1.18.1.2664

SonarQube MCP Server v1.18.1

This release fixes a startup crash in sandboxed container environments and includes internal maintenance improvements.

Bug Fixes

• Fixed crash on startup when running in sandboxed container runtimes (e.g. gVisor) that restrict access to system certificate directories
• Fixed an issue where Gemini CLI extension wouldn't be installed

1.18.0.2645

• Added pagination support for search_dependency_risks tool
• Updated dependencies and fixed CVEs

For full release notes, see JIRA

1.17.0.2569

• Introduction of mcp.sonarqube.com, a configuration generator
• Fixed intermittent 500 errors affecting the hosted MCP on SonarQube Cloud
• Added a new /info endpoint in HTTP mode to return the SonarQube MCP Server version
• Enhanced Context Augmentation guidance through improved MCP instructions

For full release notes, see JIRA

1.16.0.2466

• Dependencies update

For full release notes, see JIRA

1.15.1.2402

For full release notes, see JIRA

1.15.0.2389

For full release notes, see JIRA

1.14.0.2351

• Add support for workspace mount integration with analysis tools. This eliminates the need to rely on file content during analysis and prevents the agent from loading full file contents into its context.
• Resolve a concurrency issue in the Context Augmentation tools.
• Enhance HTTP logging to improve troubleshooting and diagnosis of potential issues.

For full release notes, see JIRA

1.13.0.2300

• Removed the SONARQUBE_ADVANCED_ANALYSIS_ENABLED environment variable. Advanced analysis enablement is now automatically determined at runtime based on token permissions.
• Introduced a new environment variable, SONARQUBE_LOG_TO_FILE_DISABLED, which disables file-based logging. This is particularly useful when hosting the SonarQube MCP Server.
• Added support for SOCKS5 proxy configuration.
• Fixed an issue in the search_metrics tool where the description field was incorrectly required, even when not provided.

For full release notes, see JIRA

1.12.0.2238

• Added support for the SONARQUBE_TOOLSETS and SONARQUBE_READ_ONLY HTTP headers. These allow clients to further restrict which tools are available when interacting with the server.
• Introduced support for Context Augmentation (CAG), now available in Open Beta. This feature is currently available only in STDIO mode and for restricted users.
• Added support for the SONARQUBE_PROJECT_KEY environment variable. When set, all tools automatically use this project key, removing the need to pass projectKey as a parameter for tools that require it.

For full release notes, see JIRA

1.11.0.2143

• Enhanced the Advanced Analysis tool with more accurate reporting and improved tool descriptions.
• Fixed an issue where selected projects were silently ignored during issue searches.
• Added support for multi-tenant launch in HTTP mode (SQC).
• Migrated HTTP mode to a stateless implementation for improved scalability and reliability.

For full release notes, see JIRA