SonarQube CLI BETA

Code verification in your terminal

Install:

View installation instructions ↗

curl -o- https://raw.githubusercontent.com/SonarSource/sonarqube-cli/refs/heads/master/user-scripts/install.sh | bash

irm https://raw.githubusercontent.com/SonarSource/sonarqube-cli/refs/heads/master/user-scripts/install.ps1 | iex

👨‍💻 I want to |

🤖 Agent:

zsh

Browse Commands

Installation

One-line install for all platforms.

curl -o- https://raw.githubusercontent.com/SonarSource/sonarqube-cli/refs/heads/master/user-scripts/install.sh | bash

irm https://raw.githubusercontent.com/SonarSource/sonarqube-cli/refs/heads/master/user-scripts/install.ps1 | iex

Quick Start

What do you want to do?

Features

Everything you need for code security in the terminal.

Secrets Scanning

Detect hardcoded secrets, API keys, and credentials before they reach your repository. Integrates as a pre-commit hook.

Claude Integration

Wire SonarQube into your Claude Code workflow. Get AI-assisted fixes for issues surfaced by SonarQube analysis.

Issue Explorer

Query and filter SonarQube issues from your terminal or agent. JSON and TOON output formats pipe directly into LLM workflows without extra post-processing.

Git Hooks

Block bad commits automatically. Pre-commit hooks run secrets scanning before every git commit.

MCP Server

Expose SonarQube tools as a Model Context Protocol server. Any MCP-compatible agent can list issues, scan files, and query projects.

Multi-platform

Native binaries for Linux, macOS (Apple Silicon), and Windows. One install script, zero dependencies.

Code Quality Analysis

Run advanced static analysis via the SonarQube A3S API on any file. Catch quality and security issues before they land in review.

Secure Keychain Auth

Tokens are stored in the OS keychain — never in plain files. Authenticate once and every command just works.

How useful was this site?

Share Feedback