I am an Engineering Manager in the Languages Team at @SonarSource. We develop the code analyzers that power our awesome products:
- SonarQube - on-prem analysis (has a free Community edition)
- SonarCloud - SaaS (free for open-source)
- SonarLint - IDE plugins, free for everyone ๐
These tools are used by millions of developers and tens of thousands of organizations use to deliver cleaner, more secure code.
Check our awesome community forum.
The resources from my talk on NuGet supply chain attacks are:
- on my blog: https://andreiepure.ro/2022/08/28/dotnetday-resources.html
- on my personal GitHub: https://github.com/andreiepure/DependencyConfusionDemo