SonarQube Server’s AI CodeFix feature offers AI-generated fix suggestions for issues found during your analysis.
AI CodeFix is only available in SonarQube Server Enterprise and Data Center editions to provide AI-generated fixes for your issues.
Sonar AI CodeFix uses a large language model (LLM) to automatically generate AI-driven code fixes for the issues discovered by SonarQube Server. The process is simple. When you request a fix, the affected code and issue description are sent to an LLM. AI CodeFix then proposes an edit that resolves the problem without changing the code’s functionality.
AI CodeFix currently uses OpenAI’s GPT-5.1 (recommended) or GPT-4o to suggest fixes for a select set of rules in Java, JavaScript, TypeScript, Python, HTML, CSS, C#, and C++. To learn more about which rules are eligible for AI CodeFix, please see the list of Rules covered with AI CodeFix.
As an Instance Admin, you can activate or deactivate AI CodeFix for your organization at the global and project levels; see the Enable AI CodeFix page for the full details.
If you use Sonar’s AI CodeFix LLM, the affected code snippet will be sent by the AI CodeFix service to the selected LLM. Service agreements with Sonar’s LLMs prevent your code from being used to train those models.
For details about terms and conditions, please refer to the AI CodeFix terms in our Legal Documentation.
Once AI CodeFix is enabled, users will be able to select Generate AI Fix on eligible issues and copy/paste the fix into their IDE with the Open in IDE feature when using Connected mode.
For complete details about using AI CodeFix to fix your issues in SonarQube Server, see the article on Getting AI-generated fix suggestions.
Limits are placed on the AI CodeFix feature to manage abuse. Developers will be notified directly when the monthly allocation is reached for your organization. If the instance is blocked due to reaching the allowance, users attempting to generate a fix will see an error message. Usage quotas are reset on the first day of each month.
Sonar recognizes that AI-generated code should be monitored with additional quality standards and offers administrators a series of tools described on the AI Code Assurance page.
It’s possible to view ratings for projects with AI Code Assurance in your portfolios beginning in the Enterprise edition. There, you will see a breakdown of projects, applications, and nested portfolios that include the standards you’ve set for AI-generated code. See the Portfolio breakdown article for more information.
Overview of AI capabilities
learn about Getting AI-generated fix suggestions
Last updated
Was this helpful?
Was this helpful?
