SonarQube Community Build | Analyzing source code | Scanners | SonarScanner for NPM | Introduction
Introduction to the SonarScanner for NPM
The SonarScanner for NPM makes it very easy to trigger a SonarQube Server analysis on a JavaScript code base, without needing any additional tool or resource.
This documentation refers to the SonarScanner for NPM from version 4.0.
Analysis process with the SonarScanner for NPM
To start the SonarScanner for NPM, you can:
- Either add the analysis to your build files.
In that case, the JS code API of the scanner is used. - Or use the scanner start command line (with or without npx).
In that case, the command line API of the scanner is used.
The analysis process of your project with the SonarScanner for NPM is as follows:
- Your build or CI pipeline starts the SonarScanner for NPM. Analysis parameters can be passed to the scanner at this step.
- The scanner collects the other analysis parameters set on the CI/CD host.
- The scanner downloads the scanner binary files necessary to execute the analysis from SonarQube Community Build and adds them to its cache.
- The scanner gets the project’s analysis parameters and other settings from SonarQube Community Build.
- The scanner runs the analysis.
- The scanner informs the build or CI pipeline that its analysis is complete.
Related pages
Installing the SonarScanner for NPM
Using the SonarScanner for NPM
Configuring the analysis parameters for the SonarScanner for NPM
Was this page helpful?