Is there a way to detect in SonarQube the usage of deprecated nodejs packages in a project?
The packages which usage I want to mark as issue have been deprecated using the command “npm deprecate”.
My environment for typescript projects analysis is:
SonarQube 7.9.1
openjdk version 11.0.2 (to run sonar server)
sonar-scanner-3.4.0.1729-windows
jdk 1.8.0_202 (to run sonar-scanner)
sonar-javascript-plugin-6.1.0.11503
sonar-typescript-plugin-2.1.0.4362
node v12.13.1
npm v6.12.1
typescript@3.7.5
The structure of my typescript projects looks like:
Well, instead of looking for something concrete, first, I want to know all the possibilities, if they exist. But the final goal is to alert developers that they are using deprecated packages through Sonar.
Your suggestion, an issue for each entry of package.json that is marked as deprecated would be nice Even only one issue listing all deprecated entries would be ok.
This is not something you will get out of the box with SonarQube. Still, I’m almost sure there is a NPM plugin that can list all the deprecated packages. Once you have that, you can certainly transform its output into the Generic Issue Data format and load it into SonarQube: https://docs.sonarqube.org/latest/analysis/generic-issue/