サクサク読めて、アプリ限定の機能も多数!
トップへ戻る
ノーベル賞
www.sonarsource.com
Do you notice something in the following HTTP response? HTTP/1.1 200 OK Server: Some Server Content-Type: text/html Content-Length: 1337 <!DOCTYPE html> <html> <head><title>Some Page</title></head> <body> ... Based on this small portion of the HTTP response, you can assume that this web application is likely prone to an XSS vulnerability. How is this possible? Did you notice something? If you have
Blog post A comprehensive guide to the dangers of Regular Expressions in JavaScript I first heard about regular expression denial of service (ReDoS) vulnerabilities from GitHub's Dependabot. Several of my projects over the years have had dependencies that suffered from ReDoS vulnerabilities, and I would bet that if you've built any JavaScript project with dependencies, you've also come across this
Key Information In June 2022, the Sonar Research team discovered critical code vulnerabilities in multiple encrypted email solutions, including Proton Mail, Skiff, and Tutanota. These privacy-oriented webmail services provide end-to-end encryption, making communications safe in transit and at rest. Our findings affect their web clients, where the messages are decrypted, mobile clients were not aff
NEW! Jira Cloud Integration (beta). Create Jira tickets without ever leaving SonarQube
Make smarter AI adoption decisions with Sonar's latest report in The State of Code series. Explore the habits, blind spots, and archetypes of the top five LLMs to uncover the critical risks each brings to your codebase. Blog postAnnouncing SonarQube MCP Server: Bringing code quality into your AI workflowAI is transforming software development and turbocharging many aspects of a developer's daily w
Advanced linter for better code quality and stronger security Start left and discover issues early. SonarQube for IDE takes linting to another level empowering you to find & fix code issues in real time.
Sonar offers a single cohesive solution with a consistent set of metrics and hundreds of static analysis rules to detect your coding issues early. Plus fast and high-precision analysis means high value, low noise, and reliable results always. A single solution for dozens of popular languages, development frameworks and IaC platforms
Structure101 has been acquired by code quality and security leader Sonar Acquisition to support the identification of structural issues in the code development process to further reduce code complexity and increase the speed of development. Learn more about the acquisitionSonar, the leading Clean Code solution provider, acquired Structure101, a pioneer in code structure analysis.
Sonar helps development teams fuel AI-enabled development and build trust into every line of code.
SonarQube Server automates code quality and security reviews and provides actionable code intelligence so developers can focus on building better, faster. Deployed by you where you work: on-prem or in the cloud.
このページを最初にブックマークしてみませんか?
『Better Code & Better Software | Ultimate Security and Quality』の新着エントリーを見る
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く
