SonarQube CLI

A CLI application for interacting with SonarQube products.

Beta Notice: This product is currently in Beta, and we are actively collecting feedback on it. Please share your thoughts via this form!

Installation

Linux/Mac OS:

curl -o- https://raw.githubusercontent.com/SonarSource/sonarqube-cli/refs/heads/master/user-scripts/install.sh | bash

Windows (from PowerShell):

irm https://raw.githubusercontent.com/SonarSource/sonarqube-cli/refs/heads/master/user-scripts/install.ps1 | iex

Setup steps for Claude Code integration

Below is an example of a setup which will work for SonarQube Cloud. The authentication step is optional. With authentication, more types of secrets can be detected.

sonar auth login
sonar integrate claude -g

Commands

sonar auth

Manage authentication tokens and credentials

sonar auth login

Save authentication token to keychain

Options:

Option	Type	Required	Description	Default
--server, -s	string	No	SonarQube URL (default is SonarQube https://sonarcloud.io)	-
--org, -o	string	No	SonarQube Cloud organization key (required for SonarQube Cloud)	-
--with-token, -t	string	No	Token value (skips browser, non-interactive mode)	-

Examples:

Interactive login for SonarQube Cloud with browser

sonar auth login

Non-interactive login with direct token

sonar auth login -o my-org -t squ_abc123

Non-interactive login for custom server with token

sonar auth login -s https://my-sonarqube.io --with-token squ_def456

---

sonar auth logout

Remove active connection token from keychain

Examples:

Remove active connection token from keychain

sonar auth logout

---

sonar auth purge

Remove all authentication tokens from keychain

Examples:

Interactively remove all saved tokens

sonar auth purge

---

sonar auth status

Show active authentication connection with token verification

Examples:

Show current server connection and token status

sonar auth status

---

sonar integrate

Setup SonarQube integration for AI coding agents, git and others.

Examples:

Integrate Claude Code with interactive setup

sonar integrate claude -s https://sonarcloud.io -p my-project

Integrate globally and install hooks to ~/.claude which will be available for all projects

sonar integrate claude -g

sonar integrate claude

Setup SonarQube integration for Claude Code. This will install secrets scanning hooks, and configure SonarQube MCP Server.

Options:

Option	Type	Required	Description	Default
--project, -p	string	No	Project key	-
--non-interactive	boolean	No	Non-interactive mode (no prompts)	-
--global, -g	boolean	No	Install hooks and config globally to ~/.claude instead of project directory	-

---

sonar integrate git

Install a git hook that scans staged files for secrets before each commit (pre-commit) or scans committed files for secrets before each push (pre-push).

Options:

Option	Type	Required	Description	Default
--hook	string	No	Hook to install: pre-commit (scan staged files) or pre-push (scan files in unpushed commits)	-
--force	boolean	No	Overwrite existing hook if it is not from sonar integrate git	-
--non-interactive	boolean	No	Non-interactive mode (no prompts)	-
--global	boolean	No	Install hook globally for all repositories (sets git config --global core.hooksPath)	-

Examples:

Install a pre-commit hook that scans staged files for secrets (interactive)

sonar integrate git

Install a pre-push hook that scans committed files for secrets before pushing

sonar integrate git --hook pre-push

Install a staged-file secrets hook globally for all repositories (sets git config --global core.hooksPath)

sonar integrate git --global

Non-interactive: install a pre-push secrets hook globally for all repositories

sonar integrate git --hook pre-push --global --non-interactive

---

sonar list

List Sonar resources

sonar list issues

Search for issues in SonarQube

Options:

Option	Type	Required	Description	Default
--project, -p	string	Yes	Project key	-
--severity	string	No	Filter by severity	-
--format	string	No	Output format	json
--branch	string	No	Branch name	-
--pull-request	string	No	Pull request ID	-
--page-size	number	No	Page size (1-500)	500
--page	number	No	Page number	1

Examples:

List issues in a project

sonar list issues -p my-project

Output issues in TOON format for AI agents

sonar list issues -p my-project --format toon

---

sonar list projects

Search for projects in SonarQube

Options:

Option	Type	Required	Description	Default
--query, -q	string	No	Search query to filter projects by name or key	-
--page	number	No	Page number	1
--page-size	number	No	Page size (1-500)	500

Examples:

List first 500 accessible projects

sonar list projects

Search projects by name or key

sonar list projects -q my-project

Paginate through projects

sonar list projects --page 2 --page-size 50

---

sonar analyze

Analyze code for security issues

sonar analyze secrets

Scan files or stdin for hardcoded secrets

Options:

Option	Type	Required	Description	Default
--stdin	boolean	No	Read from standard input instead of paths	-

Examples:

Scan a file for hardcoded secrets

sonar analyze secrets src/config.ts

Scan multiple files for hardcoded secrets

sonar analyze secrets src/file1.ts src/file2.ts

Scan stdin for hardcoded secrets

cat .env | sonar analyze secrets --stdin

---

sonar analyze sqaa

Run SQAA server-side analysis on a file (SonarQube Cloud only)

Options:

Option	Type	Required	Description	Default
--file	string	Yes	File path to analyze	-
--branch	string	No	Branch name for analysis context	-
--project	string	No	SonarCloud project key (overrides auto-detected project)	-

---

sonar verify

Analyze a file for issues

Options:

Option	Type	Required	Description	Default
--file	string	Yes	File path to analyze	-
--branch	string	No	Branch name for analysis context	-
--project	string	No	SonarCloud project key (overrides auto-detected project)	-

---

sonar config

Configure CLI settings

sonar config telemetry

Configure telemetry settings

Options:

Option	Type	Required	Description	Default
--enabled	boolean	No	Enable collection of anonymous usage statistics	-
--disabled	boolean	No	Disable collection of anonymous usage statistics	-

Examples:

Enable collection of anonymous usage statistics

sonar config telemetry --enabled

Disable collection of anonymous usage statistics

sonar config telemetry --disabled

---

sonar self-update

Update sonar CLI to the latest version

Options:

Option	Type	Required	Description	Default
--status	boolean	No	Check for a newer version without installing	-
--force	boolean	No	Install the latest version even if already up to date	-

---

Option Types

• string — text value (e.g. --server https://sonarcloud.io)
• boolean — flag (e.g. --verbose)
• number — numeric value (e.g. --page-size 100)
• array — multiple values (e.g. --tags tag1 tag2)

Exit Codes

Code	Meaning
0	Success
1	Error (validation, execution, etc.)

---

State Management

See State Management for more information.

Data collection

The SonarQube CLI collects anonymous usage data and error reports to help improve the product.

Telemetry: Anonymous command usage statistics are sent to SonarSource.

Error reporting: Unhandled exceptions are reported to Sentry to help us identify and fix crashes.

Both are enabled by default and share the same opt-out toggle. To disable all data collection:

sonar config telemetry --disabled

No personally identifiable information is transmitted. File paths in error reports are anonymized by replacing your home directory with ~.

Contributing

Please be aware that we are not actively looking for feature contributions. The truth is that it's extremely difficult for someone outside SonarSource to comply with our roadmap and expectations. Therefore, we typically only accept minor cosmetic changes and typo fixes.

See CONTRIBUTING.md for setup instructions, coding guidelines, and how to run tests.

License

Copyright 2026 SonarSource Sàrl.

SonarQube CLI is released under the GNU Lesser General Public License, Version 3.0⁠,.

Generated from src/cli/command-tree.ts — do not edit manually