Summary
The entire api/qualitygates/* controller has been deprecated on SonarQube Cloud since 16 September 2025. It is not yet deprecated on SonarQube Server. The CLI supports both — customers may use either.
The v2 replacement uses a completely different base URL and path structure:
- Cloud v1 (deprecated):
sonarcloud.io/api/qualitygates/project_status
- Cloud v2:
api.sonarcloud.io/... with hyphenated paths — see v2 API docs
Confirmed by querying SonarQube Cloud's self-describing API at sonarcloud.io/api/webservices/list — all 15 qualitygates endpoints carry deprecatedSince: "16 September, 2025".
SonarQube Cloud deprecation page: https://sonarcloud.io/web_api/api/qualitygates?deprecated=true
Affected endpoints
We use these in internal/sonar/sonar.go:
| Current v1 endpoint |
Cloud status |
Server status |
api/qualitygates/project_status |
Deprecated (16 Sep 2025) |
Active |
api/ce/task |
Active |
Active |
api/ce/activity |
Active |
Active |
api/project_analyses/search |
Active |
Active |
v2 API details
The v2 API is documented at https://api-docs.sonarsource.com/sonarqube-cloud/default/landing
Key differences from v1:
- Different base URL:
api.sonarcloud.io (not sonarcloud.io/api/...)
- Hyphenated paths:
/quality-gates not /qualitygates
- Bearer token auth (same as v1)
- No direct
project_status equivalent found yet — the v2 quality-gates endpoints cover gate management (CRUD, conditions, project associations) but not analysis result querying. The closest candidate is GET /analysis-statuses which "returns the analysis status of branches and pull requests for given projects". This needs investigation.
Context
- CLI customers may use SonarQube Cloud OR self-hosted SonarQube Server
- Cloud is ahead of Server on the v1→v2 migration
- No removal date announced yet, but SonarQube's deprecation policy: endpoints can be dropped "in January of the year following deprecation, but not before 6 months after"
- We likely need to support both v1 and v2 during transition
Tasks
Tracking
Tracked in kosli-dev/external-dependencies — see cli/sonarqube.yaml.
Summary
The entire
api/qualitygates/*controller has been deprecated on SonarQube Cloud since 16 September 2025. It is not yet deprecated on SonarQube Server. The CLI supports both — customers may use either.The v2 replacement uses a completely different base URL and path structure:
sonarcloud.io/api/qualitygates/project_statusapi.sonarcloud.io/...with hyphenated paths — see v2 API docsConfirmed by querying SonarQube Cloud's self-describing API at
sonarcloud.io/api/webservices/list— all 15 qualitygates endpoints carrydeprecatedSince: "16 September, 2025".SonarQube Cloud deprecation page: https://sonarcloud.io/web_api/api/qualitygates?deprecated=true
Affected endpoints
We use these in
internal/sonar/sonar.go:api/qualitygates/project_statusapi/ce/taskapi/ce/activityapi/project_analyses/searchv2 API details
The v2 API is documented at https://api-docs.sonarsource.com/sonarqube-cloud/default/landing
Key differences from v1:
api.sonarcloud.io(notsonarcloud.io/api/...)/quality-gatesnot/qualitygatesproject_statusequivalent found yet — the v2 quality-gates endpoints cover gate management (CRUD, conditions, project associations) but not analysis result querying. The closest candidate isGET /analysis-statuseswhich "returns the analysis status of branches and pull requests for given projects". This needs investigation.Context
Tasks
project_status(checkGET /analysis-statusesand the v2 docs)internal/sonar/sonar.goto use v2 when connecting to SonarQube CloudTracking
Tracked in
kosli-dev/external-dependencies— seecli/sonarqube.yaml.