Node.js is no longer a requirement for analysis

Clean Code Sonar Updates
, , , ,
1

Hello Sonar community!

Starting today, most users no longer need to install Node.js in their environment to be able to analyze JavaScript, TypeScript, and CSS code.

Node.js is now automatically downloaded from SonarCloud or SonarQube during analysis on Linux x64, Windows x64, and Apple ARM64 systems.

This is deployed in SonarCloud and will be part of SonarQube 10.4.

Other architectures (not listed above):

  • You will still need to have a compatible Node.js version or the analysis will fail.
  • We suggest using the latest LTS (currently v20). Versions below 16 are not supported, and 16 itself is deprecated and will be dropped soon.
  • We might support more architectures in the future. Tell us your needs!

See the documentation for more details.

Please share your feedback if you encounter any issues.

Correction: For Apple we support ARM64 and not Intel. Sorry for the confusion.

10 Likes
2

Some more details:

Why this change?

Before this change, all users needed to install Node.js to analyze JavaScript, TypeScript, and CSS code, which caused several issues:

  1. It complicated CI/CD setup, especially for those using JS/TS/CSS as a second language.

  2. Users had to keep pace with Sonar’s Node.js deprecation policy.

  3. Some users couldn’t upgrade Node.js despite warnings, eventually leading to analysis failure, without any easy solution.

  4. Missing or unsupported Node.js versions provoked silent analysis failures, often going unnoticed for extended periods.

What’s the advantage?

Users on supported systems won’t need to worry about having a Node.js version compatible with Sonar analysis:

  1. Setting up a new analysis environment doesn’t require installing Node.js (unless you need it for your own purposes).

  2. There will be no conflicts with Sonar’s analysis if your project’s CI/CD requires an old Node.js version. No more deprecation warnings.

  3. You’re no longer responsible for keeping up with Sonar’s Node.js version upgrades!

  4. If you only had Node.js for Sonar’s use, feel free to remove it!

6 Likes
3

Hi,

we will update to Sonarqube Enterprise 10.4.1 next week.
Didn’t find a hint in the documentation from where Node.js is downloaded.

Is this configurable ? We use Sonatype Nexus Artifact Manager and i.e in Jenkins many tools
like nodejs / Maven … are installed from Nexus proxy repos.
Or do i have a setting / property to set the path to an existing Node.js installation ?

Gilbert