DeepScan for Node.js

DeepScan provides a Node.js package which enables you to see bugs and quality issues in the CLI (command-line interface) or programmatically.

Provided to limited partners only


DeepScan for Node.js helps you to see bugs and quality issues in the CLI (command-line interface). As for the code review, you can check the code by this package on your CI.

  • Report issues by format.
  • Ignore rules or pattern of files.
Node.js packageHTML Report


Requires Oracle JRE 8 or OpenJDK 8.


  • This package depends on 'java' package requiring node-gyp build during installation.
  • node-gyp requires python 2.x, so installation fails when python does not exist.
  • For more details, check out this documentation.


You can analyze the JavaScript and TypeScript files in the project: *.js, *.jsx, *.ts, *.tsx, and *.vue.

DeepScan for Node.js provides the following options.

-f, --format

Use a specific output format. (defaults to stylish)

deepscan . -f json
  • stylish is a color-coded text
  • csv is a CSV string
  • html is a HTML string (a standalone report with analysis results and charts)
  • json is a JSON string

-o, --output-file

Specify file to write report to.

deepscan . -f json -o ./result.txt


Strip color codes from the output.

deepscan . --no-color -o ./result.txt


Specify rules to ignore.

deepscan . --ignore-rules "UNUSED_DECL,UNUSED_VAR_ASSIGN"


Specify pattern of files to ignore. Each pattern follows the gitignore format.

deepscan . --ignore-pattern "lib/,*.jsx"

Exit Code

  • 0 when no issues are reported
  • 1 when only low-impact issues are reported
  • 2 when high or medium-impact issues are reported

DeepScan API

It’s possible to use DeepScan programmatically through the Node.js API. You can use DeepScan functionality directly through the API.

var deepscan = require('deepscan').deepscan;

var alarms = [];

// For file or directory
alarms = deepscan.verifyFile('/home/test/hello');

// For source text
alarms = deepscan.verify('var foo = null; foo.g;');

// For source text (TypeScript)
alarms = deepscan.verify('export class RuleActionProvider implements vscode.CodeActionProvider {}', {
    language: 'ts'

// For source text (TypeScript React)
alarms = deepscan.verify("abstract class Hello extends Component { render() { return <RoleSelect />; }}", {
    language: 'tsx'

for (let { impact, name, message, filePath, location, codeFragment } of alarms) {