# Configuring the analysis parameters The analysis parameters are various parameters used to set up the project analysis. The following applies: * A few analysis parameters are mandatory. * Many analysis parameters, such as those defining the analysis scope, have a default value and can be adjusted. * Other parameters allow you to include the code and test coverage in your analysis, or to import issues generated by a third-party analyzer, etc. {% hint style="info" %} SonarQube manages the analysis parameters through sonar properties (The sonar property key has the following syntax: `sonar..`). {% endhint %} ## Introduction to the analysis parameters setup The [introduction](https://docs.sonarsource.com/sonarqube-server/10.6/analyzing-source-code/scanners/sonarscanner-for-npm/introduction "mention") reads or receives parameters from different sources: * It gets analysis parameters through its APIs. * It reads analysis parameters from `package.json`. * It reads analysis parameters from environment variables. * It reads parameters from the `sonar-project.properties`file. * It gets the parameters that were set in the SonarQube UI. * Some parameters are assigned a default value. {% hint style="info" %} It is recommended to set the analysis parameters in the SonarQube UI when possible because it allows a centralized, reliable, and user-friendly configuration. However, nearly all analysis parameters can be configured on the CI/CD host. {% endhint %} The table below lists the different configuration methods in the order of priority in which the SonarScanner for NPM processes the corresponding parameters. It also shows whether the parameters apply to all projects (global level) or to a given project. | **Priority (higher to lower)** | **Method** | **Description** | **Global level** | **Project level** | | ------------------------------ | -------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------- | ----------------- | | 1 | API parameters | Parameters can be provided to the scanner either [introduction](https://docs.sonarsource.com/sonarqube-server/10.6/analyzing-source-code/scanners/sonarscanner-for-npm/introduction "mention"). |


| x | | 2 | Environment variables | Some parameters can be stored in environment variables on the CI/CD host. | x |


| | 4 | Project configuration file | Parameters can be defined in the `sonar-project.properties` file stored in the project root directory. |


| x | | 3 | `package.json` | The scanner reads some analysis parameters from fields of the package.json file. |


| x | | 5 | Default values | Some parameters are assigned a default value. The parameters considered here are parameters that cannot be set in the UI. | (1) | (1) | | 6 | UI (project level) | Parameters can be set in the UI for a given project. |


| x | | 7 | UI (global level) | Parameters can be set in the UI for all projects. | x |


| (1) Depends on the parameter. ### Analysis parameters read from package.json The SonarScanner for NPM parses the NPM `package.json` file of the project to be analyzed and reads the value of the parameters below from the corresponding package.json field. For information about the listed analysis parameters, see Analysis parameters. | **Analysis parameter** | **package.json field** | | ------------------------ | ---------------------- | | sonar.projectName | name | | sonar.projectVersion | version | | sonar.projectDescription | description | | sonar.links.homepage | homepage | | sonar.links.issue | bugs.url | | sonar.links.scm | repository.url | In addition, specific values may be added to the parameters listed below if particular conditions are fulfilled. | **Analysis parameter** | **Value(s) added to** | **Conditions** | | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------- | |

sonar.exclusions (see analysis-scope)
sonar.javascript.lcov.reportPaths (see Test coverage parameters)

| `nyc.report-dir` and `jest.converageDirectory` directories | If an `lcov.info` file is specified in the `package.json` fields `nyc.report-dir` and `jest.converageDirectory` | | `sonar.testExecutionReportPaths` (see [test-execution-parameters](https://docs.sonarsource.com/sonarqube-server/10.6/analyzing-source-code/test-coverage/test-execution-parameters "mention")) | `Xunit.xml` file | If the `package.json` has declared the dependency `mocha-sonarqube-reporter` and the file `xunit.xml` exists in the project directory. | ## Preparing the analysis parameters setup Depending on your tool environment and strategy, and on the analysis parameter (global or not, must be securely passed or not), you may choose one or the other setup method. All mandatory analysis parameters and some optional analysis parameters can only be set on the CI/CD host (i.e. they cannot be set in the UI). The [analysis-parameters](https://docs.sonarsource.com/sonarqube-server/10.6/analyzing-source-code/analysis-parameters "mention") page lists these parameters and provides relevant information about each one. {% hint style="info" %} To retrieve the sonar property key of a parameter set in the UI, go to the UI page where this parameter is set. The property key is displayed near the analysis parameter field. Note that it’s strongly advised **not** to define multiple-value and multiple-criteria parameters through sonar properties on the CI/CD host. {% endhint %} ## Providing analysis parameters through the scanner API See **Adding the analysis step to your build files** or **Starting the scanner from the command line** in [using-the-sonarscanner-for-npm](https://docs.sonarsource.com/sonarqube-server/10.6/analyzing-source-code/scanners/sonarscanner-for-npm/using-the-sonarscanner-for-npm "mention"). ## Setting analysis parameters in environment variables You can use environment variables on the CI/CD host to define analysis parameters: * Some parameters can be defined through a dedicated environment variable. For example, the `sonar.host.url` property value can be defined through the `SONAR_HOST_URL` environment variable. See the parameter lists in [analysis-parameters](https://docs.sonarsource.com/sonarqube-server/10.6/analyzing-source-code/analysis-parameters "mention") to know which parameters can be set in an environment variable. * The `SONAR_SCANNER_JSON_PARAMS` environment variable allows you to pass multiple analysis parameters in a single variable, encoded as JSON. Example: ```css-79elbk SONAR_SCANNER_JSON_PARAMS = { "sonar.host.url":"http://my.server", "sonar.verbose:"true"}   ``` {% hint style="info" %} Parameters set through their respective environment variable (e.g. `SONAR_HOST_URL`) have precedence over parameters set through `SONAR_SCANNER_JSON_PARAMS`. {% endhint %} ## Setting analysis parameters in sonar-project.properties See **Configuring your project** in [sonarscanner](https://docs.sonarsource.com/sonarqube-server/10.6/analyzing-source-code/scanners/sonarscanner "mention"). ## Setting analysis parameters in the SonarQube UI You can set analysis parameters in the SonarQube UI at the global level (provided you have the global Administer permission) or for a given project (provided you have the Administer permission for this project). The project level has precedence over the global level, and parameters set on the CI/CD host have precedence over parameters set in the UI. To set analysis parameters at the global level: * In the top navigation bar of the SonarQube UI, select **Administration > Configuration > General settings**. To set analysis parameters at the project level: 1. Open the project in the SonarQube UI. 2. In the top right corner of the project page, select **Project Settings > General Settings**.