Check Point® Software Technologies Ltd.(link is external) has been recognized on Newsweek’s 2025 list of America’s Best Cybersecurity Companies(link is external).
Sonar released SonarQube 10.7 with AI-driven features and expanded support for new and existing languages and frameworks.
In the 10.7 release of SonarQube, you'll find these new capabilities:
- Take a quantum leap to protect and correct your code with AI Code Assurance and early access to AI CodeFix
- Boost your security compliance with STIG and CASA security reports
- Early access to Dart language rules for building issue-free Flutter apps
- New support for PyTorch Library and Jupyter Notebooks
- Deeper support and advanced security for Spring Framework
- Deploy SonarQube on Red Hat OpenShift
- Includes many more developer experience, operational, and language improvements
Features include:
- Clean, Secure AI-generated Code: New in SonarQube 10.7, Sonar AI Code Assurance is a robust and streamlined process for validating AI-generated code through a structured and comprehensive analysis. Developers can easily identify and tag projects containing AI-generated code, initiating the Sonar AI Code Assurance workflow. This ensures that every new piece of code meets the highest quality and security standards before it moves to production.
- Quickly and Immediately Fix Found Issues: You will get free early access to Sonar AI CodeFix, a powerful new capability that leverages an LLM to suggest code fixes for issues discovered by SonarQube. With just one click, you can now receive suggestions on resolving a range of issues, streamlining the issue resolution process. By automating the resolution of common coding problems, Sonar AI CodeFix significantly boosts developer speed and productivity.
- New STIG and CASA Security Reports: In this release, Sonar expanded support for catching security issues defined in common security standards and reporting on them. Sonar has included coverage of the Defense Information Systems Agency's Security Technical Implementation Guide (STIG) and The Defence Alliance's Cloud Application Security Assessment (CASA). You can generate a STIG and a CASA security report for use in helping prove your company complies with the STIG and CASA standards.
- Analyze Dart/Flutter Apps: Sonar's developer community spoke, and they listened! Dart has been the most requested new language to include, and now it's finally here. This early access is just the beginning. With 76 new rules for Dart and much more to come in future releases, SonarQube detects a dozen bugs and over 60 issues that lead to technical debt. Get started analyzing Dart code and avoid the most common issues that plague Flutter apps.
- Analyze Jupyter Notebooks and PyTorch Code: PyTorch is one of the most widely used machine-learning libraries for Python. With new rules for PyTorch, SonarQube covers the leading AI and ML Python libraries, including TensorFlow, Scikit-learn, NumPy, and Pandas. Many AI and ML developers struggle with Jupyter Notebooks because few tools analyze the code embedded in a notebook. But now Sonar leaps forward with a unique and powerful set of rules to detect issues in Python code embedded in a Jupyter Notebook to help protect AI/ML practitioners against common coding pitfalls in their Jupyter Notebooks.
- Advanced Security for the Spring Framework: To help better understand how well a static code analysis tool handles security for developer frameworks, Sonar has devised a system to evaluate and rate security coverage for a specific developer framework. This system consists of a set of 45 security KPIs and a method for evaluating the KPIs and ranking coverage of the framework at four distinct levels: minimal coverage, standard coverage, advanced coverage, and complete coverage. Sonar is very proud to announce that in the SonarQube 10.7 release, there's elevated Sonar's security coverage of the Spring Framework to 92%, earning a “complete coverage” score. Java developers leveraging the Spring Framework can rest assured that SonarQube is one of the most comprehensive and advanced static application security testing (SAST) tools with over 200 rules for the popular Java framework. SonarQube will help developers ensure that their Spring-based applications run smoothly and have few to no security vulnerabilities.
- Deploy SonarQube on Red Hat OpenShift: For customers operating their Kubernetes-based infrastructure using Red Hat OpenShift, Sonar officially supports running the SonarQube server on Red Hat OpenShift. Now you can safely orchestrate all your applications and services together, including SonarQube.
Industry News
Red Hat announced enhanced features to manage Red Hat Enterprise Linux.
StackHawk has taken on $12 Million in additional funding from Sapphire and Costanoa Ventures to help security teams keep up with the pace of AI-driven development.
Red Hat announced jointly-engineered, integrated and supported images for Red Hat Enterprise Linux across Amazon Web Services (AWS), Google Cloud and Microsoft Azure.
Komodor announced the integration of the Komodor platform with Internal Developer Portals (IDPs), starting with built-in support for Backstage and Port.
Operant AI announced Woodpecker, an open-source, automated red teaming engine, that will make advanced security testing accessible to organizations of all sizes.
As part of Summer '25 Edition, Shopify is rolling out new tools and features designed specifically for developers.
Lenses.io announced the release of a suite of AI agents that can radically improve developer productivity.
Google unveiled a significant wave of advancements designed to supercharge how developers build and scale AI applications – from early-stage experimentation right through to large-scale deployment.
Red Hat announced Red Hat Advanced Developer Suite, a new addition to Red Hat OpenShift, the hybrid cloud application platform powered by Kubernetes, designed to improve developer productivity and application security with enhancements to speed the adoption of Red Hat AI technologies.
Perforce Software announced Perforce Intelligence, a blueprint to embed AI across its product lines and connect its AI with platforms and tools across the DevOps lifecycle.
CloudBees announced CloudBees Unify, a strategic leap forward in how enterprises manage software delivery at scale, shifting from offering standalone DevOps tools to delivering a comprehensive, modular solution for today’s most complex, hybrid software environments.
Azul and JetBrains announced a strategic technical collaboration to enhance the runtime performance and scalability of web and server-side Kotlin applications.
Docker, Inc.® announced Docker Hardened Images (DHI), a curated catalog of security-hardened, enterprise-grade container images designed to meet today’s toughest software supply chain challenges.
GitHub announced that GitHub Copilot now includes an asynchronous coding agent, embedded directly in GitHub and accessible from VS Code—creating a powerful Agentic DevOps loop across coding environments.