Mixed Java/Javascript maven project doesn't see the javascript portion

Must-share information (formatted with Markdown):

• which versions are you using: SonarQube Server, Developer edition 2025.1
• How are you deployed: Running on a virtual machine
• What are you trying to achieve: See sonarqube results for both Java, Javascript, and Typescript findings in the same repo
• what have you tried so far to achieve this

Hello,

We have a very large, maven-based project that combines a mix of java and javascript code. When we originally set up the (On-prem, Azure Devops-based, if it matters) CI pipeline for scanning this project, the SonarQube project included findings for both java and javascript. However, recently one of the developers asked me if we could “start scannning the javascript code too.” I checked the server, and sure enough - the ‘code’ tab for that project doesn’t even list our UI folder, which is the one that contains our javascript projects. Sometime between when we originally set up Sonarqube (v9, maybe?) and now, our scanner stopped detecting the javascript and typescript content.

So far, I’ve tried:

• changing build profiles ("buildAll builds java and javascript, “buildUI” builds just the UI code.): Neither makes a difference. The javascript code doesn’t even show up in the ‘code’ tab on the server.
• skipping the build step and only running the sonar:sonar goal (our project builds with Java 11, but scans with Java 17, so I have to split the verify and sonar:sonar goals): Same as above
• Running the maven sonar:sonar goal against the UI pom directly, rather than the top-level POM: my branch shows up on these server, but when I open the code tab it says 'The branch has no lines of code.
• Adding a -Dsonar.sources=‘/path/to/top/level/javascript/sources/dir’: The task fails with [ERROR] Failed to execute goal org.sonarsource.scanner.maven:sonar-maven-plugin:4.0.0.4121:sonar (default-cli) on project ui: File <path/to/file.tsx> can't be indexed twice. Please check that inclusion/exclusion patterns produce disjoint sets for main and test files ->"

In all the cases that the build succeeds, the logs follow this same pattern for the javascript portion in question:

This section repeats for each submodule

2025-05-14T17:24:37.2999053Z [INFO] Indexing files of module 'Components :: UI :: Webclient'
2025-05-14T17:24:37.3001078Z [INFO]   Base dir: C:\__w\192\s\components\ui\webclient
2025-05-14T17:24:37.3006391Z [INFO]   Source paths: pom.xml
2025-05-14T17:24:37.3006573Z [INFO]   Excluded sources: **/*.html, **/*.css, **/*.wsdl, **/*.xml

culminating in:
2025-05-14T17:24:37.3016457Z [INFO] 0 files indexed

Then we launch into the sensor portion, and get a block that looks basically like this for each submodule:

2025-05-14T17:24:37.6885503Z [INFO] ------------- Run sensors on module Components :: UI :: Webclient
2025-05-14T17:24:37.7065855Z [INFO] Sensor JaCoCo XML Report Importer [jacoco]
2025-05-14T17:24:37.7066362Z [INFO] 'sonar.coverage.jacoco.xmlReportPaths' is not defined. Using default locations: target/site/jacoco/jacoco.xml,target/site/jacoco-it/jacoco.xml,build/reports/jacoco/test/jacocoTestReport.xml
2025-05-14T17:24:37.7072630Z [INFO] No report imported, no coverage information will be imported by JaCoCo XML Report Importer
2025-05-14T17:24:37.7073951Z [INFO] Sensor JaCoCo XML Report Importer [jacoco] (done) | time=0ms
2025-05-14T17:24:37.7074613Z [INFO] Sensor Java Config Sensor [iac]
2025-05-14T17:24:37.7082854Z [INFO] 0 source files to be analyzed
2025-05-14T17:24:37.7083004Z [INFO] 0/0 source files have been analyzed
2025-05-14T17:24:37.7084662Z [INFO] Sensor Java Config Sensor [iac] (done) | time=0ms
2025-05-14T17:24:37.7086334Z [INFO] Sensor IaC Docker Sensor [iac]
2025-05-14T17:24:37.7137953Z [INFO] 0 source files to be analyzed
2025-05-14T17:24:37.7139787Z [INFO] 0/0 source files have been analyzed
2025-05-14T17:24:37.7141450Z [INFO] Sensor IaC Docker Sensor [iac] (done) | time=16ms

At this point, I’ve fully given up trying to get the javascript scan into the same project as our java scan, and would settle for a separate pipeline and project that includes javascript and typescript findings. However, I can’t seem to manage even that.

Any suggestions anyone has would be incredibly helpful. Thank you in advance.

Hi,

Because the SonarScanner for Maven relies on Maven to get an understanding of your project, it gets a very Mavenish, Java-centric view of the project. To expand that view to include the rest of your files, use -Dsonar.maven.scanAll=true on your analysis command line, or in your properties.

Note that, per the docs

The scanAll option is disabled if the sonar.sources property is overridden.

So you’ll want to back that manual sonar.sources configuration out.

 
HTH,
Ann

Thank you SO much! I swear I read that page (the 2025.1 version), and the scan options page, at least 6 times over the last day and a half, and somehow I missed the scanAll setting entirely. I’ve added this and kicked off a new scan and though the scan hasn’t completed yet, it’s telling me it’s scanning 7585 files. I think this solved it!

I totally should’ve found this on my own, but thank you for taking the time to reply!

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.