# Commands {% hint style="warning" %} This product is in Beta stage and breaking changes may be released. The documentation here matches the release version listed in the table of contents. {% endhint %} This page is a reference for all SonarQube CLI commands. Each command entry includes a description, a table of available options with their types, whether they are required, and default values, plus usage examples. The available top-level commands are: | Command | Description | | ------------------- | ------------------------------------------------------------------ | | `sonar api` | Make authenticated API requests to SonarQube | | `sonar auth` | Manage authentication tokens and credentials | | `sonar integrate` | Set up SonarQube integration with AI coding agents and other tools | | `sonar list` | List SonarQube resources such as issues and projects | | `sonar analyze` | Analyze code for security issues | | `sonar verify` | Analyze a file for issues | | `sonar config` | Configure CLI settings | | `sonar self-update` | Update the sonar CLI to the latest version | *** ## `sonar api` Make authenticated API requests to SonarQube. **Arguments:** | Argument | Description | | ------------ | ------------------------------------------------------------------------ | | `` | HTTP method (`get`, `post`, `patch`, `put`, `delete`) | | `` | API endpoint path. Must start with `/` and can contain query parameters. | **Options:** | Option | Type | Required | Description | Default | | ----------------- | ------- | -------- | -------------------------------------------------------------------------------- | ------- | | `--data`, `-d` | string | No | JSON string for request body. Automatically formatted as form data or JSON body. | - | | `--verbose`, `-v` | boolean | No | Print request and response details for debugging. | - | **Examples:** List favorite projects. ```bash sonar api get "/api/favorites/search" ``` Search for rules in an organization. ```bash sonar api get "/api/rules/search?organization=org-name" ``` Generate a new user token. ```bash sonar api post "/api/user_tokens/generate" --data '{"name":"my-new-token"}' ``` Accept an issue. ```bash sonar api post "/api/issues/do_transition" --data '{"issue":"issue-id","transition":"accept"}' ``` *** ## `sonar auth` Manage authentication tokens and credentials. ## `sonar auth login` Save an authentication token to the keychain. **Options:** | Option | Type | Required | Description | Default | | -------------------- | ------ | -------- | --------------------------------------------------------------- | ------- | | `--server`, `-s` | string | No | SonarQube server URL (default is SonarQube Cloud) | - | | `--org`, `-o` | string | No | SonarQube Cloud organization key (required for SonarQube Cloud) | - | | `--with-token`, `-t` | string | No | Token value (skips browser, non-interactive mode) | - | **Examples:** Interactive login for SonarQube Cloud with a browser. ```bash sonar auth login ``` Non-interactive login with a direct token. ```bash sonar auth login -o my-org -t squ_abc123 ``` Non-interactive login for a custom server with a token. ```bash sonar auth login -s https://my-sonarqube.io --with-token squ_def456 ``` *** ## `sonar auth logout` Remove the authentication token from the keychain. **Examples:** Remove the active authentication token. ```bash sonar auth logout ``` *** ## `sonar auth purge` Remove all authentication tokens from the keychain. **Examples:** Interactively remove all saved tokens. ```bash sonar auth purge ``` *** ## `sonar auth status` Show the active authentication connection with token verification. **Examples:** Show the current server connection and token status. ```bash sonar auth status ``` *** ## `sonar integrate` Set up SonarQube integration for AI coding agents, git, and others. ## `sonar integrate claude` Set up SonarQube integration for Claude Code. This installs secrets scanning hooks and configures the SonarQube MCP Server. **Options:** | Option | Type | Required | Description | Default | | ------------------- | ------- | -------- | ---------------------------------------------------------------------------- | ------- | | `--project`, `-p` | string | No | Project key | - | | `--non-interactive` | boolean | No | Non-interactive mode (no prompts) | - | | `--global`, `-g` | boolean | No | Install hooks and config globally to \~/.claude instead of project directory | - | **Examples:** Integrate Claude Code with an interactive setup. ```bash sonar integrate claude -p my-project ``` Integrate globally and install hooks in \~/.claude that will be available for all projects. ```bash sonar integrate claude -g -p my-project ``` *** ## `sonar integrate git` Install a git hook that scans staged files for secrets before each commit (`pre-commit`) or scans committed files for secrets before each push (`pre-push`). **Options:** | Option | Type | Required | Description | Default | | ------------------- | ------- | -------- | ------------------------------------------------------------------------------------------------ | ------- | | `--hook` | string | No | Hook to install: `pre-commit` (scan staged files) or `pre-push` (scan files in unpushed commits) | - | | `--force` | boolean | No | Overwrite an existing hook if it is not from `sonar integrate git` | - | | `--non-interactive` | boolean | No | Non-interactive mode (no prompts) | - | | `--global` | boolean | No | Install hook globally for all repositories (sets `git config --global core.hooksPath`) | - | **Examples:** Install a pre-commit hook that scans staged files for secrets (interactive). ```bash sonar integrate git ``` Install a pre-push hook that scans committed files for secrets before pushing. ```bash sonar integrate git --hook pre-push ``` Install a staged-file secrets hook globally for all repositories (sets git config --global core.hooksPath). ```bash sonar integrate git --global ``` Non-interactive: install a pre-push secrets hook globally for all repositories. ```bash sonar integrate git --hook pre-push --global --non-interactive ``` *** ## `sonar list` List Sonar resources. ## `sonar list issues` Search for issues in SonarQube. **Options:** | Option | Type | Required | Description | Default | | ----------------- | ------ | -------- | ------------------ | ------- | | `--project`, `-p` | string | Yes | Project key | - | | `--severity` | string | No | Filter by severity | - | | `--format` | string | No | Output format | `json` | | `--branch` | string | No | Branch name | - | | `--pull-request` | string | No | Pull request ID | - | | `--page-size` | number | No | Page size (1-500) | `500` | | `--page` | number | No | Page number | `1` | **Examples:** List issues in a project. ```bash sonar list issues -p my-project ``` Output issues in TOON format for AI agents. ```bash sonar list issues -p my-project --format toon ``` Filter issues by severity. ```bash sonar list issues -p my-project --severity CRITICAL ``` *** ## `sonar list projects` Search for projects in SonarQube. **Options:** | Option | Type | Required | Description | Default | | --------------- | ------ | -------- | ---------------------------------------------- | ------- | | `--query`, `-q` | string | No | Search query to filter projects by name or key | - | | `--page` | number | No | Page number | `1` | | `--page-size` | number | No | Page size (1-500) | `500` | **Examples:** List the first 500 accessible projects. ```bash sonar list projects ``` Search projects by name or key. ```bash sonar list projects -q my-project ``` Paginate through projects. ```bash sonar list projects --page 2 --page-size 50 ``` *** ## `sonar analyze` Analyze code for security issues. ## `sonar analyze secrets` Scan files or stdin for hardcoded secrets. **Arguments:** | Argument | Description | | ---------- | ------------------------------------------- | | `[paths…]` | File or directory paths to scan for secrets | **Options:** | Option | Type | Required | Description | Default | | --------- | ------- | -------- | ----------------------------------------- | ------- | | `--stdin` | boolean | No | Read from standard input instead of paths | - | **Examples:** Scan a file for hardcoded secrets. ```bash sonar analyze secrets src/config.ts ``` Scan stdin for hardcoded secrets. ```bash cat .env | sonar analyze secrets --stdin ``` *** ## `sonar analyze sqaa` Run SonarQube Agentic Analysis server-side analysis on a file (SonarQube Cloud only). **Options:** | Option | Type | Required | Description | Default | | ----------- | ------ | -------- | ------------------------------------------------------------- | ------- | | `--file` | string | Yes | File path to analyze | - | | `--branch` | string | No | Branch name for analysis context | - | | `--project` | string | No | SonarQube Cloud project key (overrides auto-detected project) | - | **Examples:** Run SonarQube Agentic Analysis analysis on a file. ```bash sonar analyze sqaa --file src/app.ts ``` Run an analysis on a specific branch. ```bash sonar analyze sqaa --file src/app.ts --branch main ``` *** ## `sonar verify` Analyze a file for issues. **Options:** | Option | Type | Required | Description | Default | | ----------- | ------ | -------- | ------------------------------------------------------------- | ------- | | `--file` | string | Yes | File path to analyze | - | | `--branch` | string | No | Branch name for analysis context | - | | `--project` | string | No | SonarQube Cloud project key (overrides auto-detected project) | - | **Examples:** Analyze a file for issues. ```bash sonar verify --file src/app.ts ``` Analyze a file on a specific branch. ```bash sonar verify --file src/app.ts --branch main ``` *** ## `sonar config` Configure CLI settings. ## `sonar config telemetry` Configure telemetry settings. **Options:** | Option | Type | Required | Description | Default | | ------------ | ------- | -------- | ------------------------------------------------ | ------- | | `--enabled` | boolean | No | Enable collection of anonymous usage statistics | - | | `--disabled` | boolean | No | Disable collection of anonymous usage statistics | - | **Examples:** Enable the collection of anonymous usage statistics. ```bash sonar config telemetry --enabled ``` Disable the collection of anonymous usage statistics. ```bash sonar config telemetry --disabled ``` *** ## `sonar self-update` Update the sonar CLI to the latest version. **Options:** | Option | Type | Required | Description | Default | | ---------- | ------- | -------- | ----------------------------------------------------- | ------- | | `--status` | boolean | No | Check for a newer version without installing | - | | `--force` | boolean | No | Install the latest version even if already up to date | - | **Examples:** Update the CLI to the latest version. ```bash sonar self-update ``` Check if a newer version is available. ```bash sonar self-update --status ``` Force reinstall the latest version. ```bash sonar self-update --force ```