CLI-47 support multiple files & dir analysis with secrets

[sophio-japharidze-sonarsource]

No description provided.

[hashicorp-vault-sonar-prod]

CLI-47

[jonas-wielage-sonarsource]

LGTM, thanks for the quick improvement here 💪
Please have a look at my comments to see if it's worth adding before merging

[sonarqubecloud]

SonarQube reviewer guide

Summary: Refactor sonar analyze secrets command to accept multiple file/directory paths as positional arguments instead of a --file flag, improving CLI usability and flexibility.

Review Focus:

• The core logic change in src/cli/commands/analyze/secrets.ts where performFileScan() becomes performPathsScan() to handle multiple paths with validation for each
• Changes to command-tree.ts CLI argument parsing - ensure the argument binding [paths...] correctly passes arguments to the action handler
• Validation logic updates in validateScanOptions() now checks array length instead of existence; verify error messages are clear

Start review at: src/cli/command-tree.ts. This file defines how CLI arguments are parsed and passed to the command handler, making it critical to verify the argument binding is correct before reviewing downstream logic.

💬 Please send your feedback

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
94.7% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[kirill-knize-sonarsource]

LGTM

[kirill-knize-sonarsource]

As discussed we will need to think about coherent UX for all the analysis we will have. What happens if people call just parent command:
sonar analyze file1.txt file2.txt
What happens to analyzing commands who doesn't support multi-file analysis?

[kirill-knize-sonarsource]

There's no example that shows we can call with many files.