search
Start Free

Introduction

The SonarScanner for NPM makes it very easy to trigger a SonarQube Community Build analysis on your JavaScript code base, without needing additional tools.

The SonarScanner for NPM makes it very easy to trigger a SonarQube analysis on a JavaScript code base, without needing any additional tool or resource.

circle-info

This documentation refers to the SonarScanner for NPM from version 4.0.

hashtag
Analysis process with the SonarScanner for NPM

To start the SonarScanner for NPM, you can:

  • Either add the analysis to your build files. In that case, the JS code API of the scanner is used.

  • Or use the scanner start command line (with or without npx). In that case, the command line API of the scanner is used.

The analysis process of your project with the SonarScanner for NPM is as follows:

  1. Your build or CI pipeline starts the SonarScanner for NPM. Analysis parameters can be passed to the scanner at this step.

  2. The scanner collects the other analysis parameters set on the CI/CD host.

  3. The scanner downloads the scanner binary files necessary to execute the analysis from SonarQube Community Build and adds them to its cache.

  4. The scanner gets the project’s analysis parameters and other settings from SonarQube Community Build.

  5. The scanner runs the analysis.

  6. The scanner informs the build or CI pipeline that its analysis is complete.

How the SonarScanner for NPM integrates with your CI/CD pipeline.

hashtag
Related pages

Installing the scanner

Using the scanner

Configuring the scanner

PreviousSonarScanner for NPMNextInstalling the scanner

Last updated

Was this helpful?