SonarQube Plugin

DeepScan provides SonarQube plugin enabling in-depth analysis for JavaScript and TypeScript.

Provided to limited partners only

Requirements

SonarQube
  • Version 5.6+ (Our plugin is tested with version 5.6.1.)
Java
  • Oracle JRE 8
  • OpenJDK 8

Installation

Let's say you installed SonarQube in /etc/sonarqube.

1. Copy DeepScan SonarQube plugin into the plugins directory of SonarQube.

cp sonar-deepscan-plugin-x.x.x.jar /etc/sonarqube/extensions/plugins

2. Restart SonarQube.

3. In Quality Profiles, you can see DeepScan way profile under JavaScript.
Quality Profiles

4. Set this profile as default by clicking Set as Default at the upper right corner. You need to log in as administrator to do this.
Set as Default

5. From now, DeepScan way profile is applied to JavaScript project by default.
Default Profile

Analyze a Project

1. Download and unzip the SonarQube Scanner. (let's say in /etc/sonar-scanner)

2. Add/edit sonar-project.properties in project directory. Below is an example for the project "hello" with src directory:

# Required metadata
sonar.projectKey=hello
sonar.projectName=hello
sonar.projectVersion=1.0

# SonarQube server url
sonar.host.url=http://127.0.0.1:9000

# SonarQube account if authentication is required
#sonar.login=<your_login_account>
#sonar.password=<your_login_password>

# Comma-separated paths to directories with sources (required)
sonar.sources=src

# Comma-separated paths to exclude
#sonar.exclusions=examples/*,vendors/*

# Language
sonar.language=js

# Encoding of sources files
sonar.sourceEncoding=UTF-8

3. Run the SonarQube Scanner.

cd hello
/etc/sonar-scanner/bin/sonar-scanner

4. Browse the results at the SonarQube, http://localhost:9000 in general.

Update

When you update the plugin, you need to check whether rules are updated after updating the plugin.

If you want to apply new rules of updated plugin, restore the profile in Quality Profiles > Restore Built-in Profiles.
Restore Built-in Profiles