Sonar’s Post

Code is the most valuable asset of software. If not properly maintained, code can quickly become a liability (e.g., technical debt, security issues) for both the software and the development team. In this presentation at QCon London 2024, Olivier Gaudin, Founder and co-CEO of Sonar, explains how poor code can negatively impact team performance and software quality. He also discusses simple steps that any organization can take to improve code quality, regardless of the technology or the team's experience level. AI generated or written by humans, Sonar’s Clean Code Solutions cover your code quality needs, improving code reliability, maintainability, and security! Watch here: https://lnkd.in/gCaHw2wD #CleanCode #CleanasYouCode #genAI #devops #QCon #QCon2024

Ready to level up your testing skills? 🚀 I'll show you how to migrate XCTest's setUp/tearDown to Swift Testing’s init/deinit. But there's a detail you need to watch out for! ⚠️ Don't miss these insights, especially if you're dealing with tearDown 👇🏻 https://lnkd.in/gf-_TxpU

X: These Non-Blocking Code Reviews look interesting. But, we lack or do not have enough automated test coverage. So, we feel more comfortable using Pull Requests for safety. Me: Euh ... how will Pull Requests mitigate the lack of automated tests? What difference will that make? X: Hmm ... true ... probably that won't make a difference Me: There you have it ... 🤷♂️ Just to say, if we rely on blocking code reviews to catch bugs, the quality of our product might not live up to the expectations 🤷♂️ All the time lost with blocking reviews would be better invested in improving the process to allow for quick bug fixes in production and increasing the quality and amount of automated tests to have better confidence in the product. That will greatly reduce the stress in the team!

The 81st issue of the Polymathic Engineer is out. This week, we focus on API gateways: - lifecycle of a request - responsibilities and use cases - authentication and authorization Read much more here: https://lnkd.in/ef_C6sTn

How to solve problems that feel impossible? Ask more questions! Here is an example: Tests fail in CI, but pass locally. This one is tricky. The immediate steps we take here: 1. Check CI logs. 2. Try to reproduce the failures locally by running CI setup. When we zoom out, we understand CI and local environment are different: 1. Network issues? 2. Concurrency issues? 3. Is any test data missing in the CI environment? 4. How is the environment configuration different? 5. Are dependencies the tests rely on correctly initialized? When we feel clueless, it's because we haven't understood any bits of the problem. Breaking the problem into smaller problems is key.

Hey Hey Hey! 👋 The new 9th issue of Software Testing Insights is out! This time, we'll learn about: -Common mistakes leaders and managers should avoid. -Analysis of the CrowdStrike Falcon update incident. -The role of Large Action Models in testing. -How QA actually speeds up production processes. -Automation strategies for avoiding flaky tests. -Exploring tools for effective API testing. -And many more.... Have a read: https://lnkd.in/gxSuU7Tp Big congrats all the authors: Konstantin Sakhchinskiy , Ravisuriya Eswara , Ash Winter, Vitaly Sharovatov , Mark Winteringham , Jesper Ottosen , Deep Shah , Antonello Zanini , Nikita Belkovskiy, Joe Birch , Stuart Thomas ,Rahul Parwal , Oleksandr Romanov , Artem Grygorenko and Lisa Crispin Happy testing! 🚀 #softwaretestinginsights #softwaretesting #testautomation #testing #qa

Code is the most valuable asset of software. If not properly maintained, code can quickly become a liability (e.g., technical debt, security issues) for both the software and the development team. In his presentation at QCon London 2024, Olivier Gaudin, Founder and Chairman of Sonar, explains how poor code can negatively impact team performance and software quality. He also discusses simple steps that any organization can take to improve code quality, regardless of the technology or the team's experience level. Check out Olivier's talk here: https://bit.ly/3SUzklI AI-generated or written by humans, Sonar’s Clean Code Solutions cover your code quality needs, improving code reliability, maintainability, and security! #CleanCode #CleanasYouCode #genAI #devops #QCon #QCon2024

Just one mistake can disrupt an entire software supply chain. Without DLP, you're leaving your valuable code and toolkits open for threat actors to compromise. In this clip, Phylum CEO Aaron Bray goes through each facet of the software supply chain, highlighting how and where supply chain failures emerge. Watch the full webinar here: https://lnkd.in/ekxUd7HS #codesecurity #coding #github #repositorysecurity #dlp #datalossprevention #dlpforgithub #datasecurity

I have always believed in the power of 'Better Together'; I am thrilled to share that Mend.io is part of the Sysdig Runtime Insights Partner Ecosystem, leveraging their powerful runtime insights to bolster customers’ security! The partnership between Mend.io and Sysdig provides holistic security coverage for applications from code repositories through runtime execution. This integration will accelerate the security resolution process by increasing developers’ efficiency and streamlining communication between security and engineering teams. Sysdig offers a unique lens into what’s in use and actually happening in production, in turn helping us better secure software across the entire development life cycle ☁Want to learn more? Check out Sysdig’s blog:https://lnkd.in/dVwUk4s7

In this 5-min. video Mark Hermeling shows how CodeSonar and VS Code can help you to #shiftleft in the DevSecOps process. Not sure how to get started? Let's chat. https://lnkd.in/euyAicVW