Installing the SonarScanner for NPM
4.0.1 2024-06-03
Depending on how you want to start the SonarScanner for NPM, you will use a different installation method:
- To start the scanner by adding the analysis to your build files: add the package to your project devDependencies.
- To start the scanner from the command line: install the package in global mode.
- To run analyses with npx: no installation is required.
Prerequisites
See Scanner environment.
Adding the scanner to your project devDependencies
Use the following command:
Installing the scanner in global mode
Use the following command:
Performing advanced setup
Changing the scanner cache folder
By default, the scanner binaries are cached into $HOME/.sonar/native-sonar-scanner
folder. To use a custom cache folder instead of $HOME
, set $SONAR_BINARY_CACHE
.
Example:
or alternatively, set the variable in .npmrc
:
Setting up the connection to a proxy server
In case the CI/CD host is behind a proxy, you must define the proxy-related analysis parameters required to connect to your proxy server to allow the scanner to download the scanner binaries. For more information, see Analysis parameters > Proxy. You may also use the HTTP_PROXY
or HTTPS_PROXY
environment variable.
Examples:
sonar.scanner.proxyHost=mycompanyproxy.com
sonar.scanner.proxyPort=4254
sonar.scanner.proxyUser=sys
sonar.scanner.proxyPassword=e12iUp!
HTTP_PROXY=http://user:password@mycompanyproxy.com:PORT
Troubleshooting the installation
Docker container: the scanner fails with ".../jre/bin/java: not found"
You are probably relying on Alpine for your Docker image, and Alpine does not include glibc by default. It needs to be installed manually.
Was this page helpful?