Analysis Tony Graham Apr 30, 2024 876 -
Legacy Codebases are a DevOps Issue Ben Dechrai Apr 18, 2024 1346 -
SonarQube 10.5 Release Announcement Robert Curlee Apr 16, 2024 415 -
Dangerous Import: SourceForge Patches Critical Code Vulnerability Stefan Schiller Apr 16, 2024 1192 -
Sonar Named a Leader in G2 Grid Report for Sixteenth Consecutive Quarter Zoe Bell Jul 23, 2024 420 -
Uncovering hidden security vulnerabilities with deeper SAST Johannes Dahse Aug 08, 2023 1507 -
AutoConfig: C++ Code Analysis Redefined Abbas Sabra Jul 17, 2024 1143 -
SonarQube 10.6 Release Announcement Robert Curlee Jun 25, 2024 601 -
Announcing SonarQube 9.9 LTS! Kirti Joshi Feb 07, 2023 744 -
What Code Issues Caused the CrowdStrike Outage? Sonar Jul 25, 2024 1229 -
Securing Developer Tools: Unpatched Code Vulnerabilities in Gogs (2/2) Thomas Chauchefoin, Paul Gerste Jul 09, 2024 2344 -
Government Emails at Risk: Critical Cross-Site Scripting Vulnerability in Roundcube Webmail Oskar Zeino-Mahmalat Aug 05, 2024 580 -
Using and Understanding SonarQube for Code Coverage Manish Kapur Jul 08, 2024 1093 -
[ON DEMAND] Watch Sonar Founder Olivier Gaudin Break Down the Need for and Impact of Clean Code at QCon London 2024 Arden Gonzales Aug 15, 2024 743 -
Encoding Differentials: Why Charset Matters Stefan Schiller Jul 15, 2024 2136 3
Now Introducing, SonarCloud Enterprise and SonarCloud Team Andrew Osborne Jul 31, 2024 692 -
The True Cost of Bad Code in Software Development Liz Ryan Jun 27, 2024 678 -
Deliver high-quality ASP.NET Core web apps with Sonar. Denis Troller Jul 24, 2024 1121 -
Front-End Frameworks: When Bypassing Built-in Sanitization Might Backfire Stefan Schiller Aug 13, 2024 1357 -
How Sonar Helps Meeting NIST SSDF Code Security Requirements Robert Curlee Aug 07, 2024 679 -
Securing Developer Tools: Unpatched Code Vulnerabilities in Gogs (1/2) Thomas Chauchefoin, Paul Gerste Jul 02, 2024 2279 2
How to Choose an LLM in Software Development Manish Kapur Aug 27, 2024 1687 -
Basic HTTP Authentication Risk: Uncovering pyspider Vulnerabilities Yaniv Nizry Sep 02, 2024 1268 -
How can Sonar help with ISO 27001 compliance? Mark Clements Sep 03, 2024 684 -
Top security flaws hiding in your code - and how to fix them Jonathan Vila Sep 09, 2024 1311 -
Instant Code Fixes at Your Fingertips: Announcing Sonar AI CodeFix Manish Kapur Oct 03, 2024 751 -
Building Confidence and Trust in AI-Generated Code Manish Kapur Oct 03, 2024 930 -
SonarQube 10.7 Release Announcement Robert Curlee Oct 04, 2024 759 -
Announcing Sonar's Support for Dart: Elevate Your Code Quality Andrew Osborne Oct 07, 2024 710 -
Why Code Security Matters - Even in Hardened Environments Stefan Schiller Oct 08, 2024 2681 1
The Power of Taint Analysis: Uncovering Critical Code Vulnerability in OpenAPI Generator Stefan Schiller Oct 22, 2024 1401 -
Sanitize Client-Side: Why Server-Side HTML Sanitization is Doomed to Fail Yaniv Nizry Nov 05, 2024 1835 2
Our commitment to you – and an update on severity ratings for software quality Tom Howlett Nov 13, 2024 708 -
How to Trust AI Contributions to Your Codebase Anirban Chatterjee Nov 14, 2024 1319 -
A better (free) SonarQube experience Fabrice Bellingard Nov 19, 2024 717 -
The new SonarQube free tier is here - get started today! Andrew Osborne Dec 05, 2024 850 -
SonarQube Server 10.8 Release Announcement Robert Curlee Dec 04, 2024 641 -
Software and AI in 2025 — Sonar Perspectives on What’s to Come in the New Year Katie Hyman Dec 11, 2024 1021 -
Never Underestimate CSRF: Why Origin Reflection is a Bad Idea Paul Gerste Dec 10, 2024 1782 -
Announcing Sonar's Support for Dart: Elevate Your Code Quality Andrew Osborne Oct 07, 2024 826 -
Vulnerability Research Highlights 2024 Paul Gerste Jan 09, 2025 1353 -
SonarQube for IDE: Our journey this year, and sneak peek into 2025 Farah Bouassida Jan 10, 2025 871 -
SonarQube Server 2025.1 LTA Release Announcement Robert Curlee Jan 23, 2025 902 -