使用sonarqube对javascript代码进行扫描,分析代码质量,最简单的方式莫过于使用缺省的sonar-way中的javascript的规则,使用sonar-scanner进行扫描,这篇文章通过最简单的例子,来进行说明。
事前准备
Sonarqube
Sonarqube可以使用docker版本快速搭建,可以参看一下Easypack整理的镜像,具体使用可以参看如下链接,这里不再赘述:
https://hub.docker.com/r/liumiaocn/sonarqube/
环境假定
本文使用到的sonarqube为本机32003可以访问到的服务。版本为5.6.5
sonar-scanner
sonar-scanner详细信息如下:
liumiaocn:sonar liumiao$ sonar-scanner -v INFO: Scanner configuration file: /Users/liumiao/Desktop/sonar/sonar-scanner-3.2.0.1227-macosx/conf/sonar-scanner.properties INFO: Project root configuration file: /Users/liumiao/sonar/sonar-project.properties INFO: SonarQube Scanner 3.2.0.1227 INFO: Java 1.8.0_121 Oracle Corporation (64-bit) INFO: Mac OS X 10.14 x86_64 liumiaocn:sonar liumiao$
项目目录构成
项目文件与目录构成信息如下:
liumiaocn:sonar liumiao$ tree . ├── sonar-project.properties └── src └── Person.js 1 directory, 2 files liumiaocn:sonar liumiao$
JavaScript源码
使用如下Person.js的JavaScript源码,详细信息如下
liumiaocn:sonar liumiao$ cat src/Person.js var Person = function(first, last, middle) { this.first = first; this.middle = middle; this.last = last; }; Person.prototype = { whoAreYou : function() { return this.first + (this.middle "a is not a number"); // this is dead code } if (a !== NaN) { // Noncompliant; always true console.log("a is not NaN"); // this statement is not necessarily true } for (var i = 0; i < strings.length; i--) { console.log("dead code") } if (str == null && str.length == 0) { console.log("String is empty"); } liumiaocn:sonar liumiao$
sonar-project.properties设定文件
项目设定文件信息详细如下:
liumiaocn:sonar liumiao$ cat sonar-project.properties sonar.projectKey=javascript-prj sonar.projectName=JavaScript Demo Project sonar.projectVersion=1.0 sonar.sources=src sonar.host.url=http://127.0.0.1:32003 sonar.login=admin sonar.password=admin liumiaocn:sonar liumiao$
执行sonar-scanner
liumiaocn:sonar liumiao$ pwd /Users/liumiao/sonar liumiaocn:sonar liumiao$ ls sonar-project.properties src liumiaocn:sonar liumiao$ sonar-scanner INFO: Scanner configuration file: /Users/liumiao/Desktop/sonar/sonar-scanner-3.2.0.1227-macosx/conf/sonar-scanner.properties INFO: Project root configuration file: /Users/liumiao/sonar/sonar-project.properties INFO: SonarQube Scanner 3.2.0.1227 INFO: Java 1.8.0_121 Oracle Corporation (64-bit) INFO: Mac OS X 10.14 x86_64 INFO: User cache: /Users/liumiao/.sonar/cache INFO: SonarQube server 5.6.5 INFO: Default locale: "en_US", source code encoding: "UTF-8" (analysis is platform dependent) INFO: Load global repositories INFO: Load global repositories (done) | time=129ms INFO: User cache: /Users/liumiao/.sonar/cache INFO: Load plugins index INFO: Load plugins index (done) | time=3ms INFO: Process project properties INFO: Load project repositories INFO: Load project repositories (done) | time=126ms INFO: Load quality profiles INFO: Load quality profiles (done) | time=41ms INFO: Load active rules INFO: Load active rules (done) | time=609ms WARN: SCM provider autodetection failed. No SCM provider claims to support this project. Please use sonar.scm.provider to define SCM of your project. INFO: Publish mode INFO: ------------- Scan JavaScript Demo Project INFO: Load server rules INFO: Load server rules (done) | time=73ms INFO: Base dir: /Users/liumiao/sonar INFO: Working dir: /Users/liumiao/sonar/.scannerwork INFO: Source paths: src INFO: Source encoding: UTF-8, default locale: en_US INFO: Index files INFO: 1 files indexed INFO: Quality profile for js: Sonar way INFO: JaCoCoSensor: JaCoCo report not found : /Users/liumiao/sonar/target/jacoco.exec INFO: JaCoCoItSensor: JaCoCo IT report not found: /Users/liumiao/sonar/target/jacoco-it.exec INFO: Sensor Lines Sensor INFO: Sensor Lines Sensor (done) | time=11ms INFO: Sensor JavaScriptSquidSensor INFO: 1 source files to be analyzed INFO: Sensor JavaScriptSquidSensor (done) | time=200ms INFO: 1/1 source files have been analyzed INFO: Sensor SCM Sensor INFO: No SCM system was detected. You can use the 'sonar.scm.provider' property to explicitly specify it. INFO: Sensor SCM Sensor (done) | time=0ms INFO: Sensor org.sonar.plugins.javascript.lcov.UTCoverageSensor INFO: Sensor org.sonar.plugins.javascript.lcov.UTCoverageSensor (done) | time=0ms INFO: Sensor org.sonar.plugins.javascript.lcov.ITCoverageSensor INFO: Sensor org.sonar.plugins.javascript.lcov.ITCoverageSensor (done) | time=0ms INFO: Sensor Zero Coverage Sensor INFO: Sensor Zero Coverage Sensor (done) | time=7ms INFO: Sensor Code Colorizer Sensor INFO: Sensor Code Colorizer Sensor (done) | time=0ms INFO: Sensor CPD Block Indexer INFO: DefaultCpdBlockIndexer is used for js INFO: Sensor CPD Block Indexer (done) | time=20ms INFO: Calculating CPD for 1 files INFO: CPD calculation finished INFO: Analysis report generated in 53ms, dir size=13 KB INFO: Analysis reports compressed in 17ms, zip size=6 KB INFO: Analysis report uploaded in 29ms INFO: ANALYSIS SUCCESSFUL, you can browse http://127.0.0.1:32003/dashboard/index/javascript-prj INFO: Note that you will be able to access the updated dashboard once the server has processed the submitted analysis report INFO: More about the report processing at http://127.0.0.1:32003/api/ce/task"text-align: center">详细代码级别的扫描结果展示
总结
以上就是这篇文章的全部内容了,希望本文的内容对大家的学习或者工作具有一定的参考学习价值,谢谢大家对的支持。如果你想了解更多相关内容请查看下面相关链接
免责声明:本站文章均来自网站采集或用户投稿,网站不提供任何软件下载或自行开发的软件!
如有用户或公司发现本站内容信息存在侵权行为,请邮件告知! 858582#qq.com
暂无“使用Sonarqube扫描Javascript代码的示例”评论...
更新动态
2025年01月15日
2025年01月15日
- 小骆驼-《草原狼2(蓝光CD)》[原抓WAV+CUE]
- 群星《欢迎来到我身边 电影原声专辑》[320K/MP3][105.02MB]
- 群星《欢迎来到我身边 电影原声专辑》[FLAC/分轨][480.9MB]
- 雷婷《梦里蓝天HQⅡ》 2023头版限量编号低速原抓[WAV+CUE][463M]
- 群星《2024好听新歌42》AI调整音效【WAV分轨】
- 王思雨-《思念陪着鸿雁飞》WAV
- 王思雨《喜马拉雅HQ》头版限量编号[WAV+CUE]
- 李健《无时无刻》[WAV+CUE][590M]
- 陈奕迅《酝酿》[WAV分轨][502M]
- 卓依婷《化蝶》2CD[WAV+CUE][1.1G]
- 群星《吉他王(黑胶CD)》[WAV+CUE]
- 齐秦《穿乐(穿越)》[WAV+CUE]
- 发烧珍品《数位CD音响测试-动向效果(九)》【WAV+CUE】
- 邝美云《邝美云精装歌集》[DSF][1.6G]
- 吕方《爱一回伤一回》[WAV+CUE][454M]