1、The Stateof CodeVolume 4:L2/29The State of Code,Volume 4:LanguagesJuly 2025Table of ContentsIntroduction3Overview and summary of key findings4Our methodology5Report findings6Java7JavaScript10TypeScript13Python16C#19C+22PHP25Conclusion28About S3/29The State of Code,Volume 4:LanguagesJuly 2025Introduc

2、tionIn this report,we highlight the most common issues affecting code quality across the seven most popular languages used by software developers,according to our data.This context is essential for software developers,their leaders,and AppSec stakeholders who need to make(or justify)software enginee

3、ring investment decisions around training,tooling,or technical debt and would benefit from knowing what issues may be lurking or unknown in their critical software.And as AI coding assistants generate more code,the quality of existing application source code becomes more important,as it is the main

4、data used to train these AI tools.For background,Sonar measures the impact of code issues in every project or codebase across three software qualities:reliability,security,and maintainability.These three areas are deeply interconnected in high-quality code:poorly maintained code typically develops r

5、eliability issues and security vulnerabilities over time.Taken together,reliability,security,and maintainability determine not just the initial success of software but its long-term value,adaptability,and total cost of ownership throughout its lifecycle.This is why every rule violation identified by

6、 Sonar is automatically assigned an impact quality for one of these three areas.In this report,well surface the most common code issues weve seen(across reliability,security,and maintainability)in Java,JavaScript,TypeScript,Python,C#,C+,and PHP.Our prior reports,“The State of Code:Reliability,”“The