Novelty Plastic Moustache
    Share your code. npm Orgs help your team discover, share, and reuse code. Create a free org »

    sonarjspublic

    SonarJS Build Status NPM version

    This package allows to use the SonarJS analyzer as a command line tool and as a JavaScript/TypeScript library.

    SonarJS is a static code analyser for the JavaScript language. It will allow you to produce stable and easily supported code by helping you to find and to correct bugs, vulnerabilities and code smells in your code.

    It provides ~80 rules (including ~40 bug detection), which represent the "Sonar Way" profile of the SonarJS analyzer.

    Usage

    As a Command Line Tool

    • Install SonarJS
    > npm install -g sonarjs
    
    • Run analysis from the project directory
    > cd <directory of project to analyze>
    > sonarjs
    

    or

    > sonarjs -h
    

    for more information

    • As the result you will get the list of issues found in the project. E.g.
    MAJOR - S3923: /Users/path/to/foo/file.js [3, 6]: Remove this conditional structure or edit its code blocks so that they're not all the same.
    BLOCKER - OctalNumber: /Users/path/to/foo/file.js [3, 10]: Replace the value of the octal number (056) by its decimal equivalent (46).
    
    • Note that some code editors (e.g. VS Code) make SonarJS output clickable and you can easily move to the referenced file and line.

    SonarJS in VS Code terminal

    As a JavaScript/TypeScript Library

    • Install SonarJS in your project
    > npm install sonarjs
    
    • Import it
    // for TypeScript
    import { analyze, Issue } from "sonarjs";
     
    // for JavaScript
    const { analyze } = require("sonarjs");
    • Analyze
    async function runSonarJS() {
      const issues = await analyze("/path/to/project");
      issues.forEach(issue => {
        // ...
      });
    }
    • Provide options to inject callbacks for analyze function to collect logs and to add some behavior before and after analysis
    function log(message: string) {
      console.log(message);
    }
     
    function onStart() {
      console.log("Analysis is started");
    }
     
    function onEnd() {
      console.log("Analysis is finished");
    }
     
    async function runSonarJS() {
      const issues = await analyze("/path/to/project", { log, onStart, onEnd });
      // ...
    }
    • Provide options to exclude folders from analysis
    async function runSonarJS() {
      const issues = await analyze("/path/to/project", { exclusions: "**/tests/**" });
      // ...
    }

    Java Environment

    Note that SonarJS requires a JRE, so if it's not available on your machine (Java 1.8 version) it will be downloaded during the first analysis.

    install

    npm i sonarjs

    Downloadsweekly downloads

    409

    version

    1.0.0

    license

    LGPL-3.0

    repository

    github.com

    last publish

    collaborators

    • avatar
    • avatar