npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

@etnetera/sonarqube-scanner

v2.8.4

Published

Forked SonarQube/SonarCloud Scanner for the JavaScript world. Forked from: https://github.com/bellingard/sonar-scanner-npm

Downloads

128

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

centi_etncenti_etnetnetera-npmetnetera-npm

Keywords

sonarqubesonarcloudsonarqube-scannersonarqube-runnersonar-scannersonar-runner

Readme

NPM module to run SonarQube/SonarCloud analyses

sonarqube-scanner makes it very easy to trigger SonarQube / SonarCloud analyses on a JavaScript code base, without needing to install any specific tool or (Java) runtime.

This module is analyzed on SonarCloud.

Build status Quality Gate Maintainability Reliability Security Releases Coverage Status

Installation

This package is available on npm as: sonarqube-scanner

To add code analysis to your build files, simply add the package to your project dev dependencies:

npm install -D sonarqube-scanner

To install the scanner globally and be able to run analyses on the command line:

npm install -g sonarqube-scanner

Usage: add code analysis to your build files

Prerequisite: you've installed the package as a dev dependency.

The following example shows how to run an analysis on a JavaScript project, and pushing the results to a SonarQube instance:

const scanner = require('sonarqube-scanner');

scanner(
  {
    serverUrl : 'https://sonarqube.mycompany.com',
    token : "019d1e2e04eefdcd0caee1468f39a45e69d33d3f",
    options: {
      'sonar.projectName': 'My App',
      'sonar.projectDescription': 'Description for "My App" project...',
      'sonar.sources': 'src',
      'sonar.tests': 'specs'
    }
  },
  () => process.exit()
)

Syntax: sonarqube-scanner ( parameters, [callback] )

Arguments

  • parameters Map
    • serverUrl String (optional) The URL of the SonarQube server. Defaults to http://localhost:9000
    • token String (optional) The token used to connect to the SonarQube/SonarCloud server. Empty by default.
    • options Map (optional) Used to pass extra parameters for the analysis. See the official documentation for more details.
  • callback Function (optional) Callback (the execution of the analysis is asynchronous).

Usage: run analyses on the command line

Prerequisite: you've installed the package globally.

If you want to run an analysis without having to configure anything in the first place, simply run the sonar-scanner command. The following example assumes that you have installed SonarQube locally:

cd my-project
sonar-scanner

Specifying properties/settings

  • If there's a package.json file in the folder, it will be read to feed the analysis with basic information (like project name or version)
  • If there's a sonar-project.properties file in the folder, it will behave like the original SonarScanner
  • Additional analysis parameters can be passed on the command line using the standard -Dsonar.xxx=yyy syntax

    • Example:

      sonar-scanner -Dsonar.host.url=https://myserver.com -Dsonar.login=019d1e2e04e

FAQ

I constantly get "Impossible to download and extract binary [...] In such situation, the best solution is to install the standard SonarScanner", what can I do?

You can install manually the standard SonarScanner, which requires to have a Java Runtime Environment available too (Java 8+). Once this is done, you can replace the 2nd line of the example by:

var scanner = require('sonarqube-scanner').customScanner;

In my Docker container, the scanner fails with ".../jre/bin/java: not found", how do I solve this?

You are probably relying on Alpine for your Docker image, and Alpine does not include glibc by default. It needs to be installed manually.

Thanks to Philipp Eschenbach for troubleshooting this on issue #59.

Download From Mirrors

By default, the scanner binaries are downloaded from https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/. To use a custom mirror, set $SONAR_SCANNER_MIRROR. Or download precise version with $SONAR_SCANNER_VERSION

Example:

export SONAR_SCANNER_MIRROR=https://npm.taobao.org/mirrors/sonar-scanner/
export SONAR_SCANNER_VERSION=3.2.0.1227

or alternatively set variable in .npmrc

    sonar_scanner_mirror=https://npm.taobao.org/mirrors/sonar-scanner/
    sonar_scanner_version=3.2.0.1227

Specifying the cache folder

By default, the scanner binaries are cached into $HOME/.sonar/native-sonar-scanner folder. To use a custom cache fodler instead of $HOME, set $SONAR_BINARY_CACHE.

Example:

export SONAR_BINARY_CACHE=/Users/myaccount/cache

or alternatively set variable in .npmrc

    sonar_binary_cache=/Users/myaccount/cache

Explicitly specifying target OS from env

By default, the scanner tries to get the target OS from process.platform. You can override this by specifying the environment variable SONAR_SCANNER_TARGET_OS. Possible values are 'windows', 'linux', 'macosx', 'universal' (specifying universal will download the binary without any OS suffix).

Example:

export SONAR_SCANNER_TARGET_OS=universal

Using a existing local copy of Sonar scanner binary

By default, the scanner tries to download the binaries or use the cached binaries (after downloading). If you want to have complete control of the binaries (version, location on file system, ...), you can download it yourself and then use the environment variable SONAR_SCANNER_BIN to specify the path to the binaries.

Example:

export SONAR_SCANNER_BIN=/home/foo/sonar-scanner/bin/sonar-scanner

License

sonarqube-scanner is licensed under the LGPL v3 License.