JSON

The analysis of JSON files is enabled for some organizations via a feature flag and will soon be enabled by default for all users. If you want to manually opt-in, you can set the sonar.featureflag.cloud-security-enable-generic-yaml-and-json-analyzer property to true.

By setting the above mentioned property to false, you can also opt-out of the analysis during this roll-out phase.

You can permanently disable the analysis by setting the sonar.json.activate property to false.

These properties do not affect analysis of language / framework specific YAML files.

In addition to this general JSON analysis, JSON files that are detected as belonging to the CloudFormation or Azure Resource Manager language-types are also analyzed by the dedicated analyzers.

Language-specific properties

To discover and update the JSON-specific properties, navigate in SonarQube Cloud to Your Project > Administration > General Settings > Languages > JSON. See the Analysis parameters page for more information about specific properties.