SonarScanner for Python
The SonarScanner for Python provides an easy way to start the analysis of a Python project with SonarQube.
SonarScanner for Python — 1.3.0.4086 | Issue Tracker
1.3.0.4086 2025-12-02 Shai-Hulud security release Download Release notes
1.2.1.3951 2025-10-31 Ensure compatibility with Python 3.14 Download Release notes
1.1.0.2035 2025-06-18 Improve handling of arguments and environment variables. Fix the return code on failure Download Release notes
1.0.2.1722 2025-05-28 Fix incompatibility with tarfile.extractall Download Release notes
1.0.1.1548 2025-04-02 Add support for sonar.organization property Download Release notes
1.0.0.1453 2025-04-01 First production-ready release, includes support for automatic JRE provisioning Download Release notes
0.3.0.2016 2025-06-17 Deprecate pysonar-scanner in favor of pysonar Download Release notes
0.2.0.520 2024-10-15 Update embedded sonar-scanner-cli Download Release notes
0.1.0.340 2024-06-10 First beta release on PyPI Download Release notes
0.1.0.285 2024-04-08 First beta release on test.pypi.org Download Release notes
pysonar-scanner is a wrapper around SonarScanner CLI, available on PyPI.
Prerequisites
Python 3.8 or later
Installing the SonarScanner for Python
To install with pip, run the following command:
pip install pysonar-scannerOnce installed, you can configure the analysis and run the scanner from the command line. It assumes a Running SonarQube instance with a Python project.
Using the SonarScanner for Python
Setting the analysis properties
For the analysis to run, you’ll need to define analysis properties. There are multiple ways of providing them, described below in descending order of priority:
Through CLI arguments to the
pysonar-scannercommandUnder the
[tool.sonar]key of thepyproject.tomlfileThrough common properties extracted from the
pyproject.tomlfileIn a dedicated
sonar-project.propertiesfileThrough environment variables
Using CLI arguments
Analysis properties can be provided as CLI arguments to the pysonar-scanner command. They follow the same convention as when running the SonarScanner CLI directly. This means that analysis properties provided that way should be prepended with -D, for instance:
You can use all the arguments allowed by the SonarScanner CLI.
With a pyproject.toml file
Inside a pyproject.toml, Sonar analysis properties can be defined under the tool.sonar table.
For a list of analysis parameters, see Analysis parameters.
In the pyproject.toml file, the prefix sonar. for parameter keys should be omitted. For example, sonar.scm.provider in the documentation will become scm.provider in the pyproject.toml file.
By default, the scanner expects the pyproject.toml file to be present in the current directory. However, its path can be provided manually through the toml.path (PYSCAN-40) CLI argument as well as through the sonar.projectHome argument. For instance:
Or:
Using project properties extracted from the pyproject.toml file
When a pyproject.toml file is available, it’s possible to set the -read-project-config flag to allow the scanner to deduce analysis properties from the project configuration.
This is currently supported only for projects using poetry.
The Sonar scanner will then use the project name and version defined through Poetry, they won’t have to be duplicated under a dedicated tool.sonar section.
With a sonar-project.properties file
The analysis can be configured with a sonar-project.properties file, exactly like when you analyze with SonarScanner CLI:
Through environment variables
It is also possible to define configure the scanner through Environment variables:
Installing from testPyPI
To install the latest pre-released version of SonarScanner for Python. Execute the following command:
Last updated
Was this helpful?