Does sonar analyse the code for security issues in React JS or Node JS applications?

Elangovan · May 5, 2020, 9:17am

Hi,

Do sonar analyse the code for security issues in React JS or Node JS applications?

SonarQube developer edition 8.1.

Thanks
Elangovan

Antoine · May 12, 2020, 6:50am

Our analyzers for JS/TS already provide some global security related rules:

Though, a better Security analysis for JS/TS is one of our 2020 objectives, and is currently in progress, as you can see in MMF-1895: Make JS/TS analyzer a first class analyzer for Code Security.

I hope it will help.

Topic		Replies	Views
For React js in SQ 8.1 version there is only one JSX rule. IS there any other rule for React.js? Is there any support for Airbnb rules? Do these rules covered up in SonarQube? SonarQube Server / Community Build javascript	0	551	May 5, 2020
Trying to use SonarQube to detect XSS vulnerabilities in JS SonarQube Server / Community Build javascript , security , xss	4	3133	August 21, 2023
Javascript react only check security rules SonarQube Server / Community Build sonarqube	2	219	January 29, 2024
JavaScript and TypeScript analyzers detect cryptography-related security issues Sonar Updates javascript , typescript , security , crypto	0	1317	October 27, 2020
JavaScript analyzer detects Express's bad security configuration practices and XXE vulnerabilities Sonar Updates javascript , security	0	954	October 5, 2020