Articles about Company

My Support Engineer Journey at SonarSource

What does a support engineer do?
By joe tingsanchali | March 23, 2021
False positives are our enemies, but may still be your friends

When writing a rule for static analysis, it’s possible that in some cases, the rule does not give the results that were expected. Unfortunately, naming a false positive is often far easier than fixing it. In this post, I’ll discuss how the different types of rules give rise to different types of false positives, which ones are easier to fix than others, and how you can help. I’ll end with insight into how issues that are false positives can still be true indicators that the code needs to change.
By loic joly | September 15, 2020
About the recent code leaks from SonarQube instances

On July 27th 2020 we learned through media coverage that Till Kottmann was able to access non open-source source code from various companies. This is our public response to the incident.
By olivier gaudin | July 31, 2020
From Community post to a new feature: a brief history of Mono-repository support in SonarCloud

It all started a few months ago, with a message on our Community forum. One of our users wrote a post in the “Suggest new features” section of the forum... Let's have a closer look at this story of how a community post resulted in a product feature. Let's also see how, as a user, you can contribute to SonarCloud.
By thomas olivier | July 30, 2020
Shift left for higher quality pull requests with Code Insights for Bitbucket Cloud

Atlassian officially released its new feature Code Insights for Bitbucket Cloud. With SonarCloud, discover what it brings for Code Quality and Security.
By thomas olivier | June 03, 2020
SonarSource acquires RIPS Technologies

Teams will be joining forces in building best-in-class Static Application Security Testing (SAST) products that help development teams and organizations deliver more secure software.
By olivier gaudin | May 13, 2020
My Consulting Journey at SonarSource

Join me as I share my 1st-year experience as an Enterprise Technical Consultant for SonarSource. You'll learn about my role, my team and how we fit into the big picture of a product-first company devoted to helping the development community.
By jeff zapotoczny | March 19, 2020
MISRA C++ 2008 support is on its way

By alexandre gigleux | May 27, 2019
The NeverEnding Story of writing a rule for argument passing in C++

Here is a story of a rule, from concept to production. While the selected rule is for C++, this story contains interesting insight on the craft of rule development, no matter the target language.
By loic joly | May 15, 2019
Announcing the SonarCloud Pipe for Bitbucket Cloud users!

SonarSource is proud to be a launch partner of the Atlassian Bitbucket Pipes. Thanks to the SonarCloud Scan Pipe, you can configure code analysis in your Bitbucket Pipeline in no time.
By nicolas bontoux | February 28, 2019
Fully Automated Promotion Pipelines with SonarQube and Artifactory

Catch builds constructed from poor quality code before they make it to production. Discover how to integrate Artifactory and SonarQube.
By fabrice bellingard | September 25, 2018
My Journey Interviewing with SonarSource...

What's it like to interview with SonarSource? Read on and find out!
By clint cameron | August 21, 2018
Eating The Dog Food... In Public

At SonarSource, we've always eaten our own dog food, but that hasn't always been visible outside the company. I talked about how dogfooding works at SonarSource a couple years ago. Today, the process is much the same, but the visibility is quite different. When I wrote about this in 2015, we used a private SonarQube server named "Dory" for dogfooding. Every project in the company was analyzed there, and it was Dory's standards we were held to. Today, that's still the case, but the server's no longer private, and it's no longer named "Dory".
By g. ann-campbell | February 16, 2017

Sign up today & never miss an update from SonarSource

We have received your subscription request. Please click on the confirmation link that was sent to your email. If you don’t see an email, check your spam/junk folder. Thank you!

We respect your privacy.

In-IDE

IDE extension that lets you fix coding issues before they exist!

Discover SonarLint

In-Cloud

Setup is effortless and analysis is automatic for most languages

Discover SonarCloud

On-premise

Fast, accurate Code Quality and Code Security analysis for most languages

Discover SonarQube

SonarSource blog delivered directly to your inbox!

We respect your privacy.

We have received your subscription request. Please click on the confirmation link that was sent to your email. If you don’t see an email, check your spam/junk folder. Thank you!

© 2008-2021, SonarSource S.A., Switzerland. All content is copyright protected. SONARSOURCE, SONARLINT, SONARQUBE and SONARCLOUD are trademarks of SonarSource SA.
All other trademarks and copyrights are the property of their respective owners. All rights are expressly reserved.
Privacy Policy Terms and Conditions