Is there a way to detect in SonarQube the usage of deprecated nodejs packages in a project?
The packages which usage I want to mark as issue have been deprecated using the command “npm deprecate”.
My environment for typescript projects analysis is:
- SonarQube 7.9.1
- openjdk version 11.0.2 (to run sonar server)
- jdk 1.8.0_202 (to run sonar-scanner)
- node v12.13.1
- npm v6.12.1
The structure of my typescript projects looks like:
And the sonar-project.properties used looks like:
Is correct the sonar-project.properties file?
Thanks a lot!
I need some clarifications before answering.
Do you expect to see in SonarQube an issue for each entry of your package.json that is marked as deprecated?
Well, instead of looking for something concrete, first, I want to know all the possibilities, if they exist. But the final goal is to alert developers that they are using deprecated packages through Sonar.
Your suggestion, an issue for each entry of package.json that is marked as deprecated would be nice Even only one issue listing all deprecated entries would be ok.
Thanks for yout reply,
That’s clear now, thanks for the clarification.
This is not something you will get out of the box with SonarQube. Still, I’m almost sure there is a NPM plugin that can list all the deprecated packages. Once you have that, you can certainly transform its output into the Generic Issue Data format and load it into SonarQube: https://docs.sonarqube.org/latest/analysis/generic-issue/
Ok, thanks a lot for your suggestion, I will try it