# Copy this file to `.env` (which is gitignored) and fill in real values.
# The `.env` file is consumed by `make sonar` to authenticate against the
# SonarQube server; everything else can run without it.
# Project analysis token — generated per-project in SonarQube web UI.
# See `docs/security-template/CHECKLIST.md` step 4 for how to create one
# in the shared template, or the CHECKLIST.md in the per-tool repo root.
SONAR_TOKEN=
# SonarQube server URL — unchanged across repos unless the server moves.
SONAR_HOST_URL=https://sonar.aaru.network