Skip to end of metadata
Go to start of metadata

Could not retrieve - Page not found.


Enables the powerful SonarJS analyzer.


  • Node.js >=6

First Analysis of a JavaScript Project

  1. Install SonarQube Server (see Setup and Upgrade for more details)
  2. Install SonarQube Scanner and be sure your can call sonar-scanner from the directory where you have your source code
  3. Install SonarJS (see Installing a Plugin for more details)
  4. Run your analysis with the SonarQube Scanner by executing the following command from the root directory of the project:

    sonar-scanner -Dsonar.projectKey=xxx -Dsonar.sources=.
  5. Follow the link provided at the end of the analysis to browse your project's quality in SonarQube UI

Further Analyses

Assuming steps 1-3 above have already been completed, you'll want to encapsulate your analysis parameters in a file at the root of your project (see a sample project on GitHub: Then subsequent analyses can simply be run with:


Configuring Quality Profiles

SonarJS provides 2 Quality Profiles out of the box: "Sonar way" (default) and "Sonar way Recommended".

"Sonar way" Profile

The "Sonar way" Quality Profile is activated by default. It defines a trimmed list of high-value/low-noise rules useful in almost any JS development context. You can check out the list of rules belonging to "Sonar way" on SonarCloud.

"Sonar way Recommended" Profile SINCE 3.0

"Sonar way Recommended" contains all rules from "Sonar way" (bugs and pitfall detection), plus more rules that mandate high code readability and long-term project evolution. You can check out the list of rules belonging to "Sonar way Recommended" on SonarCloud.

Above Predefined Rule Profiles

By using SonarQube UI you can create your own Quality Profiles and activate even more rules which are valuable in your development context. We recommend that you look at the following rules, which are highly valuable but whose activation depends on your environment and coding principles or which require some configuration.

  • "Non-existent properties should not be read" S3759 (should be activated if you don't use monkey patching)
  • "Non-existent variables should not be referenced" S3827 (requires configuration)
  • "Objects should not be created to be dropped immediately without being used" ConstructorFunctionsForSideEffects (activate, if you agree that constructors should not have side effects)
  • "Variables should be declared with "let" or "const"" S3504. Activate, if you use ES2015. Find more rules with tag "es2015".
  • "Variables should be defined in the blocks where they are used" S2392 (forces you to declare variables in the most narrow scope)
  • "Variables should not be shadowed" VariableShadowing (forces you to not shadow variables declared in outer scope)

Advanced Usage

With SonarJS, you can also:

Advanced Configuration







Project-wide$, jQuery, jQ


Comma-separated list of names used to address jQuery object. Default value is "$, jQuery".

NOTE These names are used only to detect jQuery usages, they are not used to build the list of globals.


Project-widebrowser, jquery, amd

SINCE 2.20

Comma-separated list of environments names. The analyzer automatically adds global variables based on that list.

Available environment names: amd, applescript, atomtest, browser, commonjs, couch, embertest, greasemonkey, jasmine, jest, jquery, meteor, mocha, mongo, nashorn, node, phantomjs, prototypejs, protractor, qunit, rhino, serviceworker, shared-node-browser, shelljs, webextensions, worker, wsh, yui. By default all environments are included.


Project-wideBackbone, IS_DEBUG

SINCE 2.20

Comma-separated list of global variables. Default value is "angular,goog,google,OpenLayers,d3,dojo,dojox,dijit,Backbone,moment,casper".



List of file path patterns to be excluded from analysis of JavaScript files. Default value is `**/node_modules/**,**/bower_components/**`



Set this property to absolute path to Node.js executable, if standard `node` is not available.

  • No labels