Parasoft(link is external) is showcasing its latest product innovations at embedded world Exhibition, booth 4-318(link is external), including new GenAI integration with Microsoft Visual Studio Code (VS Code) to optimize test automation of safety-critical applications while reducing development time, cost, and risk.
Sonar Introduces AI Code Assurance and AI CodeFix
October 03, 2024
Sonar announced two new product capabilities for today’s AI-driven software development ecosystem.
These new capabilities are designed to support better software development in two critical and distinct ways – Sonar AI Code Assurance and Sonar AI CodeFix improve the quality of code produced by generative AI and enhance Sonar’s offering with AI to deliver a better developer experience, respectively. Both capabilities deepen Sonar’s commitment to the delivery of high-quality, secure code and increasing developer productivity.
AI Code Assurance helps organizations ensure the quality of AI-generated code by thoroughly analyzing the codebase for issues, ensuring that projects using AI tools to generate code meet high standards of quality and security. Today, bad code is already estimated to cost businesses more than a trillion dollars, making it critical for AI-generated code, which promises to increase the volume of code written, to be comprehensively checked for quality and security issues.
“AI is transforming the way developers work, streamlining processes, and reducing the toil associated with writing code. As the adoption of AI coding assistants grows, however, we are seeing a new issue emerge: code accountability. AI-generated code needs review by developers, but accountability for doing this is increasingly diluted. As a result, we’re seeing the review step frequently being shortchanged,” said Tariq Shaukat, CEO of Sonar. “With AI Code Assurance, we’re helping organizations ensure that AI written code receives the high level of quality and security review that you would expect from your developers.”
AI CodeFix allows developers to seamlessly resolve issues detected by Sonar's code analysis engine with a single click, directly within their workflow. The AI-powered fix recommendations help streamline developer workflows, speed up issue remediation, and improve the developer experience. As leading research has established, developer experience improves with the automation that AI provides. For example, McKinsey reported that developers using generative AI tools in their work stream are “twice as likely to report overall happiness, fulfillment, and a state of flow” than those who aren’t.
“AI CodeFix helps developers streamline their workflow and ramp up their productivity. Rather than switching between solutions or manual efforts, we’re putting remediation options for Sonar-identified issues right in front of the people working on them – and giving them the ability to fix the issues in an instant. We’re excited to see how our users adopt this capability and better understand how we can further integrate AI into our solutions to improve the developer experience,” said Fabrice Bellingard, VP of Product at Sonar.
The features are currently available for both SonarQube and SonarCloud.
AI Code Assurance for Confidence in Code Quality: With AI Code Assurance for SonarQube and SonarCloud, developers can be confident that their AI-generated code is clean and secure. By implementing the Sonar AI Code Assurance workflow, organizations have the assurance that all code (AI-generated and human-developed) has been thoroughly scanned for issues and that projects leveraging AI tools are meeting high standards of quality and security.
AI Code Assurance capabilities include:
- Project Tagging: Developers can easily tag projects that contain AI-generated code, initiating a comprehensive analysis through the Sonar AI Code Assurance workflow.
- Quality Gate Enforcement: An optimized quality gate for AI-generated code ensures that only code meeting strict quality and security standards is approved for production.
- AI Code Assurance Approved Badge: Projects that pass the quality gate receive a badge signifying that the code has gone through a rigorous AI-ready analysis.
AI CodeFix for Fast Issue Remediation: Fast-paced software development environments require solutions that enhance productivity, reduce time-to-market, and maintain high code quality. Today, millions of Sonar users can detect and fix issues in their code leveraging Sonar’s database of code rules and best practices. Now, at the click of a button, developers can use AI CodeFix to automatically generate solutions to issues in the same SonarQube and SonarCloud user interface where they review issues.
AI CodeFix capabilities include:
- Instant Code Fixes: Minimize manual debugging efforts and increase productivity by automatically generating code fix suggestions.
- Contextual Understanding of Sonar findings: Leverages LLMs to understand code context and provide relevant fixes.
- Seamless Integration: Developers fix issues directly within their IDE using SonarLint connected mode, ensuring a smooth workflow.
- Continuous Learning: Ongoing suggestion improvements based on user feedback
- Multi-Language Support: Supports flagship programming languages such as Java, JS/TS, C#, Python, and C/C++.
AI Code Assurance is now available on SonarQube and will be generally available in SonarCloud by the end of October.
AI CodeFix is available for early access in SonarQube Enterprise Edition, SonarQube Data Center Edition, and SonarCloud Team and Enterprise plans.
Industry News
March 06, 2025
JFrog announced general availability of its integration with NVIDIA NIM microservices, part of the NVIDIA AI Enterprise software platform.
March 06, 2025
CloudCasa by Catalogic announce an integration with SUSE® Rancher Prime via a new Rancher Prime Extension.
March 05, 2025
MacStadium(link is external) announced the extended availability of Orka(link is external) Cluster 3.2, establishing the market’s first enterprise-grade macOS virtualization solution available across multiple deployment options.
March 05, 2025
JFrog is partnering with Hugging Face, host of a repository of public machine learning (ML) models — the Hugging Face Hub — designed to achieve more robust security scans and analysis forevery ML model in their library.
March 05, 2025
Copado launched DevOps Automation Agent on Salesforce's AgentExchange, a global ecosystem marketplace powered by AppExchange for leading partners building new third-party agents and agent actions for Agentforce.
March 05, 2025
Harness completed its merger with Traceable, effective March 4, 2025.
March 04, 2025
JFrog released JFrog ML, an MLOps solution as part of the JFrog Platform designed to enable development teams, data scientists and ML engineers to quickly develop and deploy enterprise-ready AI applications at scale.
March 04, 2025
Progress announced the addition of Web Application Firewall (WAF) functionality to Progress® MOVEit® Cloud managed file transfer (MFT) solution.
March 04, 2025
Couchbase launched Couchbase Edge Server, an offline-first, lightweight database server and sync solution designed to provide low latency data access, consolidation, storage and processing for applications in resource-constrained edge environments.
March 04, 2025
Sonatype announced end-to-end AI Software Composition Analysis (AI SCA) capabilities that enable enterprises to harness the full potential of AI.
March 03, 2025
Aviatrix® announced the launch of the Aviatrix Kubernetes Firewall.
March 03, 2025
ScaleOps announced the general availability of their Pod Placement feature, a solution that helps companies manage Kubernetes infrastructure.
March 03, 2025
Cloudsmith raised a $23 million Series B funding round led by TCV, with participation from Insight Partners and existing investors.
February 27, 2025
IBM has completed its acquisition of HashiCorp, whose products automate and secure the infrastructure that underpins hybrid cloud applications and generative AI.
