DEVOPSdigest

Sonar announced the release of its latest Long-Term Active (LTA) version, SonarQube Server 2025 Release 1 (2025.1).

This release introduces a range of advanced features and enhancements designed to integrate the use of AI in the Software Development Lifecycle (SDLC), enhance code security, and improve overall software quality.

New as of the 2025.1 release, Sonar has adopted a 12-month release cadence for SonarQube Server in a new versioning scheme. Sonar’s accelerated delivery cycle will help to streamline the LTA process, bring new capabilities to market faster, and provide more predictable updates.

Key highlights of SonarQube Server 2025.1 LTA include:

- Accelerating safe AI adoption in the SDLC: AI Code Assurance and AI CodeFix help developers and organizations benefit from AI while maintaining code quality and security. Available in the new LTA release, SonarQube Server can automatically detect AI-generated code in GitHub projects that use GitHub Copilot, which users can then run through the AI Code Assurance workflow.

- Enhanced security measures: The latest version includes expanded SAST coverage for more third-party dependencies, ensuring all code is secure and reliable. Advanced secrets detection prevents secrets from entering repositories, enhancing security and compliance. New reports for CWE Top 25 and support for STIG and CASA ensure compliance with key security frameworks.

- Faster analysis, better integration, improved developer productivity: The new LTA offers a more intuitive and efficient user interface, faster scans, and quicker first analysis. Developers can maintain high standards and reduce technical debt more easily without disruption to their workflow. DevOps engineers can now streamline operations through auto-provisioning and auto-sync with GitHub and GitLab, and SCIM integration for automated user and group management.

- New language support, improved code quality taxonomy: Sonar’s new taxonomy in the Multi-Quality Rule (MQR) mode enables organizations to adopt the best practices in keeping their code and applications of the highest quality. This LTA also comes with new and enhanced language support across a variety of programming languages and frameworks such as Dart/Flutter and Helm.

"SonarQube Server 2025.1 LTA represents our ongoing dedication to providing developers with the tools they need to produce high-quality, secure code in a shifting development environment," said Fabrice Bellingard, VP of Product at Sonar. "This release not only enhances the security and reliability of software, but also improves the developer experience, making it easier for teams to leverage new technologies, like generative AI, in harmony with their workflows."

SonarQube Server 2025 Release 1 LTA is available now.