Sonar to Improve the Quality of AI-Generated Code, Provide Automated Fix Recommendations

Sonar, the leading Clean Code solution provider, today announced two new product capabilities for today’s AI-driven software development ecosystem. These new capabilities are designed to support better software development in two critical and distinct ways – Sonar AI Code Assurance and Sonar AI CodeFix improve the quality of code produced by generative AI and enhance Sonar’s offering with AI to deliver a better developer experience, respectively. Both capabilities deepen Sonar’s commitment to the delivery of high-quality, secure code and increasing developer productivity.

This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20241003439224/en/

AI Code Assurance helps organizations ensure the quality of AI-generated code by thoroughly analyzing the codebase for issues, ensuring that projects using AI tools to generate code meet high standards of quality and security. Today, bad code is already estimated to cost businesses more than a trillion dollars, making it critical for AI-generated code, which promises to increase the volume of code written, to be comprehensively checked for quality and security issues.

“AI is transforming the way developers work, streamlining processes, and reducing the toil associated with writing code. As the adoption of AI coding assistants grows, however, we are seeing a new issue emerge: code accountability. AI-generated code needs review by developers, but accountability for doing this is increasingly diluted. As a result, we’re seeing the review step frequently being shortchanged,” said Tariq Shaukat, CEO of Sonar. “With AI Code Assurance, we’re helping organizations ensure that AI written code receives the high level of quality and security review that you would expect from your developers.”

AI CodeFix allows developers to seamlessly resolve issues detected by Sonar's code analysis engine with a single click, directly within their workflow. The AI-powered fix recommendations help streamline developer workflows, speed up issue remediation, and improve the developer experience. As leading research has established, developer experience improves with the automation that AI provides. For example, McKinsey reported that developers using generative AI tools in their work stream are “twice as likely to report overall happiness, fulfillment, and a state of flow” than those who aren’t.

“AI CodeFix helps developers streamline their workflow and ramp up their productivity. Rather than switching between solutions or manual efforts, we’re putting remediation options for Sonar-identified issues right in front of the people working on them – and giving them the ability to fix the issues in an instant. We’re excited to see how our users adopt this capability and better understand how we can further integrate AI into our solutions to improve the developer experience,” said Fabrice Bellingard, VP of Product at Sonar.

The features are currently available for both SonarQube and SonarCloud.

AI Code Assurance for Confidence in Code Quality

With AI Code Assurance for SonarQube and SonarCloud, developers can be confident that their AI-generated code is clean and secure. By implementing the Sonar AI Code Assurance workflow, organizations have the assurance that all code (AI-generated and human-developed) has been thoroughly scanned for issues and that projects leveraging AI tools are meeting high standards of quality and security.

AI Code Assurance capabilities include:

• Project Tagging: Developers can easily tag projects that contain AI-generated code, initiating a comprehensive analysis through the Sonar AI Code Assurance workflow.
• Quality Gate Enforcement: An optimized quality gate for AI-generated code ensures that only code meeting strict quality and security standards is approved for production.
• AI Code Assurance Approved Badge: Projects that pass the quality gate receive a badge signifying that the code has gone through a rigorous AI-ready analysis.

AI CodeFix for Fast Issue Remediation

Fast-paced software development environments require solutions that enhance productivity, reduce time-to-market, and maintain high code quality. Today, millions of Sonar users can detect and fix issues in their code leveraging Sonar’s database of code rules and best practices. Now, at the click of a button, developers can use AI CodeFix to automatically generate solutions to issues in the same SonarQube and SonarCloud user interface where they review issues.

AI CodeFix capabilities include:

• Instant Code Fixes: Minimize manual debugging efforts and increase productivity by automatically generating code fix suggestions.
• Contextual Understanding of Sonar findings: Leverages LLMs to understand code context and provide relevant fixes.
• Seamless Integration: Developers fix issues directly within their IDE using SonarLint connected mode, ensuring a smooth workflow.
• Continuous Learning: Ongoing suggestion improvements based on user feedback
• Multi-Language Support: Supports flagship programming languages such as Java, JS/TS, C#, Python, and C/C++.

AI Code Assurance is now available on SonarQube and will be generally available in SonarCloud by the end of October. AI CodeFix is available for early access in SonarQube Enterprise Edition, SonarQube Data Center Edition, and SonarCloud Team and Enterprise plans.

For more information on the new features, visit our AI features page at https://www.sonarsource.com/solutions/ai/.

About Sonar

Sonar's Clean Code solutions, SonarQube, SonarCloud, and SonarLint, help developers prevent code quality and security issues from ever reaching production. Sonar analyzes all code, regardless of who writes it—your internal team or genAI—resulting in more secure, reliable, and maintainable software. Rooted in the open source community, Sonar’s solutions support over 30 programming languages, frameworks, and infrastructure technologies. Today, Sonar is used by 7M+ developers and 400K organizations worldwide, including the DoD, Microsoft, NASA, MasterCard, Siemens, and T-Mobile.

To learn more about Sonar, please visit: https://www.sonarsource.com/products/all/

View source version on businesswire.com: https://www.businesswire.com/news/home/20241003439224/en/