Run sonar scanner against code locally that has not been committed

Is it possible to run sonar-scanner using code that only exists locally on my machine and not a remote git branch? I would like to run the scanner by using code found on my machine and not necessarily what exists in the remote repository for a given branch.

The motivation behind this is to take advantage of the scanner, getting immediate feedback, without having to commit changes I would otherwise discard.

Thanks!

Hello Justin,

Welcome to the community!

Yes, this is perfectly fine. It is not at all mandatory to use any repository for your code for an analysis to work. Just follow the normal procedure: make sure you choose the scanner you need. Since you do not use any repo, you will just be missing some features such as “blame data”, which allows SonarQube to auto-assign issues to the culprit who wrote that code. Nothing to worry about.

And, by the way, you can even go ahead and try SonarLint in your IDE. Analysis would be done on the fly for you while you type code. It seems to me like this could be interesting for your use case.

Cheers,
Daniel