# Installing the scanner

SonarScanner for NPM — 4.3.5 | Issue Tracker

**4.3.5** ^{_{**2026-03-11**}}\ ^{Update dependencies}\ [Download](https://www.npmjs.com/package/@sonar/scan/v/4.3.5)\ \ [Release notes](https://github.com/SonarSource/sonar-scanner-npm/releases/tag/4.3.5) *** **4.3.4** ^{_{**2026-01-08**}}\ ^{Fix release}\ [Download](https://www.npmjs.com/package/@sonar/scan/v/4.3.4)\ \ [Release notes](https://github.com/SonarSource/sonar-scanner-npm/releases/tag/4.3.4) *** **4.3.3** ^{_{**2026-01-07**}}\ ^{Update dependencies}\ [Download](https://www.npmjs.com/package/@sonar/scan/v/4.3.3)\ \ [Release notes](https://github.com/SonarSource/sonar-scanner-npm/releases/tag/4.3.3) *** **4.3.2** ^{_{**2025-09-25**}}\ ^{Fix release to not include dev packages}\ [Download](https://www.npmjs.com/package/@sonar/scan/v/4.3.2)\ \ [Release notes](https://github.com/SonarSource/sonar-scanner-npm/releases/tag/4.3.2) *** **4.3.1** ^{_{**2025-09-24**}}\ ^{Update dependencies}\ [Download](https://www.npmjs.com/package/@sonar/scan/v/4.3.1)\ \ [Release notes](https://github.com/SonarSource/sonar-scanner-npm/releases/tag/4.3.1) *** **4.3.0** ^{_{**2025-03-24**}}\ ^Support ^{`sonar.region`}\ [Download](https://www.npmjs.com/package/@sonar/scan/v/4.3.0)\ \ [Release notes](https://github.com/SonarSource/sonar-scanner-npm/releases/tag/4.3.0) *** **4.2.8** ^{_{**2025-02-28**}}\ ^{Minor improvements}\ [Download](https://www.npmjs.com/package/@sonar/scan/v/4.2.8)\ \ [Release notes](https://github.com/SonarSource/sonar-scanner-npm/releases/tag/4.2.8) *** **4.2.7** ^{_{**2025-02-18**}}\ ^{Change name to} ^{`@sonar/scan`}\ [Download](https://www.npmjs.com/package/@sonar/scan/v/4.2.7)\ \ [Release notes](https://github.com/SonarSource/sonar-scanner-npm/releases/tag/4.2.7) *** **4.2.6** ^{_{**2024-12-18**}}\ ^{Fix: support for Node.js 20}\ [Download](https://www.npmjs.com/package/sonarqube-scanner/v/4.2.6)\ \ [Release notes](https://github.com/SonarSource/sonar-scanner-npm/releases/tag/4.2.6) *** **4.2.5** ^{_{**2024-11-10**}}\ ^{Fix: improved error messages}\ [Download](https://www.npmjs.com/package/sonarqube-scanner/v/4.2.5)\ \ [Release notes](https://github.com/SonarSource/sonar-scanner-npm/releases/tag/4.2.5) *** **4.2.4** ^{_{**2024-10-01**}}\ ^{Update dependencies}\ [Download](https://www.npmjs.com/package/sonarqube-scanner/v/4.2.4)\ \ [Release notes](https://github.com/SonarSource/sonar-scanner-npm/releases/tag/4.2.4) *** **4.2.3** ^{_{**2024-08-22**}}\ ^{Fix: support for Node.js 18}\ [Download](https://www.npmjs.com/package/sonarqube-scanner/v/4.2.3)\ \ [Release notes](https://github.com/SonarSource/sonar-scanner-npm/releases/tag/4.2.3) *** **4.2.2** ^{_{**2024-07-15**}}\ ^{Fix: improved error handling}\ [Download](https://www.npmjs.com/package/sonarqube-scanner/v/4.2.2)\ \ [Release notes](https://github.com/SonarSource/sonar-scanner-npm/releases/tag/4.2.2) *** **4.2.1** ^{_{**2024-06-10**}}\ ^{Update dependencies}\ [Download](https://www.npmjs.com/package/sonarqube-scanner/v/4.2.1)\ \ [Release notes](https://github.com/SonarSource/sonar-scanner-npm/releases/tag/4.2.1) *** **4.2.0** ^{_{**2024-05-01**}}\ ^{Add support for new SonarQube features}\ [Download](https://www.npmjs.com/package/sonarqube-scanner/v/4.2.0)\ \ [Release notes](https://github.com/SonarSource/sonar-scanner-npm/releases/tag/4.2.0) *** **4.1.3** ^{_{**2024-03-20**}}\ ^{Fix: compatibility with SonarQube 10.2}\ [Download](https://www.npmjs.com/package/sonarqube-scanner/v/4.1.3)\ \ [Release notes](https://github.com/SonarSource/sonar-scanner-npm/releases/tag/4.1.3) *** **4.1.2** ^{_{**2024-02-10**}}\ ^{Update dependencies}\ [Download](https://www.npmjs.com/package/sonarqube-scanner/v/4.1.2)\ \ [Release notes](https://github.com/SonarSource/sonar-scanner-npm/releases/tag/4.1.2) *** **4.1.1** ^{_{**2024-01-05**}}\ ^{Fix: improved logging}\ [Download](https://www.npmjs.com/package/sonarqube-scanner/v/4.1.1)\ \ [Release notes](https://github.com/SonarSource/sonar-scanner-npm/releases/tag/4.1.1) *** **4.1.0** ^{_{**2023-12-01**}}\ ^{Add support for SonarQube 10.0}\ [Download](https://www.npmjs.com/package/sonarqube-scanner/v/4.1.0)\ \ [Release notes](https://github.com/SonarSource/sonar-scanner-npm/releases/tag/4.1.0) *** **4.0.4** ^{_{**2023-10-15**}}\ ^{Fix: improved error messages}\ [Download](https://www.npmjs.com/package/sonarqube-scanner/v/4.0.4)\ \ [Release notes](https://github.com/SonarSource/sonar-scanner-npm/releases/tag/4.0.4) *** **4.0.3** ^{_{**2023-09-10**}}\ ^{Update dependencies}\ [Download](https://www.npmjs.com/package/sonarqube-scanner/v/4.0.3)\ \ [Release notes](https://github.com/SonarSource/sonar-scanner-npm/releases/tag/4.0.3) *** **4.0.2** ^{_{**2023-08-01**}}\ ^{Fix: compatibility with Node.js 16}\ [Download](https://www.npmjs.com/package/sonarqube-scanner/v/4.0.2)\ \ [Release notes](https://github.com/SonarSource/sonar-scanner-npm/releases/tag/4.0.2) *** **4.0.1** ^{_{**2023-07-01**}}\ ^{Update dependencies}\ [Download](https://www.npmjs.com/package/sonarqube-scanner/v/4.0.1)\ \ [Release notes](https://github.com/SonarSource/sonar-scanner-npm/releases/tag/4.0.1) *** **4.0.0** ^{_{**2023-06-01**}}\ ^{Initial release as} ^{`sonarqube-scanner`}\ [Download](https://www.npmjs.com/package/sonarqube-scanner/v/4.0.0)\ \ [Release notes](https://github.com/SonarSource/sonar-scanner-npm/releases/tag/4.0.0) *** **3.9.0** ^{_{**2023-05-01**}}\ ^{Update dependencies}\ [Download](https://www.npmjs.com/package/sonarqube-scanner/v/3.9.0)\ \ [Release notes](https://github.com/SonarSource/sonar-scanner-npm/releases/tag/3.9.0) *** **3.8.0** ^{_{**2023-03-15**}}\ ^{Add support for SonarQube 9.9 LTS}\ [Download](https://www.npmjs.com/package/sonarqube-scanner/v/3.8.0)\ \ [Release notes](https://github.com/SonarSource/sonar-scanner-npm/releases/tag/3.8.0) *** **3.7.0** ^{_{**2023-01-10**}}\ ^{Update dependencies}\ [Download](https://www.npmjs.com/package/sonarqube-scanner/v/3.7.0)\ \ [Release notes](https://github.com/SonarSource/sonar-scanner-npm/releases/tag/3.7.0) *** **3.6.0** ^{_{**2022-11-20**}}\ ^{Fix: improved error handling}\ [Download](https://www.npmjs.com/package/sonarqube-scanner/v/3.6.0)\ \ [Release notes](https://github.com/SonarSource/sonar-scanner-npm/releases/tag/3.6.0) *** **3.5.0** ^{_{**2022-09-05**}}\ ^{Update dependencies}\ [Download](https://www.npmjs.com/package/sonarqube-scanner/v/3.5.0)\ \ [Release notes](https://github.com/SonarSource/sonar-scanner-npm/releases/tag/3.5.0) *** **3.4.0** ^{_{**2022-07-01**}}\ ^{Add support for SonarQube 9.6}\ [Download](https://www.npmjs.com/package/sonarqube-scanner/v/3.4.0)\ \ [Release notes](https://github.com/SonarSource/sonar-scanner-npm/releases/tag/3.4.0) *** **3.3.0** ^{_{**2022-05-10**}}\ ^{Update dependencies}\ [Download](https://www.npmjs.com/package/sonarqube-scanner/v/3.3.0)\ \ [Release notes](https://github.com/SonarSource/sonar-scanner-npm/releases/tag/3.3.0) *** **3.2.0** ^{_{**2022-03-15**}}\ ^{Fix: improved logging}\ [Download](https://www.npmjs.com/package/sonarqube-scanner/v/3.2.0)\ \ [Release notes](https://github.com/SonarSource/sonar-scanner-npm/releases/tag/3.2.0) *** **3.1.0** ^{_{**2022-01-10**}}\ ^{Update dependencies}\ [Download](https://www.npmjs.com/package/sonarqube-scanner/v/3.1.0)\ \ [Release notes](https://github.com/SonarSource/sonar-scanner-npm/releases/tag/3.1.0) *** **3.0.0** ^{_{**2021-11-01**}}\ ^{Initial support for SonarQube 9.x}\ [Download](https://www.npmjs.com/package/sonarqube-scanner/v/3.0.0)\ \ [Release notes](https://github.com/SonarSource/sonar-scanner-npm/releases/tag/3.0.0) *** **2.17.0** ^{_{**2021-09-15**}}\ ^{Update dependencies}\ [Download](https://www.npmjs.com/package/sonarqube-scanner/v/2.17.0)\ \ [Release notes](https://github.com/SonarSource/sonar-scanner-npm/releases/tag/2.17.0) *** **2.16.0** ^{_{**2021-07-01**}}\ ^{Fix: improved error handling}\ [Download](https://www.npmjs.com/package/sonarqube-scanner/v/2.16.0)\ \ [Release notes](https://github.com/SonarSource/sonar-scanner-npm/releases/tag/2.16.0) *** **2.15.0** ^{_{**2021-05-10**}}\ ^{Update dependencies}\ [Download](https://www.npmjs.com/package/sonarqube-scanner/v/2.15.0)\ \ [Release notes](https://github.com/SonarSource/sonar-scanner-npm/releases/tag/2.15.0) *** **2.14.0** ^{_{**2021-03-15**}}\ ^{Add support for SonarQube 8.9 LTS}\ [Download](https://www.npmjs.com/package/sonarqube-scanner/v/2.14.0)\ \ [Release notes](https://github.com/SonarSource/sonar-scanner-npm/releases/tag/2.14.0) *** **2.13.0** ^{_{**2021-01-10**}}\ ^{Update dependencies}\ [Download](https://www.npmjs.com/package/sonarqube-scanner/v/2.13.0)\ \ [Release notes](https://github.com/SonarSource/sonar-scanner-npm/releases/tag/2.13.0) *** **2.12.0** ^{_{**2020-11-01**}}\ ^{Fix: improved logging}\ [Download](https://www.npmjs.com/package/sonarqube-scanner/v/2.12.0)\ \ [Release notes](https://github.com/SonarSource/sonar-scanner-npm/releases/tag/2.12.0) *** **2.11.0** ^{_{**2020-09-15**}}\ ^{Update dependencies}\ [Download](https://www.npmjs.com/package/sonarqube-scanner/v/2.11.0)\ \ [Release notes](https://github.com/SonarSource/sonar-scanner-npm/releases/tag/2.11.0) *** **2.10.0** ^{_{**2020-07-01**}}\ ^{Add support for SonarQube 8.6}\ [Download](https://www.npmjs.com/package/sonarqube-scanner/v/2.10.0)\ \ [Release notes](https://github.com/SonarSource/sonar-scanner-npm/releases/tag/2.10.0) *** **2.9.0** ^{_{**2020-05-10**}}\ ^{Update dependencies}\ [Download](https://www.npmjs.com/package/sonarqube-scanner/v/2.9.0)\ \ [Release notes](https://github.com/SonarSource/sonar-scanner-npm/releases/tag/2.9.0) *** **2.8.0** ^{_{**2020-03-15**}}\ ^{Initial release}\ [Download](https://www.npmjs.com/package/sonarqube-scanner/v/2.8.0)\ \ [Release notes](https://github.com/SonarSource/sonar-scanner-npm/releases/tag/2.8.0)

Depending on how you want to start the scanner, you will use a different installation method: * To start the scanner by adding the analysis to your build files: add the package to your project devDependencies. * To start the scanner from the command line: install the package in global mode. * To run analyses with npx: no installation is required. ## Prerequisites To analyze JavaScript, TypeScript, or CSS code, the SonarScanner for NPM requires that your Node.js must be at least 18.20.0. See also the [general-requirements](https://docs.sonarsource.com/sonarqube-server/analyzing-source-code/scanners/scanner-environment/general-requirements "mention") page for additional requirements. ## Adding the scanner to your project devDependencies Use the following command: ```css-79elbk npm install -D @sonar/scan ``` ## Installing the scanner in global mode Use the following command: ```css-79elbk npm install -g @sonar/scan ``` ## Performing advanced setup ### Changing the scanner cache folder By default, the scanner binaries are cached into `$HOME/.sonar/native-sonar-scanner` folder. To use a custom cache folder instead of `$HOME`, set `$SONAR_BINARY_CACHE`. Example: ```css-79elbk export SONAR_BINARY_CACHE=/Users/myaccount/cache ``` or alternatively, set the variable in `.npmrc`: ```css-79elbk sonar_binary_cache=/Users/myaccount/cache ``` ### Setting up the connection to a proxy server In case the CI/CD host is behind a proxy, you must define the proxy-related analysis parameters required to connect to your proxy server to allow the scanner to download the scanner binaries. For more information, see [analysis-parameters](https://docs.sonarsource.com/sonarqube-server/analyzing-source-code/analysis-parameters "mention"). You may also use the `HTTP_PROXY` or `HTTPS_PROXY` environment variable. Examples: * `sonar.scanner.proxyHost=mycompanyproxy.com`\ `sonar.scanner.proxyPort=4254`\ `sonar.scanner.proxyUser=sys`\ `sonar.scanner.proxyPassword=e12iUp!` * `HTTP_PROXY=http://user:password@mycompanyproxy.com:PORT` ### If your instance of SonarQube Server is secured If your SonarQube Server instance is secured behind a proxy and a self-signed certificate then you must add the self-signed certificate to the trusted CA certificates of the SonarScanner. In addition, if mutual TLS is used then you must define the access to the client certificate at the SonarScanner level. See [manage-tls-certificates](https://docs.sonarsource.com/sonarqube-server/analyzing-source-code/scanners/scanner-environment/manage-tls-certificates "mention") and [securing-behind-proxy](https://docs.sonarsource.com/sonarqube-server/server-installation/network-security/securing-behind-proxy "mention"). ## Troubleshooting the installation ### Docker container: the scanner fails with "…/jre/bin/java: not found" You are probably relying on Alpine for your Docker image, and Alpine does not include glibc by default. It needs to be [installed manually](https://wiki.alpinelinux.org/wiki/Running_glibc_programs).