Microsoft’s Sonar, released last week under an open source license, could help developers build more effective and secure websites.
Sonar, a linting tool and site scanner, is the next evolution of the static scan tool, according to Microsoft.
The team that developed Microsoft’s Edge browser created Sonar as a better way for website maintainers to check performance and security issues. It searches out potential interoperability, performance, security and progressive Web app-related problems.
Finding website problems is half of what Sonar does. The other half is suggesting possible solutions.
Ease of Use
Microsoft first created a static scan tool within its Web browser in 2013 to detect optimizations for old versions of Internet Explorer, missing prefixes and outdated libraries. The updated version can execute website code. It has a modernized set of rules, capable of parallel test execution and integration with other services.
Sonar will ease the adoption of Microsoft’s tooling and Azure for the community,” said Akshay Aggarwal, CEO of PeachTech and COO of Deja Vu Security.
However, “it is unlikely to move the needle on security significantly,” he told LinuxInsider.
Sonar combines existing technologies to address pressing security issues for Web developers. The innovation is in ease of use, as well as its integration capabilities with Microsoft’s developer tools and platform, he said.
Sonar can be beneficial to just about every single website. But a developer or web designer must translate the analysis and take necessary actions, noted David Rosenthal, VP of digital business technology solutions at Razor Technology.
In other words, I do not see it as necessary for your ‘non- customized GoDaddy WordPress site,'” he told LinuxInsider, but it is “absolutely valuable for larger and more complex websites with programming, third-party extensions,” and other tech features to manage.