# Using the scanner
You can start the SonarScanner for NPM and thus, integrate it into your CI or build pipeline, in the following ways:
* From the command line: A global mode installation of the scanner is required.
* From the command line with npx: No scanner installation is required.
* By adding the analysis step to your build files: The scanner must be added to the project’s devDependencies.
You can pass analysis parameters in the command line and in the analysis step coded in JS. In addition, the SonarScanner for NPM gets analysis parameters from different other sources: see the [Configuring the scanner](/sonarqube-cloud/analyzing-source-code/scanners/sonarscanner-for-npm/configuring.md) page.
## Starting the scanner from the command line
1. Make sure the scanner is installed in global mode. See the [Installing the scanner](/sonarqube-cloud/analyzing-source-code/scanners/sonarscanner-for-npm/installing.md) page for instructions.
2. Use the `sonar-scanner` command to start the analysis.\
To pass analysis parameters in the command line, use the standard `-Dsonar.xxx=yyy` syntax.
```bash
sonar -Dsonar.region=us -Dsonar.token= -Dsonar.organization=
```
{% hint style="warning" %}
This example is based on using a newer SonarScanner version with the US instance of SonarQube Cloud. To use the EU instance instead, remove the `sonar.region` property setting. For more details on this parameter, or if you're using a SonarScanner version smaller than 4.0, see [Parameters not settable in the UI](/sonarqube-cloud/analyzing-source-code/analysis-parameters/parameters-not-settable-in-ui.md#server-connection).
{% endhint %}
Passing a project key is optional: the scanner for NPM uses the `name` field of the `package.json` file as project key. However, you can override the project key by passing the `-Dsonar.projectKey` to the command line.
## Starting the scanner from the command line with npx
* Use the `npx @sonar/scan` command to start the analysis.\
To pass analysis parameters in the command line, use the standard `-Dsonar.xxx=yyy` syntax.\
Example:
```bash
npx @sonar/scan -Dsonar.region=us -Dsonar.token=
```
{% hint style="warning" %}
This example is based on using a newer SonarScanner version with the US instance of SonarQube Cloud. To use the EU instance instead, remove the `sonar.region` property setting. For more details on this parameter, or if you're using a SonarScanner version smaller than 4.0, see [Parameters not settable in the UI](/sonarqube-cloud/analyzing-source-code/analysis-parameters/parameters-not-settable-in-ui.md#server-connection).
{% endhint %}
## Adding the analysis step to your build files
1. Make sure the scanner is installed in your project’s devDependencies: see the [Installing the scanner](/sonarqube-cloud/analyzing-source-code/scanners/sonarscanner-for-npm/installing.md) page.
2. Code the analysis step in JS in your build files, as shown in the example below.
```javascript
const scanner = require('@sonar/scan');
scanner(
{
serverUrl: 'https://sonarqube.mycompany.com',
token: '019d1e2e04eefdcd0caee1468f39a45e69d33d3f',
options: {
'sonar.projectName': 'My App',
'sonar.projectDescription': 'Description for "My App" project...',
'sonar.sources': 'src',
'sonar.tests': 'test',
},
},
() => process.exit(),
);
```
Where the syntax is as follows:
```javascript
scanner ( parameters, [callback] )
```
* parameters (format: Map)
* serverUrl (format: String; optional): The URL of the SonarQube server. Defaults to the value of the SonarQube Cloud URL (`sonar.scanner.cloudUrl` property).
* token (format: String; optional): The token used to connect to the SonarQube server or SonarQube Cloud. Empty by default. You can use a Personal Access Token or (recommended, from the Team plan) a Scoped Organization Token.
* options (format: Map; optional): Used to pass extra parameters for the analysis. See Configuring the analysis parameters for more details.
* callback (format: Function; optional): Callback (the execution of the analysis is asynchronous).
## Starting the scanner from the command line with pnpx
`@sonar/scan` has multiple binaries, so pnpx will ask which binary to provide. The approach recommended by pnpm is to use the following syntax:
```bash
pnpm --package=@sonar/scan dlx sonar -Dsonar.region=us -Dsonar.token=
```
{% hint style="warning" %}
This example is based on using a newer SonarScanner version with the US instance of SonarQube Cloud. To use the EU instance instead, remove the `sonar.region` property setting. For more details on this parameter, or if you're using a SonarScanner version smaller than 4.0, see [Parameters not settable in the UI](/sonarqube-cloud/analyzing-source-code/analysis-parameters/parameters-not-settable-in-ui.md#server-connection).
{% endhint %}
## Related pages
* [Configuring the scanner](/sonarqube-cloud/analyzing-source-code/scanners/sonarscanner-for-npm/configuring.md)
* [Managing Personal Access Tokens](/sonarqube-cloud/managing-your-account/managing-tokens.md)
* [Managing Scoped Organization Tokens](/sonarqube-cloud/administering-sonarcloud/managing-organization/scoped-organization-tokens.md)
* [Getting started in the US region](/sonarqube-cloud/getting-started/getting-started-in-us-region.md)
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.sonarsource.com/sonarqube-cloud/analyzing-source-code/scanners/sonarscanner-for-npm/using.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.