OLIVIER SCHMITT's Portfolio

Dynamic and adaptable engineer
Resume LinkedIn

SonarSweep

SonarSweep is an advanced data quality service that remediates, secures, and optimizes code datasets used for training large language models (LLMs). By automatically detecting and fixing bugs, vulnerabilities, and code quality issues at scale, SonarSweep ensures that AI models generate safer, more reliable, and maintainable code.

Key facts:
  • Time range: 2025
  • Context: Sonar
  • Role: Research Engineer
Features:
  • Automated bug, vulnerability, and code quality remediation at scale
  • Strict dataset filtering and balancing for diverse, representative model learning
  • Transforms flawed code into high-quality training examples, preserving valuable context
  • Reduces training costs by improving sample efficiency
  • Powered by Sonar’s industry-leading static analysis engine
  • Demonstrated improvements in generated code quality and security
  • Check Assessing the Quality and Security of AI-Generated Code for more details

Sonar Grip

An experimental product that blends Sonar Clean Code and GenAI. Grip evolved into a GA product named Sonar AI CodeFix.

Key facts:
  • Time range: 2024
  • Context: Sonar
  • Role: Full Stack
Features:
  • It provides code quick fixes for 1000+ issue types.
  • Python, FastAPI, ALB, Global Accelerator, Fargate, S3, CDK, OpenAI.

Performance Validation Framework

A platform to validate Sonar Security's performance against 200+ open-source projects.

Key facts:
  • Time range: 2023
  • Context: Sonar
  • Role: Cloud Platform Architect, Cloud Engineer
Features:
  • It runs 500+ tasks daily and computes KPIs.
  • It led Sonar Security's performance to improve by 80%.
  • Scalable and resilient.
  • Python, Fargate, S3, CDK.

Deeper SAST

Deeper SAST is a groundbreaking security feature of Sonar Security.

Key facts:
  • Time range: 2023
  • Context: Sonar
  • Role: Cloud Platform Architect, Cloud Engineer
Features:
  • It provides a cloud platform for Deeper SAST data, the coverage of 1000+ open-source libraries.
  • Scalable and resilient.
  • Python, Step functions, Lambda, Batch, Fargate, S3, Backup, CDK.
  • Check Deeper SAST for more details.

Sonarcloud Performance Platform

Provides performance platform for SonarCloud.

Key facts:
  • Time range: 2022
  • Context: Sonar
  • Role: Cloud Engineer, Cloud Platform Architect
Features:
  • Simulates a prod-like workload.
  • AWS based, Fargate, EC2, S3, CDK, Taurus, Jmeter.

Yet Another COVID Data Story - What Do Mobility Data Reveal on Lockdown vs Non-Lockdown Policies?

An article I published in The Startup.

Key facts:
  • Time range: 2020
  • Context: Personal
  • Role: Writer
Features:
  • data-driven COVID story
  • Python, Pandas and Matplotlib

Sonarcloud Analytics

Provides an internal analytics product to Sonar.

Key facts:
  • Time range: 2019/2021
  • Context: Sonar
  • Role: Cloud Engineer, Data Engineer, Cloud Platform Architect
Features:
  • AWS based, Athena, Kinesis, Aurora, S3, Step Functions, Quicksight, Lambda, CDK.

Sonarcloud Automatic analysis

This is the future of code quality in the cloud! Check product page.

Key facts:
  • Time range: 2018/2019
  • Context: Sonar
  • Role: Cloud Engineer, Data Engineer, Cloud Platform Architect
Features:
  • Check sonarcloud documentation
  • AWS based, EKS, Fargate, EC2, API GW, S3, Backup, DynamoDB, Aurora, Lambda, CDK.

DepMap

DepMap is an internal product dedicated to project managers, program managers, technical leaders, and developers. It provides an overview considering dependencies between software components. DepMap scans an SVN repository and extracts all types of Maven metadata.

Key facts:
  • Time range: 2015/2016
  • Context: French Ministry Of Agriculture
  • Role: Architect, Tech Lead
Features:
  • Computes a release path for every project by taking dependencies into account, before releasing A, B must be released, then C.
  • Spots potential technical debt in dependency trees, your project Z uses Component B in version 1.0, but version 1.1 is available.
  • Detects database projects and connect to databases in order to check compliance (FlyWay based).
  • Java, Spring Boot, JMeter, Maven, OpenStack, Grafana.
Screenshots:

TaaS

The TaaS application is a Spring Boot internal product which provides a Test As A Service. One can create a full test platform on his workstation and/or in an Openstack cloud. TaaS was meant as a Minimum Viable Product to illustrate the power of Docker and Openstack together. The purpose of the service was to provide stakeholders with valuable insights on cloud service development.

Key facts:
  • Time range: 2016/2017
  • Context: French Ministry Of Agriculture
  • Role: Full Stack Developer
Features:
  • Relies heavily on Docker, JMeter, Grafana and InfluxDB are containerized
  • An API to provision a test platform locally or/and remotely
  • A capacity to provision Docker host VMs in an Openstack cloud using Openstack4j
  • An UI to provision a test platform, JMeter injectors and a reporting service (Grafana+InfluxDB)
  • Upload and download files to platform's injectors in a single API call
  • Solves networking issues, SSH port forwarding technique to enable communication between the JMeter master and his slaves
Screenshots:

Orion

Architected and led the development of Orion, a custom JEE framework built from the ground up. Designed to standardize development, it successfully powered over 200 business applications over a decade.

Key facts:
  • Time range: 2003/2015
  • Context: French Ministry Of Agriculture
  • Role: Architect, Tech Lead
Features:
  • Built on top of JSF, Hibernate, Spring IOC, and so on.
  • RGAA compliance
  • 50+ JSF components, data tables, menus, forms, auto complete, ...
  • Bootstrap enabled
  • Powerful Ajax features
  • Advanced authorization engine based on RBAC model, protect business data
  • A Maven LESS Compiler plugin, theme builder for the UI layer