JFrog partners with Sonar for secure software development

By combining the power of #JFrog with #Sonar's best-in-class code analysis, developers can build better, more secure software without sacrificing speed. Together, we're building a stronger, more integrated future for software development - Learn more: https://bit.ly/42VKwDA

Building high-quality, secure software in the age of AI requires a new level of integration across the entire development lifecycle. That's why we're proud to partner with Sonar as part of their new Sonar Integration Program. 🤝 By combining the power of Cortex with Sonar's best-in-class code analysis, developers can build better, more secure software without sacrificing speed. Together, we're building a stronger, more integrated future for software development. Learn more: https://lnkd.in/g_A53H-X

Building high-quality, secure software in the age of AI requires a new level of integration across the entire development lifecycle. That's why we're proud to partner with Sonar as part of their new Sonar Integration Program. 🤝 By combining the power of Port with Sonar's best-in-class code analysis, developers can build better, more secure software without sacrificing speed. Together, we're building a stronger, more integrated future for software development. Learn more: https://lnkd.in/gMvZq43e

Building high-quality, secure software in the age of AI requires a new level of integration across the entire development lifecycle. That's why we're proud to partner with Sonar as part of their new Sonar Integration Program. 🤝 By combining the power of Jellyfish with Sonar's best-in-class code analysis, developers can build better, more secure software without sacrificing speed. Together, we're building a stronger, more integrated future for software development. Learn more: https://lnkd.in/gMvZq43e

Today, we're excited to announce the Sonar Integration Program🚀, a major expansion of our partner ecosystem designed to unify code governance across the entire software development lifecycle. With new integrations like Google Gemini, Atlassian Jira, JFrog, Windsurf Cognition, Jellyfish, and Port.io we're making it easier than ever for developers to write better, more secure code. This program provides a holistic ecosystem for orchestrating code quality and security, enabling development teams to embed automated code review and governance directly into their existing processes. Read the full press release to learn more 👉: https://bit.ly/4oBPttz #CodeQuality #CodeOrchestration #CodeSecurity #SonarQube #AI #TechPartners

Cognition partners with Sonar to help Windsurf and Devin customers write high quality, secure code at scale: https://lnkd.in/gz5jPwfP +1 to Gardner Johnson's perspective: "The SDLC encompasses a vast set of complementary technologies that work better when integrated together... By combining Cognition and Sonar's suite of products, our customers are able to build faster, improve the quality of their code, and finally address preexisting security vulnerability backlogs at scale" Bobby Nobakht Jeff Clawson Donald Fischer Manish Kapur Harry Wang Florian Poulin Maisie Guzi Katie Hyman

Jellyfish is thrilled to be an initial launch partner for the @sonar partner program. As #GenAI writes more code, customers need to understand code quality, security & reliability and how it impacts developer productivity + engineering effectiveness.

You don’t notice it at first. A flaky test here. An unclear failure there. A pipeline that fails for no reason, then passes on re-run. So you ignore it… until your team stops trusting the pipeline altogether. Now: - Bugs make it to prod - Devs spend hours debugging “non-reproducible” failures - QA is burned out rerunning the same suite 5 times And here’s the real cost: velocity dies. This is the hidden tax of DIY test orchestration. With Testkube, teams: - Run any test in parallel inside K8s - Auto-aggregate logs, artifacts, and failures across tools - Use our AI Copilot to explain what failed, in plain English The result: fewer surprises, faster deploys, and a test pipeline your team actually believes in. What’s the flakiest test in your suite? Name it. Shame it.

I've been thinking about how agentic coding is changing the infrastructure requirements for development environments. We've evolved from local → production → CI → agentic environments. But here's the problem: each environment often has its own provisioning logic, making projects less portable. The solution? Keep your environment layer thin and adopt environment-agnostic tooling: • Use tools like Mise for deterministic provisioning • Adopt environment-agnostic caching (not just CI-specific) • Invest in structured telemetry for better debugging In an agentic world, your infrastructure needs to work everywhere—not just in your CI pipeline. Full post: https://lnkd.in/dv95yP7b

I stopped thinking of prompts as “text” the day one broke an entire workflow without throwing a single error. Once you’re managing prompts across versions and models, you realize they’re not copy, they’re software components. Each has cost, latency, and failure modes that need monitoring. Prompt design today is software engineering under a different name: you iterate, test, monitor, and optimize. The “creative part” is only 10% of it, the rest is ops discipline. And having Future AGI’s observability stack plugged in means I can actually see what’s working: track runs, compare versions, and debug regressions before they hit production. It’s changed how I build. If you’re managing multiple prompt versions, try monitoring them with Future AGI once. The visibility alone is worth it. Try it here: https://lnkd.in/gKCSvj_4