SonarSource
static code analysissince
2008
We believe secure, quality software comes from secure, quality code
Since 2008, we've been devoted to helping developers around the world deliver clean, secure code. At SonarSource, we’re passionate about helping developers deliver the best applications that delight users, while keeping them safe and secure.
For us, delivering a great product starts with transparency. We're an open company, and our rules database is open as well! We put all our static analysis rules on display so you can explore them and judge their value for yourself.
For each rule, we provide code samples and offer guidance on a fix. Even more importantly, we also tell you why. We offer it all here publicly because whether or not you choose to use our analysis - we want to help you and your team write better code!
6000+ Static Analysis Rules
across 30+ programming languages
Carefully annotated and continuously refinedReliability
Avoid bugs and undefined behavior
Security
Avoid breaches or attacks
Maintainability
Ease code updates, and increase developer velocity
Classified by severity
Mapped to standards (cert, misra, cwe, sans, owasp, etc.)
Fully documented
Learn best practices & improve coding
Fully
automatedUp-to-speed with
latest frameworksBenefits shared
across dev teams
