-
Notifications
You must be signed in to change notification settings - Fork 8
Expand file tree
/
Copy pathllms.txt
More file actions
259 lines (198 loc) · 10 KB
/
Copy pathllms.txt
File metadata and controls
259 lines (198 loc) · 10 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
# SonarQube CLI
> Code quality and security in your terminal. Scan, integrate, and fix issues — locally or with AI.
- Version: 1.0.0
- Install (Linux/macOS): curl -o- https://raw.githubusercontent.com/SonarSource/sonarqube-cli/refs/heads/master/user-scripts/install.sh | bash
- Install (Windows): irm https://raw.githubusercontent.com/SonarSource/sonarqube-cli/refs/heads/master/user-scripts/install.ps1 | iex
- Machine-readable schema: https://sonarsource.com/sonarqube/cli/data/commands.json
- Source: https://github.com/SonarSource/sonarqube-cli
- Commands reference: https://sonarsource.com/sonarqube/cli/commands.html
## Quick Start
sonar auth login
sonar integrate claude -g
## For AI Agents
Use `sonar list issues --format toon` to output issues in a format optimized for LLM consumption.
Use `sonar list projects` to discover available projects before running analysis.
Commands marked with * require prior authentication via `sonar auth login`.
## Commands
### sonar auth
Manage authentication tokens and credentials
### sonar auth login
Authenticate via browser and save credentials in the system keychain. Must be run manually — agents cannot authenticate themselves. For CI and automation, use environment variables instead: https://docs.sonarsource.com/sonarqube-cli/using-sonarqube-cli/environment-variables
Usage: sonar auth login [-s <value>] [-o <value>]
Options:
--server, -s <string> SonarQube Server URL, SonarQube Cloud EU (https://sonarcloud.io), or SonarQube Cloud US (https://sonarqube.us). Defaults to SonarQube Cloud EU.
--org, -o <string> SonarQube Cloud organization key (required for SonarQube Cloud)
Examples:
sonar auth login
sonar auth login -s https://sonarqube.my.com/sonarqube
### sonar auth logout
Remove active connection token from keychain
Usage: sonar auth logout
Examples:
sonar auth logout
### sonar auth status
Show active authentication connection with token verification
Usage: sonar auth status
Examples:
sonar auth status
### sonar list
List issues and projects from SonarQube Cloud or Server
### sonar list issues *
Search for issues in SonarQube
Usage: sonar list issues [-p <value>] [--statuses <value>] [--severities <value>] [--format <value>] [--branch <value>] [--pull-request <value>] [--page-size <value>] [--page <value>]
Options:
--project, -p <string> Project key
--statuses <string> Filter by status (comma-separated list of: OPEN, CONFIRMED, FALSE_POSITIVE, ACCEPTED, FIXED)
--severities <string> Filter by severity (comma-separated list of: INFO, MINOR, MAJOR, CRITICAL, BLOCKER)
--format <string> Output format
--branch <string> Branch name
--pull-request <string> Pull request ID
--page-size <number> Page size (1-500)
--page <number> Page number
Examples:
sonar list issues -p my-project
sonar list issues -p my-project --format toon
### sonar list projects *
Search for projects in SonarQube
Usage: sonar list projects [-q <value>] [--page <value>] [--page-size <value>]
Options:
--query, -q <string> Search query to filter projects by name or key
--page <number> Page number
--page-size <number> Page size (1-500)
Examples:
sonar list projects
sonar list projects -q my-project
sonar list projects --page 2 --page-size 50
### sonar api *
Make authenticated API requests to SonarQube
Usage: sonar api [-d <value>] [--verbose] <method> <endpoint>
Options:
--data, -d <string> JSON string for request body. The tool will automatically format as either form data or JSON body.
--verbose, -v Print request and response details for debugging.
Examples:
sonar api get "/api/favorites/search"
sonar api get "/api/rules/search?organization=my-org&languages=ts"
sonar api post "/api/user_tokens/generate" --data '{"name":"my-token"}'
sonar api post "/api/issues/do_transition" --data '{"issue":"AYx1z2","transition":"accept"}'
sonar api get "/analysis/engine"
sonar api get "/api/system/status" --verbose
sonar api post "/api/user_tokens/revoke" --data '{"name":"my-token"}'
### sonar integrate
Setup SonarQube integration for AI coding agents, git and others.
Examples:
sonar integrate claude -s https://sonarcloud.io -p my-project
sonar integrate claude -g
### sonar integrate git *
Install a Git pre-commit hook that scans staged files for secrets before each commit, or a Git pre-push hook that scans committed files for secrets before each push.
Usage: sonar integrate git [--hook <value>] [--force] [--non-interactive] [--global]
Options:
--hook <string> Hook to install: pre-commit (scan staged files) or pre-push (scan files in unpushed commits)
--force Overwrite existing hook if it is not from sonar integrate git
--non-interactive Non-interactive mode (no prompts)
--global Install hook globally for all repositories (sets git config --global core.hooksPath)
Examples:
sonar integrate git
sonar integrate git --hook pre-push
sonar integrate git --global
sonar integrate git --hook pre-push --global --non-interactive
### sonar integrate claude *
Setup SonarQube integration for Claude Code. This will install secrets scanning hooks, configure SonarQube Agentic Analysis and MCP Server.
Usage: sonar integrate claude [-p <value>] [--non-interactive] [--global] [--skip-context]
Options:
--project, -p <string> Project key. Ignored when --global is used.
--non-interactive Non-interactive mode (no prompts)
--global, -g Install hooks and config globally to ~/.claude instead of project directory
--skip-context Skip the sonar-context-augmentation install/init/skill step
### sonar integrate copilot *
Setup SonarQube integration for Copilot. This will install secrets scanning hooks, configure SonarQube Agentic Analysis and MCP Server.
Usage: sonar integrate copilot [--global] [-p <value>] [--non-interactive] [--skip-context]
Options:
--global, -g Install hooks and config globally to ~/.copilot instead of project directory
--project, -p <string> Project key. Mutually exclusive with --global.
--non-interactive Non-interactive mode (no prompts)
--skip-context Skip the sonar-context-augmentation install/init/skill step
### sonar integrate codex *
Setup SonarQube integration for Codex. This will install a UserPromptSubmit hook that scans prompts for secrets before they are sent.
Usage: sonar integrate codex [--global] [-p <value>] [--non-interactive] [--skip-context]
Options:
--global, -g Install hook and config globally to ~/.codex instead of project directory
--project, -p <string> Project key. Mutually exclusive with --global.
--non-interactive Non-interactive mode (no prompts)
--skip-context Skip the sonar-context-augmentation install/init/skill step
### sonar context
Augment AI agents with context from your codebase (beta: subject to change)
Usage: sonar context [action] [args]
### sonar analyze *
Analyze code for quality and security issues
### sonar analyze secrets *
Scan files or stdin for hardcoded secrets
Usage: sonar analyze secrets [--stdin] [paths]
Options:
--stdin Read from standard input instead of paths
Examples:
sonar analyze secrets src/config.ts
sonar analyze secrets src/file1.ts src/file2.ts
cat .env | sonar analyze secrets --stdin
### sonar analyze dependency-risks *
Analyze project dependencies for security and license risks (beta: subject to change)
Usage: sonar analyze dependency-risks [-p <value>] [--format <value>] [--statuses <value>]
Options:
--project, -p <string> Project key
--format <string> Output format
--statuses <string> Filter issues by status
Raw: new | open | confirm | accept | safe | fixed
Presets: active | to_fix | all
active: new, open, confirm
to_fix: new, open, confirm, accept
all: new, open, confirm, accept, safe, fixed
Presets and raw statuses can be combined; the resulting set is the union.
Examples:
--statuses active
--statuses new,confirm
--statuses active,safe
### sonar analyze agentic *
Run server-side Agentic Analysis (SonarQube Cloud only). Limitations apply.
Usage: sonar analyze agentic [--file <value>] [--staged] [--base <value>] [-p <value>] [--force] [--format <value>] [--branch <value>]
Options:
--file <string> Analyze a single file (skips change set detection)
--staged Analyze staged files only (git diff --cached)
--base <string> Analyze files changed vs a branch or ref (e.g. main)
--project, -p <string> SonarQube Cloud project key (overrides auto-detected project)
--force Skip the large change set confirmation prompt
--format <string> Output format
--branch <string> Branch name for analysis context
### sonar remediate *
Trigger AI agent remediation for eligible issues (SonarQube Cloud only)
Usage: sonar remediate [-p <value>] [--issues <value>]
Options:
--project, -p <string> SonarQube Cloud project key (overrides auto-detected project)
--issues <string> Comma-separated issue keys to remediate non-interactively (max 20). Required when stdin is not a TTY.
### sonar config
Configure CLI settings
### sonar config telemetry
Configure telemetry settings
Usage: sonar config telemetry [--enabled] [--disabled]
Options:
--enabled Enable collection of anonymous usage statistics
--disabled Disable collection of anonymous usage statistics
Examples:
sonar config telemetry --enabled
sonar config telemetry --disabled
### sonar system
System diagnostics and maintenance commands for the SonarQube CLI installation.
### sonar system status
Show overall system status: authentication, installed binaries, and integrations
Usage: sonar system status [--json]
Options:
--json Output as JSON for machine consumption
### sonar system reset
Reset the CLI to factory defaults: remove tokens, binaries, integrations, and cached files. Telemetry settings are preserved.
Usage: sonar system reset [--force]
Options:
--force Skip the interactive confirmation prompt (required for non-interactive use)
### sonar self-update
Update SonarQube CLI to the latest version
Usage: sonar self-update [--status] [--force]
Options:
--status Check for a newer version without installing
--force Install the latest version even if already up to date