sonar_get_issue_details
Get detailed information about a specific SonarQube issue with rich context for intelligent fixing.
Description
Retrieves comprehensive issue information including plain-text source code context, rule explanation, and (optionally) additional context to make fixes more accurate and less “trial and error”:
- File header (imports/signature)
- Data flow (when Sonar provides flows)
- Similar FIXED issues (opt-in)
- Related tests + coverage hints (opt-in)
- SCM hints (opt-in)
Parameters
| Parameter | Type | Required | Default | Description |
|---|---|---|---|---|
issueKey | string | Yes | - | SonarQube issue key (e.g., AYx123abc456) |
contextLines | number | No | 10 | Lines of code context around the issue |
includeRuleDetails | boolean | No | true | Include rule explanation |
includeCodeExamples | boolean | No | true | Include compliant/non-compliant examples |
includeFilePath | boolean | No | true | Include absolute file path for editing |
includeFileHeader | boolean | No | true | Include the file header (imports/signature) before the issue context |
headerMaxLines | number | No | 60 | Max lines to include in the file header (max: 200) |
includeDataFlow | boolean | "auto" | No | "auto" | Include security data flow when available ("auto" only shows it if Sonar provides flows) |
maxFlows | number | No | 3 | Max flows to include when data flow is present |
maxFlowSteps | number | No | 12 | Max steps per flow to include |
flowContextLines | number | No | 3 | Context lines per dataflow step |
includeSimilarFixed | boolean | No | false | Include similar issues already FIXED in this project |
maxSimilarIssues | number | No | 3 | Max similar FIXED issues to include |
includeRelatedTests | boolean | No | false | Include related tests (best-effort) and coverage hints |
includeCoverageHints | boolean | No | true (when includeRelatedTests is true) | Include coverage hints for the issue line |
includeScmHints | boolean | No | false | Include SCM hints (author/date/revision) when available |
Usage
Basic Usage
Show me details for issue AYx123abc456
Tool call:
{
"issueKey": "AYx123abc456"
}
With More Context
Show me more code context for this issue
Tool call:
{
"issueKey": "AYx123abc456",
"contextLines": 20
}
Fix-Ready Context (Recommended)
Give me fix-ready details (header, flow if present, tests/coverage hints)
Tool call:
{
"issueKey": "AYx123abc456",
"includeFileHeader": true,
"includeDataFlow": "auto",
"includeRelatedTests": true,
"includeCoverageHints": true
}
Minimal Response
Just show me the issue location, skip the examples
Tool call:
{
"issueKey": "AYx123abc456",
"includeCodeExamples": false,
"includeRuleDetails": false
}
Learn From Similar FIXED Issues (Opt-in)
Show similar FIXED issues for the same rule (same project)
Tool call:
{
"issueKey": "AYx123abc456",
"includeSimilarFixed": true,
"maxSimilarIssues": 3
}
Response Format
SONARQUBE ISSUE ANALYSIS
ISSUE DETAILS
Key: `AYx123abc456`
Type: 🔒 VULNERABILITY
Severity: 🔴 BLOCKER
Rule: `typescript:S3649`
Status: OPEN
Message: Make sure that executing SQL queries is safe here.
LOCATION
Component: `my-project:src/db/queries.ts`
File Path: `/Users/dev/my-project/src/db/queries.ts`
Line: 45
FILE HEADER (first 60 lines)
```ts
1 | import { db } from './connection';
2 |
3 | export async function getUser(id: string) {
4 | // ...
SOURCE CODE CONTEXT
42 | export async function getUser(id: string) {
43 | // ...
44 | const query = `SELECT * FROM users WHERE id = '${id}'`;
45 | return db.execute(query);
46 | }
DATA FLOW (only when available)
Flow 1 (showing 8/14 steps)
Step 1: user input → src/api/routes.ts:12
...
Step 8: SQL execution → src/db/queries.ts:45 (PRIMARY LOCATION)
RELATED TESTS + COVERAGE HINTS (opt-in)
- Related tests:
src/db/queries.test.ts(best-effort) - Coverage: issue line appears uncovered → consider adding/adjusting tests
SCM HINTS (opt-in)
- Author: Jane Doe
- Date: 2025-11-18
- Revision: abcdef123
NEXT STEPS
- Replace the query construction with a parameterized query.
- Add/adjust tests if coverage indicates the risky path is uncovered.
RULE INFORMATION (optional) Compliant / non-compliant examples (optional)
## Examples
### Example 1: Security Vulnerability
**Prompt:**
Tell me more about this SQL injection issue
**Tool Call:**
```json
{
"issueKey": "AYx123abc456"
}
Example 2: Code Smell Investigation
Prompt:
Why is this function too complex?
Tool Call:
{
"issueKey": "AYx789def012",
"contextLines": 30
}
Example 3: Quick Location Check
Prompt:
Where exactly is issue AYx456 located?
Tool Call:
{
"issueKey": "AYx456",
"includeRuleDetails": false,
"includeCodeExamples": false,
"contextLines": 5
}
Response Fields
| Field | Description |
|---|---|
| Issue Key | Unique identifier for the issue |
| Type | BUG, VULNERABILITY, CODE_SMELL |
| Severity | BLOCKER, CRITICAL, MAJOR, MINOR, INFO |
| Effort | Estimated fix time |
| File | Absolute path to affected file |
| Line | Line number of the issue |
| Message | Brief issue description |
| Code Context | Source code with surrounding lines |
| File Header | File imports/signature to provide structural context |
| Data Flow | Source→sink flow steps for vulnerabilities (when available) |
| Similar FIXED Issues | Examples of the same rule resolved in this project (opt-in) |
| Related Tests | Best-effort related test discovery (opt-in) |
| Coverage Hints | Per-line coverage hints for the issue location (opt-in) |
| SCM Hints | Author/date/revision info when available (opt-in) |
| Rule | Rule ID and full explanation |
| Compliant Code | Example of correct code |
| Non-compliant Code | Example of problematic code |
Notes & Compatibility
Plain-text snippets (no HTML)
SonarQube has endpoints that return syntax-highlighted HTML in the code field. Bob retrieves snippets as plain text (preferring range-based endpoints when available) and falls back to slicing the raw file when needed.
Best Practices
- Get details before fixing - Always understand the issue fully
- Use context - More lines help understand the problem
- Keep data flow on
"auto"- Shows flow only when Sonar provides it - Enable tests/coverage hints when writing tests - Set
includeRelatedTests: true - Use similar FIXED issues sparingly - Helpful for patterns, but keep it opt-in
- Read the rule - Explains why the issue matters
Common Issues
"Issue not found"
Cause: Invalid issue key or issue was resolved.
Solution: Run sonar_scan_project to get fresh issue keys.
"No code context"
Cause: File was deleted or moved.
Solution: Re-scan to update issue locations.
Related Tools
sonar_scan_project- Get issue keyssonar_analyze_patterns- Group similar issuessonar_get_security_hotspot_details- Security hotspots