Start FreeLog in
SonarCloud | Advanced setup | CI-based analysis | SonarScanner for NPM | Installing the SonarScanner for NPM

Was this page helpful?

Installing the SonarScanner for NPM

On this page

Depending on how you want to start the SonarScanner for NPM, you will use a different installation method:

  • To start the scanner by adding the analysis to your build files: add the package to your project devDependencies.
  • To start the scanner from the command line: install the package in global mode.
  • To run analyses with npx: no installation is required.


See Scanner environment.

Adding the scanner to your project devDependencies

Use the following command:

npm install -D sonarqube-scanner

Installing the scanner in global mode

Use the following command:

npm install -g sonarqube-scanner

Performing advanced setup

Changing the scanner cache folder 

By default, the scanner binaries are cached into $HOME/.sonar/native-sonar-scanner folder. To use a custom cache folder instead of $HOME, set $SONAR_BINARY_CACHE.


export SONAR_BINARY_CACHE=/Users/myaccount/cache

or alternatively, set the variable in .npmrc:


Setting up the connection to a proxy server

In case the CI/CD host is behind a proxy, you must define the proxy-related analysis parameters required to connect to your proxy server to allow the scanner to download the scanner binaries. For more information, see Analysis parameters > Proxy. You may also use the HTTP_PROXY or HTTPS_PROXY environment variable.



Troubleshooting the installation

Docker container: the scanner fails with ".../jre/bin/java: not found"

You are probably relying on Alpine for your Docker image, and Alpine does not include glibc by default. It needs to be installed manually.

© 2008-2024 SonarSource SA. All rights reserved. SONAR, SONARSOURCE, SONARLINT, SONARQUBE, SONARCLOUD, and CLEAN AS YOU CODE are trademarks of SonarSource SA.

Creative Commons License