This release of SonarQube for IDE: VS Code v4.26 marks the beginning of a series of enhancements aimed at providing a centralized view to streamline the remediation of all raised issues. To achieve this, we are introducing a new SonarQube panel as part of a phased approach.

• Within this new SonarQube panel, users in connected mode (to SonarQube Cloud or Server) now get a unified view of security hotspots and taint vulnerabilities, making it faster and easier to identify and address issues.
• Enhanced interaction within the panel allows clicking an issue to open its rule description directly in your IDE, and a right-click provides additional actions, including applying fixes with AI CodeFix.

This new SonarQube panel is a key step in our ongoing effort to simplify issue remediation, with further improvements planned that will build upon this theme.

Explore the full details in our release notes and join the discussion on the community post.

SonarQube for IDE: VS Code v4.24 brings tighter integration with GitHub Copilot agent mode.

• With Copilot agent mode enabled, ask the Copilot agent to perform a SonarQube related action using natural language eg “Do I have any security issues in this file” and the agent will get to work. It can even help you set up connected mode.

Plus

• Updated Sonar Java analyzer. Supports Java versions up to Java 23, and includes new rules for Java 22 features.
• Sonar Dataflow Bug Detection (DBD) engine 2.0 - provides more precise bug detection in Java and Python code. Learn more in our blog post.

For more information, see the release notes and the community post.

SonarQube for IDE: VS Code v4.23 brings AI-CodeFix in the IDE for SonarQube Server users, plus analyzer updates including Go enterprise rules.

• AI CodeFix is now available when using connected mode with SonarQube Server 2025.3+ Enterprise & Data Center editions.
  
  When hovering over an issue, select the SonarQube: Fix with AI CodeFix code action, to generate a fix suggestion. You can review the suggestion in the refactor preview, and then select the code snippets to apply. Further details on using AI capabilities in the IDE are available here.

• Go enterprise rules are now available if you are in connected mode with SonarQube Cloud and SonarQube Server paid licenses. Learn more here.

For more information, see the release notes and the community post.

SonarQube for IDE: VS Code v4.22 includes analyzer updates and an improved onboarding experience for new users. 

• Expanded ruleset for PySpark code. 5 new rules were added, bringing the total to 13, to help identify common issues, and encourage best practices.

• Updated SonarJava analyzer. Support for Java versions up to Java 23, and new rules for Java 22 features are included.

• An enhanced onboarding experience includes an updated walkthrough to guide new users.

For more information, see the release notes and the community post.

SonarQube for IDE: VS Code v4.20 introduces AI-generated fixes for coding issues.

AI CodeFix is now available! When using connected mode with SonarQube Cloud Team or Enterprise plans, you can select SonarQube: Fix with AI CodeFix when hovering over an issue to generate a fix suggestion. 

You can review the suggestion in the refactor preview, and then select the code snippets to apply. Further details on using AI capabilities in the IDE are available here.

For more information, see the release notes and the community post.

SonarQube for IDE: VS Code v4.18 brings analyzer updates and performance enhancements. 

• Analyzer updates:  the Sonar Python analyzer was updated - bringing new rules for PySpark.

• We have optimized extension size and download time significantly by downloading the C/C++ analyzer separately.

Discover more with our release notes and community post. 

SonarQube for IDE: VS Code v4.15 brings access to issues raised in Ansible IaC language for both SonarQube Cloud and Server.

The iac-enterprise plugin delivers additional analysis options for IaC including analysis of Ansible playbook files. For users of SonarQube Cloud (all plans) and SonarQube Server (paid plans) you will now be able to uncover security and maintainability issues when using connected mode.

Plus, this version includes updates to the .NET, Python, Java, HTML, PHP and SonarText analyzers!

Discover more with our release notes and community post.

SonarQube for IDE: VS Code v4.14 delivers performance improvements to JS/TS analysis.

The new JS analyzer uses fewer resources and is faster, especially for Windows users, who may see up to 7 seconds shaved off initial analysis time.

Discover more with our release notes and community post.

SonarQube for IDE: VS Code v4.13 introduces two new modes for visualization of issue categorization.

In parallel with SonarQube Server 10.8, we have introduced the option to select either:

• Multi-Quality Rule (MQR) mode - enabling issues to have multiple qualities, and leveraging the newer categorization and severities from SonarQube Server 10.8
• Standard Experience mode - which maintains the issue categorization from SonarQube 9.9 (bug, vulnerability and code smell)

Plus, two important updates:

• A new .NET analyzer is available with support for .NET 9 and C#13.
• SonarQube open-source analyzers bundled by SonarQube for IDE are now using the new Sonar Source-Available License.

Discover more with our release notes and community post.

SonarQube for IDE: VS Code v4.12 delivers analyzer updates:

• The Python analyzer brings fixes for multiple false positives
• The Java analyzer offers now support for Java 22
• And the CFamily analyzer now supports WindRiver GNU C++ compiler for arm, plus we added quick fixes for rules S1264 and S1990.

Discover more with our release notes and community post.