Загрузка видео...

Не удалось загрузить видео

Возникла проблема при загрузке этого видео. Это может быть связано с временными проблемами сети или видео может быть недоступно.

На главную

An MCP server that detects production-grade code quality issues in real-time! Even though AI is now generating code at light speed, the engineering bottleneck has just moved from writing to reviewing, and now devs spend 90% of their debugging time on AI-generated code. AI reviewers aren't that reliable either... because they share the same fundamental blind spots as AI generators do: - They pattern match, not proof check. - They validate syntax, not system behavior. - They review code, not consequences. I have been using the SonarQube MCP Server (by Sonar) to solve this. It produces enterprise-grade code analysis and returns instant feedback on bugs, vulnerabilities, and code smells right where you're working (Claude Code, Cursor, etc.). Its capabilities have emerged from the 750B+ lines of code SonarQube processes daily, so it has seen every bug pattern that exists. This includes: - Security vulnerabilities (SQL injection, XSS, hardcoded secrets) - Code smells and technical debt - Test coverage gaps - Maintainability issues The setup is simple: - Install the SonarQube MCP server - Add it to your AI assistant's config Done! SonarQube is now part of your AI coding workflow. I have shared the GitHub repo in the replies! P.S. Thanks to Sonar for working with me today.show more

Avi Chawla

58,837 subscribers

28,027 просмотров • 6 месяцев назад •via X (Twitter)

Anya Rossi• Live Now

Private livecam show

Комментарии: 0

Нет доступных комментариев

Здесь появятся комментарии из оригинального поста

Похожие видео

SonarQube has been catching my bugs and security issues for years. The only friction was having to leave Cursor or Windsurf to view the results. Their new MCP Server fixes that by bringing verification directly into the coding environment 🔥 This is actually perfect timing 🧵 ↓ Because we write more code than ever thanks to AI, yet productivity still doesn’t keep up. Google’s 2025 DORA Report shows the tension: → AI usage +90% → Bugs +9% → Review time +91% → PR size +154% (report here: The problem isn’t generating code. It’s verifying it quickly and reliably. And this is what SonarQube's new MCP Server brings instantly: - Live scanning → trigger SonarQube checks inside Cursor, Windsurf, Claude Code… basically any MCP-compatible IDE - Immediate surfacing → security, reliability, and maintainability issues in seconds - Smooth UI handoff → jump to the dashboard only when you need the full picture - AI-native workflow → Sonar’s long-standing rule engine integrated into your daily loop Why it’s great: • Removes constant tab-switching • Faster write → check → fix cycles • Lets the IDE handle speed while SonarQube handles structure • Feels like code quality finally meets AI-native development Setup is super simple: → Enable SonarQube's MCP Server in Cursor → Add your SonarQube instance → Open your repo → Run the scan directly inside the IDE I then pointed it to a JS component I’m building in Streamlit (psst, it’s called Streamlit ChartJS ;)) → Immediate results: security flags, reliability concerns, maintainability smells, and dependency risks ✅ Then I prompted: "Show me the full breakdown." → Cursor opens the SonarQube UI with rule details, severities, fix guidance, and project-wide quality signals! Exactly on point.

SonarQube has been catching my bugs and security issues for years. The only friction was having to leave Cursor or Windsurf to view the results. Their new MCP Server fixes that by bringing verification directly into the coding environment 🔥 This is actually perfect timing 🧵 ↓ Because we write more code than ever thanks to AI, yet productivity still doesn’t keep up. Google’s 2025 DORA Report shows the tension: → AI usage +90% → Bugs +9% → Review time +91% → PR size +154% (report here: The problem isn’t generating code. It’s verifying it quickly and reliably. And this is what SonarQube's new MCP Server brings instantly: - Live scanning → trigger SonarQube checks inside Cursor, Windsurf, Claude Code… basically any MCP-compatible IDE - Immediate surfacing → security, reliability, and maintainability issues in seconds - Smooth UI handoff → jump to the dashboard only when you need the full picture - AI-native workflow → Sonar’s long-standing rule engine integrated into your daily loop Why it’s great: • Removes constant tab-switching • Faster write → check → fix cycles • Lets the IDE handle speed while SonarQube handles structure • Feels like code quality finally meets AI-native development Setup is super simple: → Enable SonarQube's MCP Server in Cursor → Add your SonarQube instance → Open your repo → Run the scan directly inside the IDE I then pointed it to a JS component I’m building in Streamlit (psst, it’s called Streamlit ChartJS ;)) → Immediate results: security flags, reliability concerns, maintainability smells, and dependency risks ✅ Then I prompted: "Show me the full breakdown." → Cursor opens the SonarQube UI with rule details, severities, fix guidance, and project-wide quality signals! Exactly on point.

Charly Wargnier

22,702 просмотров • 5 месяцев назад

Nobody is writing 90% of their code using AI. Here's the uncomfortable truth: The real productivity gain from using AI to write code is closer to 10%, nowhere near the 90% people claim. Sundar Pichai said in 2024 that 30% of the new code at Google was AI-generated. However, he went on to admit, during Lex Friedman's podcast, that engineering velocity had only increased by about 10%. AI-generated code isn't free code. It still has to be reviewed, tested, and made production-ready. Optimizing a single step (code generation) doesn't boost output if bottlenecks shift elsewhere (code reviews). It doesn't matter how much code you generate if you can't keep up the review process. The solution: Automate as much as you can the review and verification of your code. I'm working with Sonar, who is sponsoring this post, and they will take care of the code quality and security analysis of your code: • They review over 300B lines of code every single day • They cover reliability, security, and maintainability for your code • You can integrate them into your CI/CD pipeline • You can install them in your IDE (I use their VSCode extension) • Support for more than 30 languages Here is a link so you can check them out:

Nobody is writing 90% of their code using AI. Here's the uncomfortable truth: The real productivity gain from using AI to write code is closer to 10%, nowhere near the 90% people claim. Sundar Pichai said in 2024 that 30% of the new code at Google was AI-generated. However, he went on to admit, during Lex Friedman's podcast, that engineering velocity had only increased by about 10%. AI-generated code isn't free code. It still has to be reviewed, tested, and made production-ready. Optimizing a single step (code generation) doesn't boost output if bottlenecks shift elsewhere (code reviews). It doesn't matter how much code you generate if you can't keep up the review process. The solution: Automate as much as you can the review and verification of your code. I'm working with Sonar, who is sponsoring this post, and they will take care of the code quality and security analysis of your code: • They review over 300B lines of code every single day • They cover reliability, security, and maintainability for your code • You can integrate them into your CI/CD pipeline • You can install them in your IDE (I use their VSCode extension) • Support for more than 30 languages Here is a link so you can check them out:

Santiago

296,299 просмотров • 8 месяцев назад

Write 100x better code using AI (for free!) Install the Codacy extension (VSCode, Cursor, WindSurf). This will install an MCP Server locally on your computer. Your coding copilot will use this server with the Codacy CLI to check every line of code it generates. The way this works is pretty awesome (assuming you are using Cursor): 1. You ask Cursor to generate some code 2. Cursor writes the code 3. Cursor then calls Codacy's MCP Server to check it 4. The MCP Server will use the Codacy CLI to find any issues 5. Cursor will fix the issues and call the MCP server again 6. When the code passes all checks, you are done Level of effort on your side: literally zero! Code quality and security because of this: 100x better! Codacy has been doing this for a long, long time, and their Guardrails MCP Server checks for a lot of potential issues: • Security issues • Quality standards • Pattern violations • Linting issues You can see more information about the extension here: I recorded a quick video to show you how it works. Thanks to the Codacy team for helping me set up everything, answering my 1,000 questions, and collaborating with me on this post.

Write 100x better code using AI (for free!) Install the Codacy extension (VSCode, Cursor, WindSurf). This will install an MCP Server locally on your computer. Your coding copilot will use this server with the Codacy CLI to check every line of code it generates. The way this works is pretty awesome (assuming you are using Cursor): 1. You ask Cursor to generate some code 2. Cursor writes the code 3. Cursor then calls Codacy's MCP Server to check it 4. The MCP Server will use the Codacy CLI to find any issues 5. Cursor will fix the issues and call the MCP server again 6. When the code passes all checks, you are done Level of effort on your side: literally zero! Code quality and security because of this: 100x better! Codacy has been doing this for a long, long time, and their Guardrails MCP Server checks for a lot of potential issues: • Security issues • Quality standards • Pattern violations • Linting issues You can see more information about the extension here: I recorded a quick video to show you how it works. Thanks to the Codacy team for helping me set up everything, answering my 1,000 questions, and collaborating with me on this post.

Santiago

63,219 просмотров • 11 месяцев назад

Kicking off Day 1 of the launch week with the Chakra UI MCP Server 🖲️ Now, you can connect the entire Chakra UI design system to your AI workflow. Works with: - VS Code (GitHub Copilot) - Cursor - Claude Code - Windsurf - Zed Check it out: #ChakraLaunchWeek

Kicking off Day 1 of the launch week with the Chakra UI MCP Server 🖲️ Now, you can connect the entire Chakra UI design system to your AI workflow. Works with: - VS Code (GitHub Copilot) - Cursor - Claude Code - Windsurf - Zed Check it out: #ChakraLaunchWeek

Chakra

19,610 просмотров • 10 месяцев назад

Reviewing AI-generated code is the new bottleneck. Writing code was slow before. Now, in a few minutes, you can generate virtually unlimited lines of code using AI. But developers are now spending 70% of their time checking that code. That's the new bottleneck. I've been using Cline, and they have a feature that actually helps with this: You can click a button and have Cline generate an inline explanation for every single line of AI-generated code. Take a look at the attached video. What it does: 1. You can read the code and the explanation together 2. You don't lose context while reviewing code 3. You understand the "why" behind each change And here is the best part: It works on any git diff. You can use it to review PRs, understand commits from other people, or catch up on a codebase you haven't touched in a while.

Reviewing AI-generated code is the new bottleneck. Writing code was slow before. Now, in a few minutes, you can generate virtually unlimited lines of code using AI. But developers are now spending 70% of their time checking that code. That's the new bottleneck. I've been using Cline, and they have a feature that actually helps with this: You can click a button and have Cline generate an inline explanation for every single line of AI-generated code. Take a look at the attached video. What it does: 1. You can read the code and the explanation together 2. You don't lose context while reviewing code 3. You understand the "why" behind each change And here is the best part: It works on any git diff. You can use it to review PRs, understand commits from other people, or catch up on a codebase you haven't touched in a while.

Santiago

64,392 просмотров • 6 месяцев назад

We've built a massive verification bottleneck: • 72% of developers use AI to generate code every day • 96% of them don't fully trust it Writing code is now free. All the work now is verifying that the code does what it's supposed to. According to a new State of Code Survey, almost half of the respondents believe the number one skill that will matter most in the coming years is "reviewing and validating AI-generated code for quality and security". Not prompt engineering or vibe-coding, but checking AI's work.

We've built a massive verification bottleneck: • 72% of developers use AI to generate code every day • 96% of them don't fully trust it Writing code is now free. All the work now is verifying that the code does what it's supposed to. According to a new State of Code Survey, almost half of the respondents believe the number one skill that will matter most in the coming years is "reviewing and validating AI-generated code for quality and security". Not prompt engineering or vibe-coding, but checking AI's work.

Santiago

16,299 просмотров • 4 месяцев назад

Software Engineering Expectations for 2026 - The majority of your code should be written by AI now - Cursor/Codex/Claude Code/Gemini/etc - You should try all the tooling and switch between them, as each one gets an edge over the others depending on the release cycle. - You should be using AI to check the code that is written by AI - Have AI write tests - Have AI read logs - Have AI navigate your browser - I don't do this every time because sometimes it's simple enough to check it myself - You should still skim code changes - This can be a lighter skim on internal tools and a heavier read through on customer facing code - Use AI to help you define specs

Software Engineering Expectations for 2026 - The majority of your code should be written by AI now - Cursor/Codex/Claude Code/Gemini/etc - You should try all the tooling and switch between them, as each one gets an edge over the others depending on the release cycle. - You should be using AI to check the code that is written by AI - Have AI write tests - Have AI read logs - Have AI navigate your browser - I don't do this every time because sometimes it's simple enough to check it myself - You should still skim code changes - This can be a lighter skim on internal tools and a heavier read through on customer facing code - Use AI to help you define specs

Ben Awad

532,251 просмотров • 5 месяцев назад

I tested a new coding assistant on 34,568 lines of code. (Cursor could not achieve what this tool did.) AI models are improving every day: - Faster inference - Longer context lengths But are AI coding assistants advancing at the same rate? Can they truly understand your entire project? I tested Augment Code on my ai-engineering repo with ~35k lines of code. Augment Code is a powerful AI Assistant built for developers working with large, evolving codebases—needing an assistant that understands the full context of their projects. In the video demo below, I asked it to: - Merge two projects. - Answer a global context question. Here’s what happened: - It understood dependencies across both projects. - It merged them intelligently—without breaking anything. - It even created a README file for the merged project. - It answered my global query instantly, pulling from the full codebase. This is the difference between AI autocomplete and an AI engineer that truly understands your repo. Augment Code is powerful because it indexes your entire repo upfront. This way, it can answer questions instantly, no matter how large your project is. Lastly, Augment Code is fully compatible with VSCode, JetBrains, Vim, Slack, and more. Try them now, I have shared a link in the next tweet! Thanks to Augment Code for showing me their powerful AI coding assistant and working with me on this post.

I tested a new coding assistant on 34,568 lines of code. (Cursor could not achieve what this tool did.) AI models are improving every day: - Faster inference - Longer context lengths But are AI coding assistants advancing at the same rate? Can they truly understand your entire project? I tested Augment Code on my ai-engineering repo with ~35k lines of code. Augment Code is a powerful AI Assistant built for developers working with large, evolving codebases—needing an assistant that understands the full context of their projects. In the video demo below, I asked it to: - Merge two projects. - Answer a global context question. Here’s what happened: - It understood dependencies across both projects. - It merged them intelligently—without breaking anything. - It even created a README file for the merged project. - It answered my global query instantly, pulling from the full codebase. This is the difference between AI autocomplete and an AI engineer that truly understands your repo. Augment Code is powerful because it indexes your entire repo upfront. This way, it can answer questions instantly, no matter how large your project is. Lastly, Augment Code is fully compatible with VSCode, JetBrains, Vim, Slack, and more. Try them now, I have shared a link in the next tweet! Thanks to Augment Code for showing me their powerful AI coding assistant and working with me on this post.

Akshay 🚀

30,789 просмотров • 1 год назад

Introducing Chroma Package Search Enable your AI agents to search the source code of your package dependencies Includes 3 MCP tools: package_search_hybrid() package_search_grep() package_search_read_file() Add it to Cursor, Claude Code, VS Code, and Codex in 5 seconds

Introducing Chroma Package Search Enable your AI agents to search the source code of your package dependencies Includes 3 MCP tools: package_search_hybrid() package_search_grep() package_search_read_file() Add it to Cursor, Claude Code, VS Code, and Codex in 5 seconds

Chroma

41,505 просмотров • 8 месяцев назад

Here's how to build your first MCP tool and server with less than 10 Lines of Python code🐍✨ Tried to make this video as short as possible and show the code, the json config and running the server in vs code with github copilot💜

Here's how to build your first MCP tool and server with less than 10 Lines of Python code🐍✨ Tried to make this video as short as possible and show the code, the json config and running the server in vs code with github copilot💜

Marlene Mhangami

14,113 просмотров • 10 месяцев назад

The Dev Mode MCP Server is now available in beta. Access Dev Mode data directly in your agentic coding workflow → VS Code with Copilot → Cursor → Windsurf → Claude Code

The Dev Mode MCP Server is now available in beta. Access Dev Mode data directly in your agentic coding workflow → VS Code with Copilot → Cursor → Windsurf → Claude Code

Figma

252,707 просмотров • 1 год назад

I force Claude Code to review every single line of code it generates for security vulnerabilities. This is table stakes. Companies shouldn't allow their developers to commit any code without doing this first. (MCP is an amazing way to improve Claude Code's capabilities and generate code that's 10x better than what you get out of the box.)

I force Claude Code to review every single line of code it generates for security vulnerabilities. This is table stakes. Companies shouldn't allow their developers to commit any code without doing this first. (MCP is an amazing way to improve Claude Code's capabilities and generate code that's 10x better than what you get out of the box.)

Santiago

81,625 просмотров • 8 месяцев назад

Good news for devs working in Visual Studio Code! The MongoDB MCP Server connects your MongoDB data to AI clients, such as GitHub Copilot in VS Code. Now you can ask for collection schemas and data samples, manage users and access, and generate queries all using natural language, right from your editor. Give it a try 👉

Good news for devs working in Visual Studio Code! The MongoDB MCP Server connects your MongoDB data to AI clients, such as GitHub Copilot in VS Code. Now you can ask for collection schemas and data samples, manage users and access, and generate queries all using natural language, right from your editor. Give it a try 👉

MongoDB

19,994 просмотров • 1 год назад

"The one thing that's going to be truly future proof is judgment. What is the biggest challenge when you have a thousand AI engineers writing code? AI slop. In an era when you can do everything, the question is which of these things matter. On the engineer side, it is evaluating the code. Which of this code is even valuable? You can have AI engineers writing beautiful code that could be wrong, that could have bugs in it, that could be vulnerable. Someone needs to review it. Make sure to have a human review at some point, especially critical code that is in the core of your system. On the product side is judgment around what needs to be built and evaluating. And similarly in design, you have to have judgment around, does it make sense in the broader design system. I think this judgment is the number one thing that humans are going to bring in an era of infinite productivity."

"The one thing that's going to be truly future proof is judgment. What is the biggest challenge when you have a thousand AI engineers writing code? AI slop. In an era when you can do everything, the question is which of these things matter. On the engineer side, it is evaluating the code. Which of this code is even valuable? You can have AI engineers writing beautiful code that could be wrong, that could have bugs in it, that could be vulnerable. Someone needs to review it. Make sure to have a human review at some point, especially critical code that is in the core of your system. On the product side is judgment around what needs to be built and evaluating. And similarly in design, you have to have judgment around, does it make sense in the broader design system. I think this judgment is the number one thing that humans are going to bring in an era of infinite productivity."

Patrick OShaughnessy

24,818 просмотров • 4 месяцев назад

Introducing Deep Graph MCP for Claude Code 🤩 Claude Code by Anthropic is excellent and arguably one of the best tools for working with code today but... It has one major limitation, its native code search capabilities don't scale well to large repositories. By adding Deep Graph MCP, Claude's ability to explore large codebases improves dramatically. In this thread 🧵 I’ll show you how easy it is to connect this MCP to Claude Code.

Introducing Deep Graph MCP for Claude Code 🤩 Claude Code by Anthropic is excellent and arguably one of the best tools for working with code today but... It has one major limitation, its native code search capabilities don't scale well to large repositories. By adding Deep Graph MCP, Claude's ability to explore large codebases improves dramatically. In this thread 🧵 I’ll show you how easy it is to connect this MCP to Claude Code.

Daniel San

31,352 просмотров • 11 месяцев назад

Here is how to use Claude Code with Unity 6! 🤝 Unity has a native MCP server to let AI handle the boilerplate code while you focus on your game! 🤩 ➡️ Read more at: #unitytips #gamedev #unity3d #unity6 #ai

Here is how to use Claude Code with Unity 6! 🤝 Unity has a native MCP server to let AI handle the boilerplate code while you focus on your game! 🤩 ➡️ Read more at: #unitytips #gamedev #unity3d #unity6 #ai

Sunny Valley Studio

34,772 просмотров • 1 месяц назад

You can now clone any website just by writing a prompt. Simply add the Firecrawl MCP server to your favorite AI coding tool for improved web data extraction, and let Claude code it for you. Here’s how:

You can now clone any website just by writing a prompt. Simply add the Firecrawl MCP server to your favorite AI coding tool for improved web data extraction, and let Claude code it for you. Here’s how:

Alvaro Cintas

83,022 просмотров • 10 месяцев назад

You can now clone any website just by writing a prompt. Simply add the new Firecrawl MCP server to your favorite AI coding tool for improved web data extraction, and let Claude code it for you. Here’s how:

You can now clone any website just by writing a prompt. Simply add the new Firecrawl MCP server to your favorite AI coding tool for improved web data extraction, and let Claude code it for you. Here’s how:

Alvaro Cintas

539,499 просмотров • 1 год назад

I connected the GitHub MCP server to my terminal AI agent, analyzed the code, and generated tests, right inside my terminal! @Warpdotdev just dropped MCP support, and you can now connect external data sources to your terminal's AI agent. It’s free and super easy to set up

I connected the GitHub MCP server to my terminal AI agent, analyzed the code, and generated tests, right inside my terminal! @Warpdotdev just dropped MCP support, and you can now connect external data sources to your terminal's AI agent. It’s free and super easy to set up

Sumanth

14,752 просмотров • 1 год назад

8 rules to improve your AI coding agent. All of these rules work with Claude Code, Cursor, VS Code, and with most programming languages. Automating these rules will 10x the code quality and security produced by your AI coding agents. 1. Dependency checks - Prevent your agent from suggesting insecure libraries based on outdated training data. 2. Secret exposure - Auto-fix the use of hardcoded credentials introduced by your coding agent. 3. File and function size - Automatically refactor any files or functions that exceed a reasonable length. 4. Complexity and parameter limits - Simplify overly complex code written by the agent. 5. SQL Injection - Auto-fix all database interactions with unsanitized user input. 6. Unused variables and imports - Detect and remove dead code. 7. Detect invisible unicode characters in AI rules files - Remove zero-width spaces, direction overrides, and other invisible characters that can hide malicious behavior. 8. Insecure OpenAI API usage - Enforce use of secure OpenAI endpoints, proper authentication, and context isolation Here is how you can automate this: Install the Codacy extension. This will give you access to a CLI for local scanning and an MCP server for agent communication. From here on out, every time you need to generate some code: 1. Your agent will write the code 2. It will then call Codacy's CLI to check it 3. It will find any issues in real time 4. Your coding agent will fix the issues 5. When the code passes all checks, you are done Level of effort on your side: literally zero! Code quality and security because of this: 100x better! Here is the link to download the extension for your IDE: Thanks to the Codacy team for collaborating with me on this post.

8 rules to improve your AI coding agent. All of these rules work with Claude Code, Cursor, VS Code, and with most programming languages. Automating these rules will 10x the code quality and security produced by your AI coding agents. 1. Dependency checks - Prevent your agent from suggesting insecure libraries based on outdated training data. 2. Secret exposure - Auto-fix the use of hardcoded credentials introduced by your coding agent. 3. File and function size - Automatically refactor any files or functions that exceed a reasonable length. 4. Complexity and parameter limits - Simplify overly complex code written by the agent. 5. SQL Injection - Auto-fix all database interactions with unsanitized user input. 6. Unused variables and imports - Detect and remove dead code. 7. Detect invisible unicode characters in AI rules files - Remove zero-width spaces, direction overrides, and other invisible characters that can hide malicious behavior. 8. Insecure OpenAI API usage - Enforce use of secure OpenAI endpoints, proper authentication, and context isolation Here is how you can automate this: Install the Codacy extension. This will give you access to a CLI for local scanning and an MCP server for agent communication. From here on out, every time you need to generate some code: 1. Your agent will write the code 2. It will then call Codacy's CLI to check it 3. It will find any issues in real time 4. Your coding agent will fix the issues 5. When the code passes all checks, you are done Level of effort on your side: literally zero! Code quality and security because of this: 100x better! Here is the link to download the extension for your IDE: Thanks to the Codacy team for collaborating with me on this post.

Santiago

48,469 просмотров • 7 месяцев назад