What's new in SonarQube Server 2026.3
We've empowered engineering teams to ship highly performant, secure code faster through seamless AI integration and robust code intelligence across the software development lifecycle.
Next-Generation AI Connectivity
Accelerate developer velocity securely by bringing zero-configuration AI integration directly into your development environment.
- Embedded Model Context Protocol (MCP) Integration: We've bridged the gap between AI-driven coding workflows and deep code analysis by natively embedding an MCP-compliant endpoint via Streamable HTTP/SSE directly into the platform. Developers can instantly connect AI coding assistants like Cursor, Claude Code, and GitHub Copilot to get on-demand access to a project's issues and quality gates. Administrators benefit from centralized governance through a global kill-switch toggle utilizing existing user tokens, completely removing the infrastructure overhead of self-hosting standalone containers.
Advanced Language & Automation Support
Deepen your code intelligence to prevent severe memory bloat, ensure resilient CI/CD pipelines, and secure critical deployment automation scripts.
- Comprehensive Python Intelligence: Protect your Python applications from severe memory bloat, "Out of Memory" (OOM) kills, and runtime errors. We've introduced over 60 rules for Python collections and data structures to ensure resource-conscious and idiomatically sound code. Additionally, over 10 new rules for Object-Oriented Python Programming (OOP) constructs enforce strong data encapsulation and prevent variable leaks or inheritance bugs in large-scale frameworks.
- Groovy Rules for Jenkins Pipelines: Prevent massive pipeline outages and cleanly maintain your continuous integration systems with 17 new, rigorously tested Groovy rules explicitly designed to detect script defects in Jenkins CI/CD pipelines.
- Native PowerShell Support: Deepen visibility into your critical deployment infrastructure. We now treat PowerShell as a first-class language, delivering syntax highlighting, code metrics, and over 20 dedicated rules to secure automation scripts heavily utilized on Windows platforms and within GitHub Actions workflows.
Enterprise Administration, Resilience & Compliance
Radically optimize your platform operations with frictionless enterprise syncing, proactive performance observability, and automated regulatory reporting.
- Optimized GitLab Authentication & Automatic Provisioning: Experience dramatically faster login times, cleaner logs, and zero administrative friction when syncing permission groups at an enterprise scale. This major overhaul natively maps the new GitLab "Planner" role, reduces benign warning logs, and introduces an "Allow all groups" option that bypasses stringent 4,000-character database limits on group allowlists.
- Standard Alerts for Performance Issues: Proactively fix performance problems before developers are impacted. Built-in UI banners provide out-of-the-box native observability to alert system administrators to degraded performance, such as failing background tasks or excessively long analysis times, without requiring complex external monitoring integrations.
- Automated VEX Export for Streamlined Compliance: Effortlessly demonstrate regulatory compliance for mandates like the Cyber Resilience Act (CRA). SonarQube Advanced Security users can now automatically generate external-facing Vulnerability Exploitability Exchange (VEX) documents in the standardized CycloneDX 1.6 format. This entirely replaces manual data trawling, instantly providing ready-made reports compiling vulnerability postures, statuses, and engineering justifications to accompany your Software Bill of Materials (SBOMs).
Details of 2026.3 release can be found in the SonarQube Server release notes.
Ready to experience the power of SonarQube Server? Get it today and find out.
Consider migrating to SonarQube Cloud. With the same enterprise-grade capabilities as Server, migrating once means never having to perform another manual version update again, ensuring your team always has immediate access to our latest innovations. Contact sales to discuss migrating now.