From 65 issues to zero - Achieving trusted code in the agentic SDLC at Sonar Summit 2026 скачать в хорошем качестве

From 65 issues to zero - Achieving trusted code in the agentic SDLC at Sonar Summit 2026

AI coding assistants are force multipliers — but they multiply whatever patterns you give them, good or bad. In this demo, we show what happens when you feed a popular "production-ready" Express.js prompt into Claude Code, and how SonarQube exposes 65 issues including SQL injection, hard-coded credentials, path traversal, and code injection vulnerabilities. Then we show how Tessl tiles — version-controlled, reviewed packages of skills, rules, and documentation — transform the same prompt into a secure, quality-gated coding workflow. Same app, same features, same AI. Zero issues. What you'll see in this demo: Using a community prompt to generate an Express.js REST API with Claude Code SonarQube analysis revealing 65 critical security and quality issues Tessl's skill review catching dangerous patterns before any code is written Building a proper Tessl tile with security rules, code quality rules, and library documentation Rebuilding the same app with the tile — going from 65 issues to 0 Publishing tiles to the Tessl registry for team-wide reuse Key takeaway: Tessl ensures the patterns are good before they reach your codebase. SonarQube validates the output. Together, they close the loop on AI code quality. Links: Demo repo: https://github.com/jbaruch/tessl-demo Tessl registry & getting started: https://tessl.io SonarQube: https://www.sonarsource.com/products/... #SonarSummit #AICodeQuality #Tessl #SonarQube #ClaudeCode #AgenticSDLC #DevTools #CodeSecurity #SoftwareQuality