SonarCloud

What's new

Try now
Log in
Try nowLog in

What’s new

Discover the latest features released in SonarCloud

  • Contact Sales
  • Free 14 Day Trial
  • View Pricing
feature

October 13, 2023

Static IPs for outgoing calls to DevOps platforms

As part of our ongoing commitment to enhancing security and enabling more controlled network access, we are introducing support for static IPs for outgoing calls to supported DevOps platforms such as GitHub, GitLab, Azure DevOps Services, and BitBucket Cloud. 


This feature empowers organizations to whitelist specific static IPs, adding an additional layer of security to restrict traffic sources that can access their resources. 


The list of IP addresses is as follows (and documented here):

  • 3.122.211.192
  • 35.158.229.250
  • 18.196.105.168
  • 3.68.134.44
  • 3.74.220.70
  • 3.74.69.101


In addition, we have added those addresses to our SonarCloud GitHub App, so they will be automatically applied if you have selected the “Enable IP allow list configuration for installed GitHub Apps” option for your GitHub organization.


For additional questions please visit this Community announcement.


October 10, 2023

12 new rules for intentional and consistent Dockerfiles

SonarCloud now benefits from new rules to help you write more intentional and consistent Dockerfiles, covering Reliability and Maintainability.


For further information and a full list of rules, please refer to this Community announcement.


October 05, 2023

Enhancements to secret pattern detection across multiple cloud providers

SonarCloud can now detect 110 secret patterns across 60 cloud providers. 


Leveraging 60 rules, together with SonarLint in the IDE, this represents a powerful combination for detecting and fixing issues.


For further information and a list of rules, please refer to this Community announcement.

C sharp

September 20, 2023

C# analysis now finds issues in .razor and .cshtml files

To help keep your ASP.NET Core MVC, Razor, and Blazor applications clean, SonarCloud has introduced support for analysis of .cshtml and .razor files in .NET projects. 


For further information and a list of rules, please refer to this Community announcement.

August 31, 2023

Enhanced secret pattern detection across multiple cloud providers

SonarCloud can now detect 67 secret patterns across 29 cloud providers. 


Leveraging a new Sonar open-source secret detection engine, SonarCloud delivers a powerful approach to identify potential security vulnerabilities related to secrets and sensitive information.


For further information, and a list of rules, please refer to this Community announcement.

Azure Devops

August 17, 2023

AzureResourceManager templates analysis is now available

SonarCloud now supports the scanning of AzureResourceManager templates and Bicep files with the introduction of 12 dedicated rules specifically designed to avoid security misconfiguration.


For further information, and a list of rules, please refer to this Community announcement.

Get SonarCloud updates delivered directly to your inbox

By signing up, you will receive product and marketing information about upcoming SonarCloud updates, new releases, news, and events.

Select your preferred languages

By submitting this form, you agree to the storing and processing of your personal data as described in the Privacy Policy and Cookie Policy. You can withdraw your consent by unsubscribing at any time.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.