node is not available, you have to set property
sonar.nodejs.executable to an absolute path to Node.js executable.
Supported frameworks, versions and languages
- ECMAScript 5 / ECMAScript 2015 (ECMAScript 6) / ECMAScript 2016-2017-2018
- TypeScript 4
- React JSX
Slow or unresponsive analysis
On a big project, more memory may need to be allocated to analyze the project. This would be manifested by analysis getting stuck and the following stacktrace might appear in the logs
You can use
8192 for big projects. This property should be set in
sonar-project.properties file or on command line for scanner (with
By default, analysis will exclude files from dependencies in usual directories, such as
external. It will also ignore
.d.ts files. If for some reason analysis of files in these directories is desired, it can be configured by setting
sonar.exclusions property, however
sonar.exclusions property should be preferred to configure general exclusions for the project.
This feature is deprecated
As a replacement, we suggest you to have a look at ESLint, it provides custom rules that you can then import thanks to the External Issues feature.
TypeScript files are not analyzed
Using a TypeScript version that is higher than the one supported by SonarQube can cause false positives or issues with parsing, and some options (such as the
useUnknownInCatchVariables compiler option) might not get recognized, causing TypeScript files to be ignored by the analysis.
We recommend checking that the version of TypeScript used is supported by SonarQube, and upgrading to a higher SonarQube version if needed.
As soon as the coding rule visits a node, it can navigate the tree around the node and log issues if necessary.
Create SonarQube Plugin
- Create a standard SonarQube plugin project
- Add the following line in the sonar-packaging-maven-plugin configuration.
- Implement the following extension points:
RulesDefinitionas an extension in the
You can implement both
CustomRulesRepository in a single class.
Implement a Rule
- Create a class that will hold the implementation of the rule. It should:
- Define the rule name, key, tags, etc. with Java annotations.
- Declare this class in the
DoubleDispatchVisitor which provide a set of methods to visit specific tree nodes (these methods' names start with
visit). To explore a part of the AST, override the required method(s). For example, if you want to explore
if statement nodes, override the
DoubleDispatchVisitor#visitIfStatement method that will be called each time an
IfStatementTree node is encountered in the AST.
When overriding a visit method, you must call the
super method in order to allow the visitor to visit the rest of the tree.
SubscriptionVisitor. To explore a part of the AST, override
SubscribtionVisitor#nodesToVisit() by returning the list of the
Tree#Kind of node you want to visit. For example, if you want to explore
if statement nodes the method will return a list containing the element
Use these methods to log an issue:
PreciseIssue. In the SonarQube UI this issue will highlight all code corresponding to the tree passed as the first parameter. To add cost (effort to fix) or secondary locations provide these values to your just-created instance of
Issue. Use this method to create non-standard issues (e.g. for a file-level issue instantiate
Check context is provided by
SubscriptionVisitorCheck by calling the
To test the rule you can use
- Feature and API are deprecated.
- Importing external issues (ESLint, TSLint)
- Test coverage and execution (LCOV format)
- SonarJS plugin for ESLint
- Adding coding rules
Check the issue tracker for this language.
© 2008-2023, SonarSource S.A, Switzerland. Except where otherwise noted, content in this space is licensed under a Creative Commons Attribution-NonCommercial 3.0 United States License. SONARQUBE is a trademark of SonarSource SA. All other trademarks and copyrights are the property of their respective owners.