# SonarQube CLI > Code quality and security in your terminal. Scan, integrate, and fix issues — locally or with AI. - Version: 1.0.0 - Install (Linux/macOS): curl -o- https://raw.githubusercontent.com/SonarSource/sonarqube-cli/refs/heads/master/user-scripts/install.sh | bash - Install (Windows): irm https://raw.githubusercontent.com/SonarSource/sonarqube-cli/refs/heads/master/user-scripts/install.ps1 | iex - Machine-readable schema: https://cli.sonarqube.com/data/commands.json - Source: https://github.com/SonarSource/sonarqube-cli - Commands reference: https://cli.sonarqube.com/commands.html ## Quick Start sonar auth login sonar integrate claude -g ## For AI Agents Use `sonar list issues --format toon` to output issues in a format optimized for LLM consumption. Use `sonar list projects` to discover available projects before running analysis. Commands marked with * require prior authentication via `sonar auth login`. ## Commands ### sonar auth Manage authentication tokens and credentials ### sonar auth login Authenticate via browser and save credentials in the system keychain. Must be run manually — agents cannot authenticate themselves. For CI and automation, use environment variables instead: https://docs.sonarsource.com/sonarqube-cli/using-sonarqube-cli/environment-variables Usage: sonar auth login [-s ] [-o ] Options: --server, -s SonarQube Server URL, SonarQube Cloud EU (https://sonarcloud.io), or SonarQube Cloud US (https://sonarqube.us). Defaults to SonarQube Cloud EU. --org, -o SonarQube Cloud organization key (required for SonarQube Cloud) Examples: sonar auth login sonar auth login -s https://sonarqube.my.com/sonarqube ### sonar auth logout Remove active connection token from keychain Usage: sonar auth logout Examples: sonar auth logout ### sonar auth status Show active authentication connection with token verification Usage: sonar auth status Examples: sonar auth status ### sonar list List issues and projects from SonarQube Cloud or Server ### sonar list issues * Search for issues in SonarQube Usage: sonar list issues [-p ] [--statuses ] [--severities ] [--format ] [--branch ] [--pull-request ] [--page-size ] [--page ] Options: --project, -p Project key --statuses Filter by status (comma-separated list of: OPEN, CONFIRMED, FALSE_POSITIVE, ACCEPTED, FIXED) --severities Filter by severity (comma-separated list of: INFO, MINOR, MAJOR, CRITICAL, BLOCKER) --format Output format --branch Branch name --pull-request Pull request ID --page-size Page size (1-500) --page Page number Examples: sonar list issues -p my-project sonar list issues -p my-project --format toon ### sonar list projects * Search for projects in SonarQube Usage: sonar list projects [-q ] [--page ] [--page-size ] Options: --query, -q Search query to filter projects by name or key --page Page number --page-size Page size (1-500) Examples: sonar list projects sonar list projects -q my-project sonar list projects --page 2 --page-size 50 ### sonar api * Make authenticated API requests to SonarQube Usage: sonar api [-d ] [--verbose] Options: --data, -d JSON string for request body. The tool will automatically format as either form data or JSON body. --verbose, -v Print request and response details for debugging. Examples: sonar api get "/api/favorites/search" sonar api get "/api/rules/search?organization=my-org&languages=ts" sonar api post "/api/user_tokens/generate" --data '{"name":"my-token"}' sonar api post "/api/issues/do_transition" --data '{"issue":"AYx1z2","transition":"accept"}' sonar api get "/analysis/engine" sonar api get "/api/system/status" --verbose sonar api post "/api/user_tokens/revoke" --data '{"name":"my-token"}' ### sonar integrate Setup SonarQube integration for AI coding agents, git and others. Examples: sonar integrate claude -s https://sonarcloud.io -p my-project sonar integrate claude -g ### sonar integrate git * Install a Git pre-commit hook that scans staged files for secrets before each commit, or a Git pre-push hook that scans committed files for secrets before each push. Usage: sonar integrate git [--hook ] [--force] [--non-interactive] [--global] Options: --hook Hook to install: pre-commit (scan staged files) or pre-push (scan files in unpushed commits) --force Overwrite existing hook if it is not from sonar integrate git --non-interactive Non-interactive mode (no prompts) --global Install hook globally for all repositories (sets git config --global core.hooksPath) Examples: sonar integrate git sonar integrate git --hook pre-push sonar integrate git --global sonar integrate git --hook pre-push --global --non-interactive ### sonar integrate claude * Setup SonarQube integration for Claude Code. This will install secrets scanning hooks, configure SonarQube Agentic Analysis and MCP Server. Usage: sonar integrate claude [-p ] [--non-interactive] [--global] [--skip-context] Options: --project, -p Project key. Ignored when --global is used. --non-interactive Non-interactive mode (no prompts) --global, -g Install hooks and config globally to ~/.claude instead of project directory --skip-context Skip the sonar-context-augmentation install/init/skill step ### sonar integrate copilot * Setup SonarQube integration for Copilot. This will install secrets scanning hooks, configure SonarQube Agentic Analysis and MCP Server. Usage: sonar integrate copilot [--global] [-p ] [--non-interactive] [--skip-context] Options: --global, -g Install hooks and config globally to ~/.copilot instead of project directory --project, -p Project key. Mutually exclusive with --global. --non-interactive Non-interactive mode (no prompts) --skip-context Skip the sonar-context-augmentation install/init/skill step ### sonar integrate codex * Setup SonarQube integration for Codex. This will install a UserPromptSubmit hook that scans prompts for secrets before they are sent. Usage: sonar integrate codex [--global] [-p ] [--non-interactive] [--skip-context] Options: --global, -g Install hook and config globally to ~/.codex instead of project directory --project, -p Project key. Mutually exclusive with --global. --non-interactive Non-interactive mode (no prompts) --skip-context Skip the sonar-context-augmentation install/init/skill step ### sonar context Augment AI agents with context from your codebase (beta: subject to change) Usage: sonar context [action] [args] ### sonar analyze * Analyze code for quality and security issues ### sonar analyze secrets * Scan files or stdin for hardcoded secrets Usage: sonar analyze secrets [--stdin] [paths] Options: --stdin Read from standard input instead of paths Examples: sonar analyze secrets src/config.ts sonar analyze secrets src/file1.ts src/file2.ts cat .env | sonar analyze secrets --stdin ### sonar analyze dependency-risks * Analyze project dependencies for security and license risks (beta: subject to change) Usage: sonar analyze dependency-risks [-p ] [--format ] [--statuses ] Options: --project, -p Project key --format Output format --statuses Filter issues by status Raw: new | open | confirm | accept | safe | fixed Presets: active | to_fix | all active: new, open, confirm to_fix: new, open, confirm, accept all: new, open, confirm, accept, safe, fixed Presets and raw statuses can be combined; the resulting set is the union. Examples: --statuses active --statuses new,confirm --statuses active,safe ### sonar analyze agentic * Run server-side Agentic Analysis (SonarQube Cloud only). Limitations apply. Usage: sonar analyze agentic [--file ] [--staged] [--base ] [-p ] [--force] [--format ] [--branch ] Options: --file Analyze a single file (skips change set detection) --staged Analyze staged files only (git diff --cached) --base Analyze files changed vs a branch or ref (e.g. main) --project, -p SonarQube Cloud project key (overrides auto-detected project) --force Skip the large change set confirmation prompt --format Output format --branch Branch name for analysis context ### sonar remediate * Trigger AI agent remediation for eligible issues (SonarQube Cloud only) Usage: sonar remediate [-p ] [--issues ] Options: --project, -p SonarQube Cloud project key (overrides auto-detected project) --issues Comma-separated issue keys to remediate non-interactively (max 20). Required when stdin is not a TTY. ### sonar config Configure CLI settings ### sonar config telemetry Configure telemetry settings Usage: sonar config telemetry [--enabled] [--disabled] Options: --enabled Enable collection of anonymous usage statistics --disabled Disable collection of anonymous usage statistics Examples: sonar config telemetry --enabled sonar config telemetry --disabled ### sonar system System diagnostics and maintenance commands for the SonarQube CLI installation. ### sonar system status Show overall system status: authentication, installed binaries, and integrations Usage: sonar system status [--json] Options: --json Output as JSON for machine consumption ### sonar system reset Reset the CLI to factory defaults: remove tokens, binaries, integrations, and cached files. Telemetry settings are preserved. Usage: sonar system reset [--force] Options: --force Skip the interactive confirmation prompt (required for non-interactive use) ### sonar self-update Update SonarQube CLI to the latest version Usage: sonar self-update [--status] [--force] Options: --status Check for a newer version without installing --force Install the latest version even if already up to date