I’m not sure if this is just a configuration issue, but any files that I perform analysis on with the MCP server return zero issues. I can successfully get a list of projects so it appears that the token and key is configured correctly.
Test file used for analysis:
// Hardcoded credentials (Security Hotspot)
const API_KEY = "12345-SECRET-KEY";
// Unused variable
let unusedVar = 42;
// Function with high cognitive complexity
function processData(data) {
if (data) {
if (data.items) {
for (let i = 0; i < data.items.length; i++) {
if (data.items[i].active) {
if (data.items[i].value > 10) {
console.log("Processing item:", data.items[i].name);
}
}
}
}
}
}
// Missing error handling and magic number
function calculateDiscount(price) {
return price * 0.07; // Magic number
}
// Async function missing await
async function fetchData() {
fetch("https://example.com/api/data"); // Missing await
}
// Potential null dereference
function getUserName(user) {
return user.profile.name; // user.profile might be null
}
// Console log in production code
console.log("Debug: Application started");
// Call functions
processData({ items: [{ active: true, value: 15, name: "Item1" }] });
calculateDiscount(100);
fetchData();
``
When run through our Azure DevOps Ci pipeline SonarCloud correctly identifies 5 issues as expected. However, when I ask the MCP to analyse the file I get:
{
"issues" : [ ],
"issueCount" : 0
}
This problem occurs for any file that I try to analyse through the MCP. The input reported by VS Code is:
{
"codeSnippet": "// Hardcoded credentials (Security Hotspot)\nconst API_KEY = \"12345-SECRET-KEY\";\n\n// Unused variable\nlet unusedVar = 42;\n\n// Function with high cognitive complexity\nfunction processData(data) {\n if (data) {\n if (data.items) {\n for (let i = 0; i < data.items.length; i++) {\n if (data.items[i].active) {\n if (data.items[i].value > 10) {\n console.log(\"Processing item:\", data.items[i].name);\n }\n }\n }\n }\n }\n}\n\n// Missing error handling and magic number\nfunction calculateDiscount(price) {\n return price * 0.07; // Magic number\n}\n\n// Async function missing await\nasync function fetchData() {\n fetch(\"https://example.com/api/data\"); // Missing await\n}\n\n// Potential null dereference\nfunction getUserName(user) {\n return user.profile.name; // user.profile might be null\n}\n\n// Console log in production code\nconsole.log(\"Debug: Application started\");\n\n// Call functions\nprocessData({ items: [{ active: true, value: 15, name: \"Item1\" }] });\ncalculateDiscount(100);\nfetchData();\n",
"projectKey": "redacted"
}
My configuration for the MCP is:
"sonarqube": {
"command": "docker",
"args": [
"run",
"-i",
"--rm",
"-e",
"SONARQUBE_TOKEN",
"-e",
"SONARQUBE_ORG",
"mcp/sonarqube"
],
"env": {
"SONARQUBE_TOKEN": "REDACTED",
"SONARQUBE_ORG": "REDACTED"
}
}
The MCP output is:
2026-01-08 10:43:29.387 [warning] [server stderr] INFO SonarQube MCP Server - Tool called: analyze_code_snippet
2026-01-08 10:43:39.762 [warning] [server stderr] INFO SonarQube MCP Server - Adding file file:///home/appuser/.sonarlint/analysis-80f64cc7-ba18-42a2-a352-60cabfb52ad5.txt
2026-01-08 10:43:39.929 [warning] [server stderr] INFO SonarQube MCP Server - Removing file file:///home/appuser/.sonarlint/analysis-80f64cc7-ba18-42a2-a352-60cabfb52ad5.txt
2026-01-08 10:43:39.929 [warning] [server stderr] INFO SonarQube MCP Server - Tool completed: analyze_code_snippet (execution time: 10551ms)
I’ve also attached the debug log
MCP_DEBUG.txt (31.6 KB)