Skip to content

Releases: SonarSource/sonarqube-cli

0.6.1.603

18 Mar 08:56
@github-actions github-actions
0.6.1.603
5829314

Choose a tag to compare

View all tags
0.6.1.603 Latest
Latest

For full release notes, see JIRA

Assets 2
Loading

0.6.0.579

17 Mar 08:48
@github-actions github-actions
0.6.0.579
204c01d
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
0.6.0.579

SonarQube CLI v0.6.0

This release introduces the sonar verify command for running SonarQube Agentic Analysis, a high-performance service designed to integrate SonarQube's static analysis directly into AI coding workflows. Other features: a self-update mechanism, and several usability improvements, alongside a comprehensive round of bug fixes for hooks, issue listing, and organization resolution.

Features

  • New sonar verify command — A dedicated command for running analysis with SonarQube Agentic Analysis, also exposed as a sonar analyze sqaa command.
  • New sonar self-update command — The CLI can now update itself, and automatically update installed binaries and integrations.
  • Improved sonar analyze secrets parameters — The command now accepts a list of files (the unnecessary --file option was removed)
  • Add new sonar list -o / --org option — Org can now be passed directly without relying on current configuration.
  • Simplified organization selection — The organization is now resolved automatically where possible, reducing the need to specify it manually.
  • Improved error reporting — All error types are now consistently logged, making failures easier to diagnose.

Bug Fixes

  • sonar integrate claude — correctly derives the org from the project configuration rather than the auth connection.
  • sonar list issues — Fixed the project filter being ignored when listing issues on SonarQube Server.
  • sonar list — The list command now works correctly when authentication is supplied via environment variables.
  • sonar integrate claude — The generated hook template now uses the correct analyze subcommand.
  • sonar integrate claude — Hooks now correctly parse JSON output formatted by Claude Code.
  • sonar integrate claude -g — Fixed global integration incorrectly replacing project-level agentExtensions with a wrong projectRoot.
Loading

0.5.0.409

04 Mar 13:46
@github-actions github-actions
0.5.0.409
e647c38
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
0.5.0.409

SonarQube CLI v0.5.0 — Public Beta

First public release of sonar, a CLI for SonarQube Server and SonarQube Cloud.

Features

  • Auth — browser-based or token login via sonar auth login; auto-discovers server URL and org from
    sonar-project.properties or .sonarlint/connectedMode.json; credentials stored in the OS keychain
  • Claude Code integration — sonar integrate claude installs hooks to scan files for secrets before use; supports -g
    for global install
  • Issue queries — sonar list issues with filters for severity, branch, pull request, type, status, rule, and tag;
    --all for full result sets
  • Project queries — sonar list projects with free-text search and pagination
  • Secrets scanning — sonar analyze secrets scans a file or piped stdin; sonar install secrets to install the
    verification tool
  • Output formats — json, table, csv, toon (AI-optimized) across list commands
  • Telemetry — anonymous usage stats, opt out with sonar config telemetry --disabled

Bug Fixes

None — initial release.

Loading