New tools help ensure quality of AI-generated code
Using AI can increase the speed of code development, but it comes with an increased risk of bad code seeping into codebases.
Clean code solutions company Sonar is releasing two new features, Sonar AI Code Assurance and Sonar AI CodeFix. These deepen Sonar's commitment to improving the developer experience and increasing developer productivity to support the delivery of better code.
AI Code Assurance helps organizations ensure the quality of AI-generated code by thoroughly analyzing the codebase for issues, ensuring that projects using AI tools to generate code meet high standards of quality and security. With AI CodeFix, Sonar users can now detect and fix issues in their code with the click of a button, in the same workflow they use today.
"AI is transforming the way developers work, streamlining processes, and enabling prioritization of complex tasks. As the adoption of AI coding assistants grows, however, we are seeing a new issue emerge: a crisis of accountability over the quality and security of AI-generated code. Developers feel disconnected from the code that's written by these assistants, leaving gaps in review and testing," says Tariq Shaukat, CEO of Sonar. "With these new capabilities, we are evolving the way that developers and organizations address issues, instilling ownership of code, whether it’s AI-generated or written by human developers."
AI Code Assurance capabilities include allowing developers to easily tag projects that contain AI-generated code, initiating an automatic analysis through the Sonar AI Code Assurance workflow. An optimized quality gate for AI-generated code ensures that only code meeting strict quality and security standards is approved for production. Projects that pass the quality gate receive a badge signaling that the code has gone through a rigorous AI-ready analysis.
AI CodeFix minimizes manual debugging efforts and increases productivity by automatically generating code fix suggestions. It use LLMs to understand code context and provide relevant fixes and offers ongoing suggestion improvements based on user feedback. It supports flagship programming languages such as Java, JS/TS, C#, Python, and C/C++.
"Organizations must have the right solutions in place, combined with organizational processes and best practices, for developers to evaluate the code they've written and the code written by generative AI tools. Code written by AI is complementary to the work of developers, requiring their skills to ensure quality standards are met, ideally with a 'trust and verify' approach," adds Shaukat.
You can find out more on the Sonar site.