- Видео 149
- Просмотров 5 036 643
Sonar
Швейцария
Добавлен 28 окт 2016
Sonar’s industry leading solution enables developers and development teams to write clean code and remediate existing code organically, so they can focus on the work they love and maximize the value they generate for businesses. Its open source and commercial solutions - SonarLint, SonarCloud, and SonarQube - support 30 programming languages. Trusted by more than 400,000 organizations and 7 million developers globally, Sonar is considered integral to delivering better software.
For more information about Sonar and our products, visit www.sonarsource.com/
For more information about Sonar and our products, visit www.sonarsource.com/
Basic HTTP Authentication Risk: Uncovering pyspider Vulnerabilities
pyspider uses the convenient "basic HTTP authentication" method, but browsers don't take the extra step to protect users from CSRF attacks. Learn more about how SonarCloud detected 2 vulnerabilities in this open-source project.
Read all the technical details on our blog: bit.ly/3TbqeRy
#appsec #security #vulnerability #SonarCloud
Read all the technical details on our blog: bit.ly/3TbqeRy
#appsec #security #vulnerability #SonarCloud
Просмотров: 60
Видео
From Community to Commercial: Why Upgrade to SonarQube Enterprise Edition
Просмотров 45114 дней назад
Join Colin Mueller, Community Manager at Sonar to discover how SonarQube users can maximize their investment in Clean Code by upgrading to Enterprise Edition. In this on-demand webinar, we discuss: 🔹 Pull Request and Branch Analysis 🔹 Clean as you Code using Quality Gates 🔹 Reporting Capabilities 🔹 Added language support 🔹 Advantages of Connected Mode with SonarLint 🔹 Advanced bug and vulnerabi...
Clean as You Code: A Proactive Approach to Technical Debt
Просмотров 25914 дней назад
Clean as You Code is the definitive minimum process every project needs to meaningfully curtail technical debt. Join Vivek Reghunath, Product Manager at Sonar, to hear about why a sustainable and simple process is necessary for a successful clean code engineering strategy. Discover the Power of Clean Code: www.sonarsource.com/
AutoConfig: C++ Code Analysis Redefined with SonarQube | #CleanCodeTips
Просмотров 9928 дней назад
Welcome to the future of code analysis with SonarQube 10.6’s AutoConfig, where high-quality, Clean Code is not just an idea. It’s an instant reality for every C and C project. AutoConfig is designed to make code analysis free of complications, bringing Clean Code to the fingertips of every C and C developer! 🌐The project used in this video: github.com/SonarSource-Demos/demo-cpp 🌐More sample C a...
Enhancing the Security and Quality of Copilot-Generated Code using Sonar | #CleanCodeTips
Просмотров 8928 дней назад
When using GitHub Copilot, GitHub emphasizes that users are "responsible for ensuring the security and quality of (their) code. Sonar solutions can help scan the AI-generated code and make sure it is of high quality and secure. In this demo, we dive into how Sonar's Clean Code solutions (SonarLint, SonarQube, and SonarCloud) empower developers to write consistent, intentional, adaptable, and re...
Driving DevOps Transformation: Leveling Up CI/CD with Static Code Analysis
Просмотров 30228 дней назад
Unit and end-to-end testing are effective in ensuring features and functionality work properly, but what about code quality? How can we ensure that our code is reliable, maintainable, and secure? Enter static code analysis. In this webinar, Join Peter McKee, Head of DevRel at Sonar, to discuss why testing isn't enough and how static code analysis can assist organizations deliver reliable value ...
SonarCloud Enterprise Plan: Key Features
Просмотров 232Месяц назад
The SonarCloud Enterprise Plan delivers a range of advanced features offering mission-critical flexibility, scalability, and performance: Enterprise authentication with SSO Enterprise hierarchy Portfolio creation Management reporting Organizational-wide configuration Enable your team to deliver Clean Code consistently and efficiently with a code review tool that easily integrates into cloud Dev...
What is SonarCloud?
Просмотров 1,7 тыс.2 месяца назад
clean code in your cloud workflow with {SonarCloud} Enable your team to deliver clean code consistently and efficiently with a code review tool that easily integrates into the cloud DevOps platforms and extend your CI/CD workflow. Watch this 60 second video to learn more about SonarCloud today! Learn more: www.sonarsource.com/products/sonarcloud/
SonarQube Enterprise for Federal Agencies
Просмотров 1182 месяца назад
Mission-critical software development starts with Clean Code! Federal agencies - like the DoD, FBI, and NASA - trust SonarQube Enterprise Edition for mission-critical software development. Learn why it's time to make the switch and take your code to the next level. Enterprise Edition empowers organizations to fully embrace the benefits of Clean Code with enterprise-grade support, scalability, a...
Code Faster, Write Cleaner using AI Coding Assistants and Sonar
Просмотров 9392 месяца назад
🌐 AI code generation tools like GitHub Copilot and Amazon CodeWhisperer have empowered developers to accelerate timelines at breakneck speed. However, as many developers have experienced, code generated with AI often includes various bugs, errors, and security issues. Companies that successfully use AI code-generation tools will embrace productivity, exploring strategies for leveraging these po...
Conquering Complexity: Refactoring JavaScript projects
Просмотров 2372 месяца назад
One of the most common issues in JavaScript code bases is that our code is too complex. As projects and their requirements evolve, complexity creeps in. Excess complexity slows progress, frustrating us as we try to keep large chunks of a program in our heads just to understand what is happening. To conquer complexity, we must refactor! In this on-demand webinar, join Phil Nash, Developer Advoca...
Re-moo-te Code Execution in Mailcow: Always Sanitize Error Messages
Просмотров 5562 месяца назад
Sonar’s Vulnerability Research team discovered two security flaws in mailcow, an easy-to-use email server solution. Attackers could compromise vulnerable instances, impersonate users, and steal emails. Read the full technical details in our blog here! www.sonarsource.com/blog/remote-code-execution-in-mailcow-always-sanitize-error-messages/
With great AI power comes great responsibility | MS Build 2024
Просмотров 1032 месяца назад
To get the most out of genAI tools, it’s crucial that developers balance AI’s speed with maintaining quality code. In this session at MS Build 2024, we will cover how using these tools for code responsibly can help innovate faster, and we’ll provide best practices for integrating them into the DevOps workflow. Manish Kapur, Senior Director of Products, demonstrates how Code Generation LLMs and ...
Clean Code is the Base for a Well-functioning Dev Team | Sonar at QCon London 2024
Просмотров 3433 месяца назад
Hear directly from our Founder & Chairman Olivier Gaudin, about how Clean Code is the base for any well-functioning dev team. The recent addition of the GenAI/LLM toolbox seems promising, enabling developers to focus more on generating value for the business rather than spending their precious time on low-level tasks. Code is likely the only real asset for software. It dictates how the software...
SonarQube Enterprise Aggregate Reporting with Portfolios | #CleanCodeTips
Просмотров 2653 месяца назад
With SonarQube Enterprise Edition's Portfolios, users can aggregate projects and project branches to get a holistic view of Clean Code across your organization! In this demo, we dive into how SonarQube's reporting portfolio functionality can match your company structure, highlighting issues, security reports, measures, and activity! Watch our full-on-demand webinar on all the key features of So...
Achieve Clean Blazor Code with SonarQube and SonarCloud
Просмотров 3923 месяца назад
Achieve Clean Blazor Code with SonarQube and SonarCloud
Reality Check: Who determines what Clean Code is anyway?
Просмотров 7303 месяца назад
Reality Check: Who determines what Clean Code is anyway?
A Short Introduction to Django Ninja | Sonar Clean Code Tips
Просмотров 4544 месяца назад
A Short Introduction to Django Ninja | Sonar Clean Code Tips
Sonar Customer Stories | Axoft (Tango Software)
Просмотров 1514 месяца назад
Sonar Customer Stories | Axoft (Tango Software)
Apache Dubbo Consumer Risks: The Road Not Taken
Просмотров 1035 месяцев назад
Apache Dubbo Consumer Risks: The Road Not Taken
Clean Code with GitHub Copilot and Sonar | #CleanCodeTips
Просмотров 2,6 тыс.5 месяцев назад
Clean Code with GitHub Copilot and Sonar | #CleanCodeTips
Sonar Clean Code Tips: 5 Flask Issues to Avoid | Python
Просмотров 2515 месяцев назад
Sonar Clean Code Tips: 5 Flask Issues to Avoid | Python
Sonar Clean Code Tips: Understanding Python's New JIT Compiler
Просмотров 1,1 тыс.5 месяцев назад
Sonar Clean Code Tips: Understanding Python's New JIT Compiler
Reply to Calc: the Attack Chain to Compromise Mailspring
Просмотров 2585 месяцев назад
Reply to Calc: the Attack Chain to Compromise Mailspring
Integrating Sonar Clean Code Practices in AWS CI/CD Workflows
Просмотров 4835 месяцев назад
Integrating Sonar Clean Code Practices in AWS CI/CD Workflows
SonarLint for Eclipse Overview | a free and open source IDE extension
Просмотров 1,3 тыс.5 месяцев назад
SonarLint for Eclipse Overview | a free and open source IDE extension
Securing with Clean Code: Unveiling and Mitigating Vulnerabilities
Просмотров 4406 месяцев назад
Securing with Clean Code: Unveiling and Mitigating Vulnerabilities
Discover what’s new in MISRA C++ 2023, with Andreas Weis
Просмотров 4176 месяцев назад
Discover what’s new in MISRA C 2023, with Andreas Weis
OpenNMS Vulnerabilities: Securing Code against Attacker’s Unexpected Ways
Просмотров 1176 месяцев назад
OpenNMS Vulnerabilities: Securing Code against Attacker’s Unexpected Ways
Clean as You Code: No pain lots to gain
Просмотров 1,2 тыс.6 месяцев назад
Clean as You Code: No pain lots to gain
This is an excellent presentation on clean code, particularly the tree part, distinguishing functional and non-functional properties of code. I am surprised not so many have watched this presentation here.
There is no proper API documentation, with many APIs lacking any documentation. Additionally, there are outages almost every week. Many of their so-called "Enterprise" features can be replicated with a script.
Wow looks so amazing!❤🎉
пасибки! Слава Украине!
That was great. Thanks!
it will be great to see more tutorials on django-ninja.. probably building something practical.. like a todo app or a note api..
Answer: Uncle Bob since he was first to write a book with that name
This talk hit the nail for me. The arguments I see usually are about whether people agree or not with "clean code" pratices, often referring to specific conclusions and rules (like the ones from the 2008 book). But it's more productive to assume "clean code" is the final goal, and work from there defining what it should encompass. "Functions cannot have more than x lines" isn't clean code. "Functions should not be so lengthy it gets hard to understand what's going on" is clean code.
Unmentioned here, how is AI going to change the landscape; I have no doubt as I write this that the AI I have seen isn't going to be replacing programmers anytime soon, but could it cleanup your code for you; maybe.
I entered the world of programming in the mid80s, about 12 years after the likes of Steve Jobs and Wozniak. Around that time there was a lot of work going into developing programming languages; the goal to essentially make it easier to create clean code, so the concept is as old as the industry itself.
Really well explained - you get the balance just right, neither too complex nor skipping over useful details and insights by dumbing it down. I'll be looking out for other videos you've done 👍 Thank you!
Any reference articles or docs related to enabling the taint analysis in sonarqube using the quality gates
This was very concise and straightforward! Thanks buddy😜
Awesome. Please create Django ninja crash course with crud API using postgres. Thanks
great content, thank you for uploading!
Hi Andrei, I wan not able to attend the session but strarted watching and following steps you show regarding updating viewContact.razor. I change int to long but Sonarlint does not detect and display a warning like in your VS IDE in spite of the fact that I have a message indicating "Sonarlint has finished Analysis. What might be missing? Thanks
@Sonar I have version 6.4 of sonarqube and I would like to migrate to the latest version 10.3. How should I proceed? THANKS
Can you recommend a beginners guide to Lint and using SonarLint? I must start from near zero and this video is interesting but not introductory enough.
commenting to watch later.
please make a video on...sonarlint not analysed javascript code in eclipse....after analysed js file report are empty ...and how make custom rule in sonarlint with integrating with soanrqube
Hi Ann, In the 10.2 version, not able to find the job completion date and time in the SaonarQube Homepage at <Overview>. Likewise in the previous version 9.9 it was showing. Please reply urgently.
Is there a way to disable the ability to deactivate rules in the child profile? How can I enforce a minimal ruleset?