{"library":"sonarqube-scanner","title":"SonarQube/SonarCloud Scanner for JavaScript Projects","type":"library","description":"The `sonarqube-scanner` package provides a Node.js-based client to initiate code analysis on SonarQube Server and SonarCloud for JavaScript, TypeScript, and other compatible projects. Unlike the Java-based SonarScanner CLI, this module does not require a Java Runtime Environment, streamlining integration into JavaScript-centric build pipelines. The current stable version is 4.3.6, with frequent releases primarily focused on dependency updates, minor bug fixes, and security patches. It offers both a command-line interface (via `npx @sonar/scan` or global installation) and a programmatic API for integration into Node.js applications. Key differentiators include its lightweight nature for Node.js environments and direct support for `sonar.projectKey`, `sonar.sources`, and other SonarQube analysis properties.","language":"javascript","status":"active","last_verified":"Sun Apr 19","install":{"commands":["npm install sonarqube-scanner"],"cli":{"name":"sonar-scanner","version":null}},"imports":["import scanner from 'sonarqube-scanner';\n// or\nimport * as scanner from 'sonarqube-scanner';","import scanner from 'sonarqube-scanner';\nscanner({ /* options */ }, callback);","npx sonarqube-scanner\n# or globally installed\nsonar"],"auth":{"required":false,"env_vars":[]},"links":{"homepage":"https://www.sonarsource.com/products/sonarqube/","github":"https://github.com/SonarSource/sonar-scanner-npm","docs":null,"changelog":null,"pypi":null,"npm":"https://www.npmjs.com/package/sonarqube-scanner","openapi_spec":null,"status_page":null,"smithery":null},"quickstart":{"code":"import scanner from 'sonarqube-scanner';\nimport path from 'node:path';\n\nconst projectKey = process.env.SONAR_PROJECT_KEY ?? 'my-typescript-project';\nconst serverUrl = process.env.SONAR_SERVER_URL ?? 'http://localhost:9000';\nconst token = process.env.SONAR_TOKEN ?? ''; // Optional, for authenticated scans\n\nconsole.log(`Starting SonarQube scan for project: ${projectKey}`);\n\nscanner(\n  {\n    serverUrl: serverUrl,\n    token: token, // Pass token only if required for authentication\n    options: {\n      'sonar.projectKey': projectKey,\n      'sonar.projectName': projectKey, // Often same as key\n      'sonar.projectVersion': '1.0.0',\n      'sonar.sources': 'src',\n      'sonar.tests': 'test',\n      'sonar.typescript.lcov.reportPaths': 'coverage/lcov.info',\n      'sonar.javascript.maxFileSize': '10000',\n      'sonar.sourceEncoding': 'UTF-8',\n      'sonar.exclusions': '**/node_modules/**, **/*.d.ts',\n      'sonar.host.url': serverUrl, // Redundant if serverUrl is set directly, but common\n      // Add other properties as needed, e.g., 'sonar.login': token for older versions\n    },\n  },\n  () => {\n    console.log('SonarQube scan finished or failed (check SonarQube logs).');\n    // The callback is invoked regardless of success/failure, \n    // so check SonarQube server for actual status.\n  }\n);\n","lang":"typescript","description":"This TypeScript example demonstrates how to programmatically trigger a SonarQube analysis for a project, configuring common properties like project key, sources, tests, and coverage reports. It uses environment variables for sensitive data.","tag":null,"tag_description":null,"last_tested":null,"results":[]},"compatibility":null}