diff --git a/.config/dotnet-tools.json b/.config/dotnet-tools.json
index a567b80..6d3f107 100644
--- a/.config/dotnet-tools.json
+++ b/.config/dotnet-tools.json
@@ -2,8 +2,14 @@
   "version": 1,
   "isRoot": true,
   "tools": {
+    "dotnet-sonarscanner": {
+      "version": "7.1.1",
+      "commands": [
+        "dotnet-sonarscanner"
+      ]
+    },
     "microsoft.sbom.dotnettool": {
-      "version": "2.2.6",
+      "version": "2.2.7",
       "commands": [
         "sbom-tool"
       ]
diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index 52fa18a..c5c919b 100644
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -7,6 +7,10 @@ on:
       version:
         required: true
         type: string
+    secrets:
+      SONAR_TOKEN:
+        required: true
+
 
 jobs:
   build:
@@ -32,6 +36,18 @@ jobs:
       run: > 
         dotnet restore
       
+    - name: Start Sonar Scanner
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      run: >
+        dotnet dotnet-sonarscanner
+        begin
+        /k:"demaconsulting_SpdxTool"
+        /o:"demaconsulting"
+        /d:sonar.token="${{ secrets.SONAR_TOKEN }}"
+        /d:sonar.host.url="https://sonarcloud.io"
+        /d:sonar.cs.opencover.reportsPaths=**/*.opencover.xml
+
     - name: Build
       run: >
         dotnet build
@@ -45,7 +61,16 @@ jobs:
         --no-build
         --configuration Release
         --property:Version=${{ inputs.version }}
+        --collect "XPlat Code Coverage;Format=opencover"
 
+    - name: End Sonar Scanner
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      run: >
+        dotnet dotnet-sonarscanner
+        end
+        /d:sonar.token="${{ secrets.SONAR_TOKEN }}"
+ 
     - name: Generate Tool SBOM
       run: >
         dotnet sbom-tool generate
diff --git a/.github/workflows/build_on_push.yaml b/.github/workflows/build_on_push.yaml
index e1a9037..b3c1f87 100644
--- a/.github/workflows/build_on_push.yaml
+++ b/.github/workflows/build_on_push.yaml
@@ -12,6 +12,8 @@ jobs:
     with:
       os: windows-latest
       version: 0.0.0-run.${{ github.run_number }}
+    secrets:
+      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
 
   build-linux:
     name: Build Linux
@@ -19,3 +21,5 @@ jobs:
     with:
       os: ubuntu-latest
       version: 0.0.0-run.${{ github.run_number }}
+    secrets:
+      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
index 0ccd9be..437d863 100644
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -24,6 +24,8 @@ jobs:
     with:
       os: ubuntu-latest
       version: ${{ inputs.version }}
+    secrets:
+      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
 
   release:
     permissions:
diff --git a/test/DemaConsulting.SpdxTool.Tests/DemaConsulting.SpdxTool.Tests.csproj b/test/DemaConsulting.SpdxTool.Tests/DemaConsulting.SpdxTool.Tests.csproj
index f4aaf64..f4799ea 100644
--- a/test/DemaConsulting.SpdxTool.Tests/DemaConsulting.SpdxTool.Tests.csproj
+++ b/test/DemaConsulting.SpdxTool.Tests/DemaConsulting.SpdxTool.Tests.csproj
@@ -19,8 +19,8 @@
       <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
     </PackageReference>
     <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.10.0" />
-    <PackageReference Include="MSTest.TestAdapter" Version="3.5.0" />
-    <PackageReference Include="MSTest.TestFramework" Version="3.5.0" />
+    <PackageReference Include="MSTest.TestAdapter" Version="3.5.1" />
+    <PackageReference Include="MSTest.TestFramework" Version="3.5.1" />
   </ItemGroup>
 
   <ItemGroup>