SonarSource Blog
  • Code Quality
  • Code Security
  • Integration
  • Company
  • Products

    In-IDE

    Code Quality and Code Security in your IDE with SonarLint

    IDE extension that lets you fix coding issues before they exist!

    Discover SonarLint

    In-Cloud

    Code Quality and Code Security in the cloud with SonarCloud

    Setup is effortless and analysis is automatic for most languages

    Discover SonarCloud

    On-premise

    Code Quality and Code Security on-premise with SonarQube

    Fast, accurate Code Quality and Code Security analysis for most languages

    Discover SonarQube

Articles about Code Quality

  1. Clean Your Infrastructure Code with Sonar



    The norm for setting up your cloud-native app infrastructure is quickly becoming Infrastructure as Code (IaC). In this blog, we’ll cover how Sonar is the solution for safeguarding your IaC invoked infrastructure.

    By clint cameron | March 22, 2022
  2. Modernize Code Quality with ‘Quick Fixes’



    Boost your productivity by automatically applying fixes to repair code quality issues in your IDE with SonarLint.

    By kirti joshi | September 23, 2021
  3. Clean As You Code Essentials

    Clean As You Code essentials - What are Quality Profiles and Quality Gates?



    Learn how the functionality of Quality Profiles and Quality Gates come together to enable the SonarSource Clean As You Code methodology.

    By clint cameron | July 21, 2021
  4. A developer climbs a ladder to add yet another `a|b` box to an already teetering stack

    Crafting regexes to avoid stack overflows



    Due to the way regular expression matching is implemented in Java (and many other languages/libraries), matching a pattern may - depending on the regex - require stack space proportional to the length of the input. This means large inputs could cause the program to crash with a `StackOverflowException` when you try to use the regex. So today I'll show you how to make sure that the regular expression won’t crash your program. 

    By sebastian hungerecker | February 23, 2021
  5. A developer tosses his laptop away in confusion over properly setting regex boundaries

    Setting the right (regex) boundaries is important



    Regular expressions pack a lot of power into terse little packages and unfortunately that introduces a lot of room for error. This post talks about regex boundaries, another feature that can lead to bugs when used incorrectly, and a rule of ours that can help you avoid such issues. it also covers about complexity and maintainability in regular expressions and our rule to help you find regular expressions that are too complex.

    By sebastian hungerecker | February 16, 2021
  6. Writing accurate and readable regexes requires a delicate balance.

    Regular expressions present challenges even for not-so-regular developers



    Regular expressions are a concise and powerful tool for processing text. However, they also come with a steep learning curve and plenty of opportunities to make mistakes. This is the first in a series of posts about some specific regex pitfalls. In this series you'll see examples of issues in real code caused by these pitfalls, and strategies (and rules!) for writing better, more readable and maintainable regular expressions. The series starts in this post with pitfalls related to a very common feature of regular expressions: character classes.

    By sebastian hungerecker | February 09, 2021
  7. How SonarCloud finds bugs in high-quality Python projects



    By nicolas harraudeau | November 03, 2020
  8. Build World-Class Apps with SonarQube Enterprise Edition



    Don’t sacrifice code quality and security just because what you’re building is big & bold. SonarQube Enterprise Edition gives you the tools to deliver clean, safe apps.

    By clint cameron | September 09, 2020
  9. Unit tests are the safety net, but what happens when the net is broken?

    What's worse than coding without tests? Coding with bad tests



    By g. ann-campbell | August 10, 2020
  10. Take Control of Code Quality with SonarQube Pull Request Decoration in Your Workflow



    How do you write super clean code without disrupting your workflow? Join me as I show you how SonarQube Pull Request Decoration gets you there!

    By clint cameron | July 27, 2020
  11. Clean as You Code: How to win at Code Quality without even trying



    The first time you analyze a legacy project the results are usually truly overwhelming. The usual emotional response is fear, sadness... even despair. And then the questions come: "Where do I start? How do I pick? What should I fix first..." People jump to problem solving so quickly that it can be difficult to get across that none of that is really necessary.  Instead, learn how to Clean as You Code to make sure that the code you release into production tomorrow is at least as good as - and probably better than! - the code that's in production today.

    By g. ann-campbell | January 20, 2020
Sign up today never miss an update from SonarSource
Sign up today & never miss an update from SonarSource

We have received your subscription request. Please click on the confirmation link that was sent to your email. If you don’t see an email, check your spam/junk folder. Thank you!

We respect your privacy.

In-IDE

Code Quality and Code Security in your IDE with SonarLint

IDE extension that lets you fix coding issues before they exist!

Discover SonarLint

In-Cloud

Code Quality and Code Security in the cloud with SonarCloud

Setup is effortless and analysis is automatic for most languages

Discover SonarCloud

On-premise

Code Quality and Code Security on-premise with SonarQube

Fast, accurate Code Quality and Code Security analysis for most languages

Discover SonarQube

SonarSource blog delivered directly to your inbox!

We respect your privacy.

We have received your subscription request. Please click on the confirmation link that was sent to your email. If you don’t see an email, check your spam/junk folder. Thank you!

  • SonarSource
© 2008-2022, SonarSource S.A., Switzerland. All content is copyright protected. SONAR, SONARSOURCE, SONARLINT, SONARQUBE, and SONARCLOUD are trademarks of SonarSource SA.
All other trademarks and copyrights are the property of their respective owners. All rights are expressly reserved.
Privacy PolicyTerms and Conditions