sonarqube: remove due to non-free licenses (SSALv1 and Elastic-2.0)

[cho-m]

Removing SonarQube based on Homebrew's documented policy¹ for
handling core formulae with a non-open-source license.

As of 2024-11-29, SonarQube has been shipping bundled analyzers under
their new "Sonar Source-Available License Version 1.0" (SSALv1)².

SonarQube also ships a bundled copy of Elasticsearch which is under
Elastic's non-free Elastic-2.0 license.

Due to above, SonarQube is not allowed in homebrew/core. Users who are
interested can either submit a new Cask or extract formula to a tap.

Footnotes

1. https://docs.brew.sh/Deprecating-Disabling-and-Removing-Formulae#removal ↩

2. https://www.sonarsource.com/license/ ↩

[cho-m]

I wonder if some defaults are different for OpenJDK 21:

  sandbox initialization failed: Operation not permitted
  2025.03.08 11:55:37 ERROR es[][o.e.b.Elasticsearch] fatal exception while booting Elasticsearch
  java.lang.UnsupportedOperationException: sandbox_init(): Operation not permitted
  	at org.elasticsearch.nativeaccess.MacNativeAccess.initMacSandbox(MacNativeAccess.java:120) ~[elasticsearch-native-8.16.3.jar:?]

---

On side note, still should consider move to Cask due to bundled ElasticSearch (under Elastic-2.0 / SSPL license)

Tricky part is the Formula layout doesn't work well in Cask and would require *flight logic. And I think we may have signing audit failure if we use shim scripts.

[SMillerDev]

I think we should just disable it since it bundles non-free software. The cask can be made if someone wants to keep it in the official taps.

[cho-m]

I think we should just disable it since it bundles non-free software. The cask can be made if someone wants to keep it in the official taps.

Main concern is it is somewhat popular ranking at ~#600 most installed

==> Analytics
install: 1,746 (30 days), 4,837 (90 days), 19,710 (365 days)
install-on-request: 1,746 (30 days), 4,837 (90 days), 19,708 (365 days)
build-error: 0 (30 days)

which is why I was looking if possible to make into a Cask.

[SMillerDev]

I won't stop you, but I feel that cases where upstream decides to package non-free software are way outside of the scope of what I want to support for Homebrew.

[cho-m]

Having trouble making a Cask so guess will just disable it. Maybe one of the users would be interested enough to submit a Cask or consider a tap.

In addition to Elasticsearch (Elastic-2.0), it looks like bundled analyzers are non-free (source-available license).

https://www.sonarsource.com/license/

binaries for SonarQube Community Build and SonarQube for IDE will continue to be released under the LGPLv3 license, but the bundled analyzers will be subject to a new Sonar Source-Available License Version 1.0 (SSALv1).

[cho-m]

Though we may need to go for direct removal based on our documented policy.

https://docs.brew.sh/Deprecating-Disabling-and-Removing-Formulae#removal

A formula should be removed if it does not meet our criteria for acceptable formulae or versioned formulae, has a non-open-source license

[cho-m]

May need to remove sonarqube-lts too. Doesn't have analyzers but it still has Elasticsearch issue bundling v7.17.15 under Elastic License 2.0