ERROR: Only Node.js v14.17 or later is supported, got 10.24.1

tcochran · June 5, 2023, 9:24pm

which versions are you using: sonar-scanner-msbuild 5.13.0, Sonarqube 9.9 LTS
how is SonarQube deployed: Docker
what are you trying to achieve: Trying to exclude node.js versions from being scanned in our Azure DevOps pipeline using Sonarqube Azure DevOps extension.
what have you tried so far to achieve this: We set in the “Prepare for sonarqube analysis” step under Advanced sonar.exclusions=/*.js,/*.ts

In our Azure DevOps build pipeline, we have a node.js tool installer task which is set to 10.x so it currently installs 10.24.1. We also have sonarqube tasks and have sonar.exclusions=/*.js,/*.ts set in the “Prepare for sonarqube analysis” task but when the “Run Code analysis” task comes around it ends up producing an error stating

Only Node.js v14.17 or later is supported, got 10.24.1.

Its like our sonar.exclusions setting is not working. Anyway, to fix this in our Azure DevOps pipeline?

ganncamp · June 6, 2023, 2:06pm

Hi,

I believe Node.js is also used in the analysis of CSS. Try excluding it as well.

HTH,
Ann

tcochran · June 6, 2023, 2:20pm

Will try that. Thanks.

tcochran · June 6, 2023, 4:12pm

Edited sonar.exclusions to be sonar.exclusions=/*.js,/*.ts,/*.css but the build still gave me “ERROR: Only Node.js v14.17 or later is supported, got 10.24.1.”

ganncamp · June 6, 2023, 5:40pm

Hi,

Can you provide the full analysis log, please?

The analysis / scanner log is what’s output from the analysis command. Hopefully, the log you provide - redacted as necessary - will include that command as well.

This guide will help you find them.

Ann

tcochran · June 6, 2023, 6:20pm

Full analysis log from Azure DevOps pipeline:

analysis log.txt (90.5 KB)

ganncamp · June 6, 2023, 6:32pm

Hi,

I see from your log that analysis succeeds. So I guess you’re just trying to get a “clean” analysis?

I’ll be honest, and say I didn’t pay too much attention to the exclusions you quoted in your OP. But going back to them now - or rather, now that I’ve seen them in your analysis log:

2023-06-06T15:40:08.2672592Z INFO: Excluded sources: **/bootstrap.css, **/Bootstrap.cs, **/bootstrap.js, **/bootstrap*.js, **/jquery*.js, **/jquery.js, **/*.xsd, **/modernizr*.js, font-awesome.css, /*.js, /*.ts, /*.css

I can say you want to adjust them some. Per the docs

* Match zero or more characters (not including the directory delimiter, /).

** Match zero or more directory segments within the path.

? Match a single character (not including the directory delimiter, /).

So that means you need this:

**/bootstrap.css, **/Bootstrap.cs, **/bootstrap.js, **/bootstrap*.js, **/jquery*.js, **/jquery.js, **/*.xsd, **/modernizr*.js, **/font-awesome.css, **/*.js, **/*.ts, **/*.css

HTH,
Ann

tcochran · June 6, 2023, 8:34pm

Tried including this in sonar.exclusions but got the same error.

analysis log.txt (90.9 KB)

ganncamp · June 7, 2023, 11:32am

Hi,

This is happening in the CSS sensor. I guess it’s checking (or trying to) for CSS in other file types. Since you probably don’t want to exclude those other file types from analysis, the options are to ignore this error or upgrade Node.js.

Ann

system · June 14, 2023, 11:32am

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.