Configure SonarQube for javascript projects

Mar 5, 2019 · 2 min read

Sonarqube does static code analysis which provides a detailed report of bugs, codesmells, vulnerabilities, code duplications.

This post describes how to configure sonarqube plugin for javascript project on windows.

Setup Sonarqube and Sonar Scanner:-

Download Sonarqube( ) and Sonar scanner ( ) for windows and unzip both files.

Add path of sonar scanner bin folder to environment variables. Example:- C:\sonar-scanner-\bin

Install Sonarqube as windows service by running InstallNTService.bat in windows bin folder Example: -C:\sonarqube-7.6\bin\windows-x86–32\InstallNTService.bat

Configure Project for Sonarqube analysis:-

Create a file in the root folder of your project.

Configure projectKey, projectName, projectVersion, sources as below. projectKey can be any unique string.

Open and edit with required configuration of your choice, by default these will be commented. Below is the example for default server on local machine.

Now open command prompt and go to the root folder of your project where file is present and run command sonar-scanner

Now you can see the generated sonar report at localhost:9000 and clicking on the project ( in this case http://localhost:9000/dashboard?id=my%3Aproject ).

By default sonarqube will have various profiles configured for java, javscript etc. since we have given sonar.sources=src/main/web/app which contains all our frontend js code in the file all the javascript code will be analyzed by sonarqube.

Eslint rules also can be applied in sonar report by downloading this plugin jar

Written by



Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade