Edgar Kussberg

SonarQube has been catching my bugs and security issues for years. The only friction was having to leave Cursor or Windsurf to view the results. Their new MCP Server fixes that by bringing verification directly into the coding environment 🔥 This is actually perfect timing 🧵 ↓ Because we write more code than ever thanks to AI, yet productivity still doesn’t keep up. Google’s 2025 DORA Report shows the tension: → AI usage +90% → Bugs +9% → Review time +91% → PR size +154% (report here: cloud.google.com/blog/products/…) The problem isn’t generating code. It’s verifying it quickly and reliably. And this is what SonarQube's new MCP Server brings instantly: - Live scanning → trigger SonarQube checks inside Cursor, Windsurf, Claude Code… basically any MCP-compatible IDE - Immediate surfacing → security, reliability, and maintainability issues in seconds - Smooth UI handoff → jump to the dashboard only when you need the full picture - AI-native workflow → Sonar’s long-standing rule engine integrated into your daily loop Why it’s great: • Removes constant tab-switching • Faster write → check → fix cycles • Lets the IDE handle speed while SonarQube handles structure • Feels like code quality finally meets AI-native development Setup is super simple: → Enable SonarQube's MCP Server in Cursor → Add your SonarQube instance → Open your repo → Run the scan directly inside the IDE I then pointed it to a JS component I’m building in @Streamlit (psst, it’s called Streamlit ChartJS ;)) → Immediate results: security flags, reliability concerns, maintainability smells, and dependency risks ✅ Then I prompted: "Show me the full breakdown." → Cursor opens the SonarQube UI with rule details, severities, fix guidance, and project-wide quality signals! Exactly on point.