{"id":51136020,"url":"https://github.com/SonarSource/sonarqube-cli","last_synced_at":"2026-07-14T01:00:48.798Z","repository":{"id":340963541,"uuid":"1150614903","full_name":"SonarSource/sonarqube-cli","owner":"SonarSource","description":"Command-line interface for SonarQube with AI agent integration. Scan for secrets and get fast feedback on code quality and security from your terminal.","archived":false,"fork":false,"pushed_at":"2026-07-13T10:29:41.000Z","size":4242,"stargazers_count":208,"open_issues_count":25,"forks_count":8,"subscribers_count":3,"default_branch":"master","last_synced_at":"2026-07-13T11:08:11.065Z","etag":null,"topics":["agent","ai","cli","code-quality","secrets","security","sonarqube","static-analysis"],"latest_commit_sha":null,"homepage":"https://cli.sonarqube.com/","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/SonarSource.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":"AGENTS.md","dco":null,"cla":null}},"created_at":"2026-02-05T13:43:51.000Z","updated_at":"2026-07-12T08:49:54.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/SonarSource/sonarqube-cli","commit_stats":null,"previous_names":["sonarsource/sonarqube-cli"],"tags_count":24,"template":false,"template_full_name":null,"purl":"pkg:github/SonarSource/sonarqube-cli","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SonarSource%2Fsonarqube-cli","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SonarSource%2Fsonarqube-cli/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SonarSource%2Fsonarqube-cli/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SonarSource%2Fsonarqube-cli/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/SonarSource","download_url":"https://codeload.github.com/SonarSource/sonarqube-cli/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SonarSource%2Fsonarqube-cli/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":35441637,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-07-13T02:00:06.543Z","response_time":119,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["agent","ai","cli","code-quality","secrets","security","sonarqube","static-analysis"],"created_at":"2026-06-25T18:00:29.294Z","updated_at":"2026-07-14T01:00:48.791Z","avatar_url":"https://github.com/SonarSource.png","language":"TypeScript","funding_links":[],"categories":["TypeScript"],"sub_categories":[],"readme":"# SonarQube CLI\n\n[![Build](https://github.com/SonarSource/sonarqube-cli/actions/workflows/build.yml/badge.svg?branch=master)](https://github.com/SonarSource/sonarqube-cli/actions/workflows/build.yml)\n[![Quality Gate Status](https://sonarcloud.io/api/project_badges/measure?project=SonarSource_sonarqube-cli\u0026metric=alert_status\u0026token=4ad890bd54c6c3feb5d5251004fa3e5b1f665dea)](https://sonarcloud.io/summary/new_code?id=SonarSource_sonarqube-cli)\n\n**Catch code quality and security issues in your terminal—before they reach production.**\n\nThe SonarQube CLI integrates enterprise-grade static analysis into your development workflow:\n\n- **🔒 Secret Detection** — Scan code for hardcoded credentials and prevent secrets from being sent to LLM providers\n- **⚡ Fast Feedback Loop** — Get server-side issue detection on your local changes without waiting for CI/CD\n- **🤖 AI-Assisted Fixes** — Generate remediation suggestions for security vulnerabilities (SonarQube Cloud)\n- **🔗 Agent Integration** — Seamless hooks for Claude Code, GitHub Copilot, and other AI coding tools\n- **📊 Scriptable** — Query and manage SonarQube issues programmatically with JSON output\n\n**Use it standalone or integrate with:** Git hooks, Claude Code, GitHub Copilot, CI/CD pipelines, custom automation\n\n\u003e **🤖 For AI Agents:** If you are an AI agent reading this, navigate to [docs/llms.txt](https://github.com/SonarSource/sonarqube-cli/blob/master/docs/llms.txt) for machine-readable\n\u003e command documentation optimized for LLM consumption.\n\n\u003e We are actively collecting feedback on this product. Please share your thoughts via [this form](https://forms.gle/xE61HS2E5NzxFCSR9)!\n\n## Documentation\n\n- **📘 Official Documentation:** [docs.sonarsource.com/sonarqube-cli](https://docs.sonarsource.com/sonarqube-cli)\n- **🌐 Project Website:** [sonarsource.com/sonarqube/cli](https://sonarsource.com/sonarqube/cli)\n- **📖 Command Reference:** [sonarsource.com/sonarqube/cli/commands.html](https://sonarsource.com/sonarqube/cli/commands.html)\n\n## Table of Contents\n\n- [Documentation](#documentation)\n- [Three Ways to Use This CLI](#three-ways-to-use-this-cli)\n- [Prerequisites](#prerequisites)\n- [Quick Start](#quick-start)\n  - [Step 1: Install](#step-1-install)\n  - [Step 2: Authenticate](#step-2-authenticate)\n  - [Step 3: Try Basic Commands](#step-3-try-basic-commands)\n  - [Step 4: Analyze Local Changes](#step-4-analyze-local-changes-sonarqube-cloud-only)\n- [Integrations](#integrations)\n  - [Claude Code Integration](#claude-code-integration)\n  - [Git Hooks](#git-hooks)\n  - [GitHub Copilot Integration](#github-copilot-integration)\n- [Example Outputs](#example-outputs)\n- [Troubleshooting](#troubleshooting)\n- [State Management](#state-management)\n- [Uninstalling](#uninstalling)\n- [Data Collection](#data-collection)\n- [Contributing](#contributing)\n- [License](#license)\n\n## Three Ways to Use This CLI\n\nThe SonarQube CLI is designed for three distinct use cases:\n\n1. **🤖 Agentic Use** — Built-in support for AI coding agents (Claude Code, GitHub Copilot) with pre-tool hooks that prevent secrets from being sent to LLM providers\n   ```bash\n   sonar integrate claude -g\n   # Now Claude Code will automatically scan for secrets before processing your code\n   ```\n\n2. **🖥️ Interactive CLI** — Run commands directly in your terminal to scan code, check issues, and manage SonarQube projects manually\n   ```bash\n   sonar list issues --project my-app\n   sonar analyze --file file.ext\n   ```\n\n3. **⚙️ Scripting \u0026 Automation** — Integrate into scripts for reporting, dashboards, or automated quality gates\n   ```bash\n   # Generate a report of issues across all projects:\n   sonar list projects | jq -r '.projects[].key' | while read project; do\n     echo \"Project: $project\"\n     sonar list issues --project \"$project\" | jq -r '.issues[].severity' | sort | uniq -c\n   done\n   ```\n\n## Prerequisites\n\nBefore installing, you need:\n\n- **SonarQube Access** (choose one):\n  - [SonarQube Cloud](https://sonarcloud.io) — Free for open source projects, paid for private repositories\n  - SonarQube Server — Self-hosted instance (v9.9+)\n\n- **Operating System**: Linux (x86-64, ARM64), macOS (ARM64), or Windows (x86-64)\n\n**Optional:**\n\n- Git 2.x+ for git hook integrations\n- Claude Code or GitHub Copilot CLI for AI assistant integrations\n\n**First time with SonarQube?** [Create a free SonarQube Cloud account](https://sonarcloud.io/sessions/new) — no credit card required for open source projects.\n\n## Quick Start\n\n### Step 1: Install\n\nChoose the install channel that fits your setup:\n\n**Homebrew (macOS/Linux):**\n\n```bash\nbrew install sonarqube-cli\n```\n\n**Mise (macOS, Linux, or Windows):**\n\n```bash\nmise use -g sonarqube-cli@latest\n```\n\n**Install script (Linux/macOS):**\n\n```bash\ncurl -o- https://raw.githubusercontent.com/SonarSource/sonarqube-cli/refs/heads/master/user-scripts/install.sh | bash\n```\n\n**Install script (Windows, from PowerShell):**\n\n```powershell\nirm https://raw.githubusercontent.com/SonarSource/sonarqube-cli/refs/heads/master/user-scripts/install.ps1 | iex\n```\n\n**Verify installation:**\n\n```bash\nsonar --version\n# Example output: 1.0.0\n```\n\n**Note:** Restart your terminal after using the install scripts so your updated `PATH` is reloaded. Homebrew manages `PATH` automatically, and Mise assumes its shell activation is already configured.\n\n### Step 2: Authenticate\n\nConnect to SonarQube Cloud EU (default):\n\n```bash\nsonar auth login\n# Opens your browser to sign in to SonarQube and generates a user token\n# Returns to terminal when complete\n```\n\nFor SonarQube Cloud US:\n\n```bash\nsonar auth login --server https://sonarqube.us\n```\n\nFor self-hosted SonarQube Server:\n\n```bash\nsonar auth login --server https://sonarqube.mycompany.com\n```\n\n**Verify authentication:**\n\n```bash\nsonar auth status\n# Verifying token......\n# [✓ Connected]\n# Server  https://sonarcloud.io\n# Org     my-org\n# Source  OS Keychain\n```\n\n**For automation, CI/CD, and AI agents**, pass the token via environment variables. The CLI reads them at command time, so nothing is written to disk or the OS keychain.\n\nGenerate a token first: SonarQube → My Account → Security → Generate Token.\n\nThen define the following environment variables before invoking `sonar` (use your runner's secret store in CI, or your preferred local mechanism — direnv, an untracked `.env` file,\na password manager CLI, etc.):\n\n- SonarQube Cloud: `SONARQUBE_CLI_TOKEN` + `SONARQUBE_CLI_ORG`\n- Self-hosted SonarQube Server: `SONARQUBE_CLI_TOKEN` + `SONARQUBE_CLI_SERVER`\n\nWith those exported, any command works without further configuration:\n\n```bash\nsonar list projects\n```\n\nSet both variables — if only `SONARQUBE_CLI_TOKEN` is present, the CLI prints a warning on stderr and falls back to keychain credentials, which is rarely what automation wants.\nNever commit the token or pass it as a CLI argument.\n\n### Step 3: Try Basic Commands\n\n**List your projects:**\n\n```bash\nsonar list projects\n# {\"projects\":[{\"key\":\"my-org_my-app\",\"name\":\"my-app\"},\n#              {\"key\":\"my-org_demo\",\"name\":\"demo-project\"}],\n#  \"paging\":{\"pageIndex\":1,\"pageSize\":500,\"total\":2,\"hasNextPage\":false}}\n```\n\nOutput is JSON by default. Pipe through `jq` for ad-hoc filtering, e.g. `sonar list projects | jq -r '.projects[].key'`.\n\n**Scan a file for secrets:**\n\n```bash\ncat \u003e test.js \u003c\u003c'EOF'\nconst STRIPE_KEY = \"sk_live_\u003cPASTE_A_REAL_STRIPE_KEY_HERE\u003e\";\nEOF\nsonar analyze secrets test.js\n# Sonar Secrets CLI - BETA (2.43.0.11106)\n# Trying to authenticate to SonarQube Server or Cloud, in order to enable complete functionality\n# Authentication successful\n# Running analysis...\n# Found 1 secret\n# Stripe API Key\n# File: test.js\n# Location: [1:21-1:53]\n# Secret: sk_*****************************\n# ❌ Secrets found (227ms)\n# 💡 Remove the reported secret, then rerun the scan.\n```\n\nWhen a secret is found, the command exits with code `51`.\n\n**Check issues in a project:**\n\n```bash\nsonar list issues --project my-org_my-app --format table --page-size 3\n# SEVERITY | RULE             | MESSAGE                                                 | FILE\n# ---------------------------------------------------------------------------------------------------------------\n# CRITICAL | typescript:S3776 | Refactor this function to reduce its Cognitive Complexity | src/preview.tsx:17\n# CRITICAL | typescript:S2004 | Refactor this code to not nest functions more than 4...   | src/Preview.tsx:235\n# CRITICAL | typescript:S3776 | Refactor this function to reduce its Cognitive Complexity | src/Description.tsx:43\n```\n\nSupported formats: `json` (default), `table`, `toon`, `csv`.\n\n\u003e **💡 Tip:** The `--project` flag is often optional—if your working directory contains a `sonar-project.properties` file or a SonarLint connected-mode binding under `.sonarlint/`,\n\u003e the CLI picks the project key up from there.\n\n### Step 4: Analyze Local Changes (SonarQube Cloud only)\n\n```bash\ncd your-project-directory\nsonar analyze --file file.ext\n# Analyzes uncommitted changes for new issues\n# Only shows issues YOU introduced in your changes\n```\n\n**Common options:**\n\n```bash\nsonar analyze --file src/myfile.ts          # Analyze a specific file\nsonar analyze --base main                   # Analyze changes vs main branch\nsonar analyze --branch feature-xyz          # Set branch context\n```\n\n---\n\n## Integrations\n\n### Claude Code Integration\n\n**Global setup** (hooks apply to all Claude Code sessions):\n\n```bash\nsonar auth login\nsonar integrate claude -g\n```\n\n**Project-specific setup** (hooks apply only to this project):\n\n```bash\ncd your-project\nsonar auth login\nsonar integrate claude --project my-org_my-project\n```\n\nThis installs:\n\n- **Pre-tool-use hook for secrets scanning** — Prevents hardcoded credentials from being sent to LLM providers\n- **SonarQube Agentic Analysis integration** — Server-side code quality analysis in your workflow\n- **Model Context Protocol (MCP) server** — Access SonarQube data directly from Claude Code\n\n### Git Hooks\n\n**Pre-commit hook** (scan staged files before each commit):\n\n```bash\nsonar integrate git --hook pre-commit\n```\n\n**Pre-push hook** (scan committed files before each push):\n\n```bash\nsonar integrate git --hook pre-push\n```\n\n**Global git hooks** (apply to all repositories):\n\n```bash\nsonar integrate git --hook pre-commit --global\n```\n\n**For CI/CD or automation** (non-interactive mode):\n\n```bash\nsonar integrate git --hook pre-commit --non-interactive\n# Skips all prompts, fails fast on errors\n```\n\n### GitHub Copilot Integration\n\n**Global setup:**\n\n```bash\nsonar auth login\nsonar integrate copilot -g\n```\n\n**Project-specific setup:**\n\n```bash\ncd your-project\nsonar auth login\nsonar integrate copilot --project my-org_my-project\n```\n\nThis installs:\n\n- **Pre-tool-use hook for secrets scanning** — Prevents hardcoded credentials from being sent to LLM providers\n- **SonarQube Agentic Analysis integration** — Server-side code quality analysis in your workflow\n- **Model Context Protocol (MCP) server** — Access SonarQube data directly from Copilot\n\n## Example Outputs\n\n### Scanning for Secrets\n\n```bash\n$ sonar analyze secrets src/config.ts\n  sonar-secrets 2.43.0.11106 is already installed (latest)\nSonar Secrets CLI - BETA (2.43.0.11106)\nTrying to authenticate to SonarQube Server or Cloud, in order to enable complete functionality\nAuthentication successful\nRunning analysis...\nFound 1 secret\nStripe API Key\nFile: src/config.ts\nLocation: [5:20-5:52]\nSecret: sk_*****************************\n❌ Secrets found (227ms)\n💡 Remove the reported secret, then rerun the scan.\n```\n\nExit codes: `0` when no secrets are found, `51` when at least one is found.\n\n### Listing Issues\n\n`sonar list issues` emits JSON by default; pass `--format table` for the human-readable view shown below.\n\n```bash\n$ sonar list issues --project my-org_my-app --severities CRITICAL,BLOCKER --page-size 3 --format table\nSEVERITY | RULE             | MESSAGE                                                                              | FILE\n-------------------------------------------------------------------------------------------------------------------------\nCRITICAL | typescript:S3776 | Refactor this function to reduce its Cognitive Complexity from 26 to the 15 allowed. | code/addons/a11y/src/preview.tsx:17\nCRITICAL | typescript:S2004 | Refactor this code to not nest functions more than 4 levels deep.                    | code/addons/docs/src/blocks/components/Preview.tsx:235\nCRITICAL | typescript:S3776 | Refactor this function to reduce its Cognitive Complexity from 23 to the 15 allowed. | code/addons/vitest/src/components/Description.tsx:43\n```\n\n### Analyzing Local Changes\n\n```bash\n$ sonar analyze\nSonarQube Agentic Analysis: no files in the change set to analyze.\n```\n\nWhen there are staged changes against a project configured for SonarQube Cloud Agentic Analysis, the analyzer reports new issues introduced by the change set in the same `text`/\n`json` format selectable via `--format`.\n\n### LLM-Optimized Output Format\n\nFor AI coding assistants, use `--format toon` — a token-efficient, YAML-flavored encoding of the same JSON payload:\n\n```bash\n$ sonar list issues --project my-org_my-app --severities BLOCKER --page-size 1 --format toon\ntotal: 88\np: 1\nps: 1\npaging:\n  pageIndex: 1\n  pageSize: 1\n  total: 88\nissues[1]:\n  - key: AZ0avojpNWh-T1cKsujg\n    rule: \"typescript:S3516\"\n    severity: BLOCKER\n    component: \"my-org_my-app:src/ConfigFile.ts\"\n    project: my-org_my-app\n    line: 377\n    message: \"Refactor this function to not always return the same value.\"\n    type: CODE_SMELL\n```\n\nThis format is designed for parsing by LLMs and can be used with Claude Code, GitHub Copilot, or custom AI workflows.\n\n## Troubleshooting\n\n### \"Project key not found\"\n\n**Symptom:** `Error: Project 'my-project' not found`\n\n**Cause:** Using the project display name instead of the project key.\n\n**Solution:** Use the exact project key from the JSON output of `sonar list projects`:\n\n```bash\n# Find the correct key:\nsonar list projects -q my-project\n# {\"projects\":[{\"key\":\"my-org_my-project\",\"name\":\"my-project\"}],\n#  \"paging\":{\"pageIndex\":1,\"pageSize\":500,\"total\":1,\"hasNextPage\":false}}\n\n# Or, for just the keys:\nsonar list projects -q my-project | jq -r '.projects[].key'\n\n# Use the key value (not the name) for subsequent commands:\nsonar list issues --project my-org_my-project\n```\n\n---\n\n### \"No issues found\" but issues exist in SonarQube web UI\n\n**Cause:** Project hasn't been scanned yet, or you're checking the wrong branch.\n\n**Solution:**\n\n1. Verify your project has at least one completed scan in SonarQube\n2. Check you're authenticated to the right organization:\n   ```bash\n   sonar auth status\n   ```\n3. For branch-specific issues, specify the branch:\n   ```bash\n   sonar list issues --project my-org_my-app --branch feature-xyz\n   ```\n\n---\n\n### \"Authentication failed\" or token errors\n\n**Symptom:** `Error: Invalid token` or browser authentication fails\n\n**Solution:** Use token-based authentication:\n\n1. Go to SonarQube → My Account → Security → Generate Token\n2. Copy the generated token\n3. Use following environment variables (set them globally before running commands from a new terminal):\n   ```\n   SONARQUBE_CLI_TOKEN=YOUR_TOKEN\n   SONARQUBE_CLI_SERVER=https://sonarcloud.io  # or your SonarQube Server URL\n   SONARQUBE_CLI_ORG=your-org-key              # SonarQube Cloud only\n   ```\n\nFor SonarQube Cloud, ensure you're using the correct region:\n\n- EU: `https://sonarcloud.io`\n- US: `https://sonarqube.us`\n\n---\n\n### `sonar analyze` says \"Not a git repository\"\n\n**Cause:** `sonar analyze` requires git to detect changes.\n\n**Solution:**\n\n- Run from inside a git repository:\n  ```bash\n  cd your-project\n  sonar analyze\n  ```\n- Or analyze a specific file instead:\n  ```bash\n  sonar analyze --file src/myfile.ts\n  ```\n\n---\n\n### Git hook doesn't run after installation\n\n**Symptom:** Installed pre-commit hook but it doesn't execute on `git commit`\n\n**Solution:**\n\n1. Check the hook file exists and is executable:\n   ```bash\n   ls -la .git/hooks/pre-commit\n   chmod +x .git/hooks/pre-commit\n   ```\n\n2. Test the hook manually:\n   ```bash\n   .git/hooks/pre-commit\n   ```\n\n3. For global hooks, verify git configuration:\n   ```bash\n   git config --global core.hooksPath\n   # Should show: ~/.sonar/git-hooks (or similar)\n   ```\n\n---\n\n### \"Command not found: sonar\" after installation\n\n**Symptom:** After installing, terminal doesn't recognize `sonar`\n\n**Solution:**\n\n1. **Restart your terminal** if you used the install script, or if you just changed your shell setup.\n\n2. If you installed with **Homebrew**, make sure Homebrew itself is already on your `PATH`, then retry `brew install sonarqube-cli`.\n\n3. If you installed with **Mise**, make sure your shell is already configured for Mise and reopen your terminal.\n\n4. If you used the **install script** and it still doesn't work, manually add it to `PATH`:\n\n   **Linux/macOS** — Add to `~/.bashrc` or `~/.zshrc`:\n\n   ```bash\n   export PATH=\"$HOME/.local/share/sonarqube-cli/bin:$PATH\"\n   ```\n\n   Then reload: `source ~/.bashrc` (or `~/.zshrc`)\n\n   **Windows** — The installer should have updated PATH automatically. Try:\n   - Open a new PowerShell window\n   - Restart your computer if the issue persists\n\n5. Verify the binary exists:\n\n   ```bash\n   # Install script on Linux/macOS:\n   ls -la ~/.local/share/sonarqube-cli/bin/sonar\n\n   # Install script on Windows (PowerShell):\n   ls $env:LOCALAPPDATA\\sonarqube-cli\\bin\\sonar.exe\n   ```\n\n---\n\n### Secrets scanning shows false positives\n\n**Symptom:** `sonar analyze secrets` flags test data or example code\n\n**Solution:**\n\nSecrets scanning is intentionally sensitive to avoid missing real credentials. For test files:\n\n1. **Use obviously fake values:**\n   ```javascript\n   // ✅ Won't be flagged:\n   const API_KEY = \"test_fake_key_for_unit_tests\";\n   const TOKEN = \"dummy-token-12345\";\n\n   // ❌ Might be flagged:\n   const API_KEY = \"sk_live_abc123xyz789\";\n   ```\n\n2. **Store test secrets in ignored files:**\n\n- `.env.test` files are often excluded by default\n- Keep real-looking test data in fixture files outside `src/`\n\n3. **For legitimate exceptions:** Consider adding comments explaining why the value is safe, or use environment variables even in tests.\n\n---\n\n### Still having issues?\n\n- **Search existing issues:** [GitHub Issues](https://github.com/SonarSource/sonarqube-cli/issues)\n- **Open a new issue:** [New Issue](https://github.com/SonarSource/sonarqube-cli/issues/new/choose)\n\nInclude in your report:\n\n- Output of `sonar --version`\n- Full error message (with sensitive info redacted)\n- Command you ran\n- Operating system and version\n- For authentication issues: Server URL (SonarQube Cloud vs Server)\n\n## State Management\n\nSee [State Management](./docs/state-management.md) for more information.\n\n## Uninstalling\n\n### Homebrew\n\n```bash\nbrew uninstall sonarqube-cli\n```\n\n### Mise\n\n```bash\nmise use -g --remove sonarqube-cli\nmise uninstall --all sonarqube-cli\n```\n\n### Install script (Linux/macOS)\n\n1. Delete the `~/.local/share/sonarqube-cli/` folder.\n2. Remove `export PATH=\"$HOME/.local/share/sonarqube-cli/bin:$PATH\"` from your `~/.bashrc` or `~/.zshrc` files.\n\n### Install script (Windows)\n\n1. Delete the `%localappdata%\\sonarqube-cli\\` folder.\n2. Remove this folder from the `PATH` user-level environment variable.\n\n## Data collection\n\nThe SonarQube CLI collects anonymous usage data and error reports to help improve the product.\n\n**Telemetry:** Anonymous command usage statistics are sent to SonarSource.\n\n**Error reporting:** Unhandled exceptions are reported to [Sentry](https://sentry.io) to help us identify and fix crashes.\n\nBoth are enabled by default and share the same opt-out toggle. To disable all data collection:\n\n```bash\nsonar config telemetry --disabled\n```\n\nYou can also set the `DO_NOT_TRACK=1` environment variable to disable telemetry for a session without changing persisted configuration.\n\nNo personally identifiable information is transmitted.\n\n## Contributing\n\nWe don't accept external pull requests on this project. This isn't about the quality of your change — keeping all changes in one place lets us properly track, plan, prioritize, and test everything that goes into the CLI.\n\nThat doesn't mean we don't want to hear from you — we do. If you've hit a bug or have an idea, please [open a GitHub Issue](https://github.com/SonarSource/sonarqube-cli/issues/new/choose) and we'll take it from there.\n\nThe source is public, so you're welcome to fork it, read it, and experiment. See [CONTRIBUTING.md](./CONTRIBUTING.md) if you'd like to build the CLI from source.\n\n## License\n\nCopyright SonarSource Sàrl.\n\nSonarQube CLI is released under the [GNU Lesser General Public License, Version 3.0⁠,](http://www.gnu.org/licenses/lgpl.txt).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FSonarSource%2Fsonarqube-cli","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FSonarSource%2Fsonarqube-cli","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FSonarSource%2Fsonarqube-cli/lists"}