SonarSource / sonarqube-cli

SonarQube CLI A CLI application for interacting with SonarQube products. > **Beta Notice:** This product is currently in Beta, and we are actively collecting feedback on it. Please share your thoughts via this form! Installation **Linux/Mac OS:** **Windows (from PowerShell):** Setup steps for Claude Code integration Below is an example of a setup which will work for SonarQube Cloud. The authentication step is optional. With authentication, more types of secrets can be detected. Commands Manage authentication tokens and credentials Save authentication token to keychain **Options:** | Option | Type | Required | Description | Default | | -------------------- | ------ | -------- | --------------------------------------------------------------- | ------- | | , | string | No | SonarQube URL (default is SonarQube https://sonarcloud.io) | - | | , | string | No | SonarQube Cloud organization key (required for SonarQube Cloud) | - | | , | string | No | Token value (skips browser, non-interactive mode) | - | **Examples:** Interactive login for SonarQube Cloud with browser Non-interactive login with direct token Non-interactive login for custom server with token --- Remove authentication token from keychain **Options:** | Option | Type | Required | Description | Default | | ---------------- | ------ | -------- | --------------------------------------------------------------- | ------- | | , | string | No | SonarQube server URL | - | | , | string | No | SonarQube Cloud organization key (required for SonarQube Cloud) | - | **Examples:** Remove token for SonarQube Cloud organization Remove token for custom SonarQube server --- Remove all authentication tokens from keychain **Examples:** Interactively remove all saved tokens --- Show active authentication connection with token verification **Examples:** Show current server connection and token status --- Install Sonar tools Install sonar-secrets binary from https://binaries.sonarsource.com **Options:** | Option | Type | Required | Description | Default | | ---------- | ------- | -------- | ----------------------------------------------- | ------- | | | boolean | No | Force reinstall even if already installed | - | | | boolean | No | Check installation status instead of installing | - | **Examples:** Install latest sonar-secrets binary Reinstall sonar-secrets (overwrite existing) Check if sonar-secrets is installed and up to date --- Setup SonarQube integration for AI coding agents, git and others. **Examples:** Integrate Claude Code with interactive setup Integrate globally and install hooks to ~/.claude which will be available for all projects Setup SonarQube integration for Claude Code. This will install secrets scanning hooks, and configure SonarQube MCP Server. **Options:** | Option | Type | Required | Description | Default | | ------------------- | ------- | -------- | --------------------------------------------------------------------------- | ------- | | , | string | No | SonarQube server URL | - | | , | string | No | Project key | - | | , | string | No | Existing authentication token | - | | , | string | No | Organization key (for SonarQube Cloud) | - | | | boolean | No | Non-interactive mode (no prompts) | - | | , | boolean | No | Install hooks and config globally to ~/.claude instead of project directory | - | --- List Sonar resources Search for issues in SonarQube **Options:** | Option | Type | Required | Description | Default | | ----------------- | ------ | -------- | -------------------------------------- | ------- | | , | string | Yes | Project key | - | | , | string | No | Organization key (for SonarQube Cloud) | - | | | string | No | Filter by severity | - | | | string | No | Output format | | | | string | No | Branch name | - | | | string | No | Pull request ID | - | | | number | No | Page size (1-500) | | | | number | No | Page number | | **Examples:** List issues in a project Output issues in TOON format for AI agents --- Search for projects in SonarQube **Options:** | Option | Type | Required | Description | Default | | --------------- | ------ | -------- | ---------------------------------------------- | ------- | | , | string | No | Organization key (for SonarQube Cloud) | - | | , | string | No | Search query to filter projects by name or key | - | | | number | No | Page number | | | | number | No | Page size (1-500) | | **Examples:** List first 500 accessible projects Search projects by name or key Paginate through projects --- Analyze code for security issues Scan files or stdin for hardcoded secrets **Options:** | Option | Type | Required | Description | Default | | --------- | ------- | -------- | ----------------------------------------- | ------- | | | boolean | No | Read from standard input instead of paths | - | **Examples:** Scan a file for hardcoded secrets Scan multiple files for hardcoded secrets Scan stdin for hardcoded secrets --- Run SQAA server-side analysis on a file (SonarQube Cloud only) **Options:** | Option | Type | Required | Description | Default | | ----------- | ------ | -------- | -------------------------------------------------------- | ------- | | | string | Yes | File path to analyze | - | | | string | No | Branch name for analysis context | - | | | string | No | SonarCloud project key (overrides auto-detected project) | - | --- Analyze a file for issues **Options:** | Option | Type | Required | Description | Default | | ----------- | ------ | -------- | -------------------------------------------------------- | ------- | | | string | Yes | File path to analyze | - | | | string | No | Branch name for analysis context | - | | | string | No | SonarCloud project key (overrides auto-detected project) | - | --- Configure CLI settings Configure telemetry settings **Options:** | Option | Type | Required | Description | Default | | ------------ | ------- | -------- | ------------------------------------------------ | -------…