Can I import my Google Eslint settings instead of using Sonar's default?

We use the Google Eslint rules for our project and would like to continue to do this. Can I swap out the rules on the sonarcloud server with these rules?

You can produce report with issues with ESLint and import those during the analysis, have look at the documentation here https://sonarcloud.io/documentation/enriching/external-issues/

You can then configure your Quality Profile and remove the rules which are not relevant for you. However, I would suggest to keep some of them, because they are useful and don’t have ESLint equivalent - like various vulnerability rules. It also depends on the nature of your project, which of the rules are relevant for you.

The problem is, going through and making sure all rules match one at a time is what I was trying to avoid. It is fairly tedious and error prone (miss something). So it sounds like the answer is currently there is no automated solution to handle importing.

hi @joseGleeson ,

this is not what I was suggesting. If you want to stick to your eslint configuration, you can disable all JavaScript rules in SonarCloud quality profile for your project and then you just import the report generated with eslint using your configuration. This will allow you to see your issues in SonarCloud exactly the same way as you have them with eslint.

Once you are happy with this setup, you can selectively enable some rules which don’t have equivalent in eslint - like for example rules using taint analysis JavaScript static code analysis | injection: HTTP responses should not be vulnerable to session fixation