# AI Code Review

{% hint style="info" %}
AI Code Review is currently in alpha.
{% endhint %}

It combines SonarQube's deterministic static analysis with context-aware AI to help engineers review, understand, and approve code faster. It posts inline review comments, change summaries, and on-demand walkthroughs and architecture diagrams directly on pull requests.

## Requirements

### SonarQube requirements

* You must have a SonarQube Cloud account.
* Your SonarQube Cloud organization must be on the Team or Enterprise plan. See [Plans and pricing](https://www.sonarsource.com/plans-and-pricing/sonarcloud/) for details.
* Each repository you want reviewed must have a corresponding organization and project bound to GitHub in SonarQube Cloud. See [binding-unbound-organization](https://docs.sonarsource.com/sonarqube-cloud/administering-sonarcloud/managing-organization/creating-organization/binding-unbound-organization "mention") for more details. If this connection doesn’t exist, AI Code Review will skip its review. If the connection exists but the analysis doesn’t succeed due to timeout, network issues, or other issues, then AI Code Review will fall back on the AI-only review.

### DevOps platform requirements

* AI Code Review currently supports GitHub. Support for Azure DevOps, Bitbucket, and GitLab is coming soon.
* Repositories must use pull requests as the code review workflow. AI Code Review triggers on pull request creation, update, and an explicit command through a comment.
* Draft pull requests are not reviewed automatically. Once you convert a draft pull request to a ready for review pull request, the AI Code Review is triggered. See [#triggering-a-review](#triggering-a-review "mention") for more details.

The following are not supported in the current release:

* Bitbucket, Azure DevOps and GitLab.
* SCA (software composition analysis) findings in reviews.
* Architecture findings in reviews.
* On-premises LLM / bring-your-own-LLM support.
* Repositories analyzed with SonarQube Server instead of SonarQube Cloud.

Once you install AI Code Review GitHub App on your organization’s repositories, no additional infrastructure, CI configuration, or external API keys are required. All processing happens within the Sonar platform.

## Setup guide

1. Install [Sonar Review GitHub app](https://github.com/apps/sonar-review-alpha) on your GitHub organization.
   1. Select **All repositories** or **Only select repositories** with *Read access to issues and metadata* and *Read and write access to checks, code, and pull requests*.
   2. Click **Install**.
2. Fill out this [interest form](https://docs.google.com/forms/d/e/1FAIpQLSdwCxqaIYmxyFeWC40CPID-qfrvIZnUjK06j-zDHKN973j88Q/viewform?usp=sharing\&ouid=103589099946429428731) to provide the needed information so we can add you to the allow list.

## Triggering a review

AI Code Review runs automatically whenever a pull request is opened or updated.

<figure><img src="https://2223713658-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FB4UT2GNiZKjtxFtcFAL7%2Fuploads%2FrHNv1b9G2jg4e1IvIQnM%2Fsr-summary-options.png?alt=media&#x26;token=e0ad93b7-a97c-4945-b75f-11d414ac4a9a" alt="Sonar Review summary with options to generate walkthrough and diagram"><figcaption></figcaption></figure>

You can also trigger or extend a review manually, even on a draft pull request:

* Comment `@sonar-review-alpha review` in a pull request comment.
* Tick the **Generate Walkthrough** checkbox in the bot's summary comment to request a step-by-step walkthrough of the changes.
* Tick the **Generate Diagram** checkbox to request an architecture diagram.

<figure><img src="https://2223713658-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FB4UT2GNiZKjtxFtcFAL7%2Fuploads%2FBaPSYKay8MIeOdeDoU0F%2Fsr-diagram.png?alt=media&#x26;token=a3106e26-9641-49cd-aec9-b4fb47886c60" alt="Sonar Review diagram"><figcaption></figcaption></figure>

* To ask follow-up questions or challenge a finding, reply directly to any of the bot's review comments. AI Code Review will respond with additional context and, where appropriate, refine its suggestion.

<figure><img src="https://2223713658-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FB4UT2GNiZKjtxFtcFAL7%2Fuploads%2FeuyU2d9yC3M12pwSRKmH%2Fsr-comments.png?alt=media&#x26;token=e2afd359-0476-429e-8236-e1ffae0d06de" alt="Comments left by the bot"><figcaption></figcaption></figure>

## Canceling a review

To cancel an ongoing review enter `@sonar-review-alpha cancel` in the PR’s comment.

## Using AI Code Review with agentic IDEs and CLIs

AI Code Review is designed to work with agentic coding tools such as Claude Code, Codex, and Cursor. When you ask your agent to review an open pull request, it can read AI Code Review's findings and act on them directly.

To use this with your agentic IDE or CLI:

1. Ensure the DevOps platform CLI, for example `gh` for GitHub, or its MCP server is available in your environment.
2. Ask your agent to look at the pull request and fix anything AI Code Review has flagged.

## Language support

AI Code Review delivers the best results for languages supported by SonarQube static analysis, as findings are correlated with and validated against deterministic scan results. It can also review code in languages not currently supported by SonarQube, but those reviews will rely on AI analysis alone and may be less complete.

For the full list of languages supported by SonarQube Cloud analysis, see [overview](https://docs.sonarsource.com/sonarqube-cloud/discovering-sonarcloud/overview "mention") or more information.

## Troubleshooting

Reach out to our Sonar team with the description of the issue through our [Community](https://community.sonarsource.com/c/sc/9) portal.

## Related pages

* [importing-github-organization](https://docs.sonarsource.com/sonarqube-cloud/administering-sonarcloud/managing-organization/creating-organization/importing-github-organization "mention")
* [binding-unbound-organization](https://docs.sonarsource.com/sonarqube-cloud/administering-sonarcloud/managing-organization/creating-organization/binding-unbound-organization "mention")
* [subscription-plans](https://docs.sonarsource.com/sonarqube-cloud/administering-sonarcloud/managing-subscription/subscription-plans "mention")

<br>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.sonarsource.com/sonarqube-cloud/ai-capabilities/ai-code-review.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.