The scanner environment is going to require at least Node.js version 10 starting from the 16th of November for all JavaScript / TypeScript projects. Node.js versions below 10 are no longer officially supported. One benefit of this is that we will be able to deliver significant improvements to the analysis of your projects.
If you are affected by this change you are going to receive an email notification and a warning in the SonarCloud user interface as well as in the pull request decoration.
You can find more information and guidance on how to upgrade on our documentation. All users of the Automatic Analysis feature are already set and don’t need to take an action.
The SonarCloud :sonarcloud: Team
Update 2021-01-14:
We changed the end of support date to the 1st of February 2021. You can find updated information on our documentation page.
Hope you’ll forgive my newbie Q: which machine requires node.js? I use Maven on one machine (something like “mvn clean package sonar:sonar …” connecting to a SonarQube server on a different machine. So which machine requires node.js: the one running Maven or the one running SonarQube?
Martin’s announcement is about SonarCloud, so he’s saying that if you have a JavaScript/TypeScript project, then your project will require at least Node.js version 10.
You mentioned you have a Maven/Java project on SonarQube, so this announcement does not affect you although in the future, for SonarQube, if you need to scan a JavaScript/TypeScript project, then you’ll need Node.js also. See our JavaScript/TypeScript Analyzer documentation here.
Thanks. The same question applies though. The doc you linked to says: “you need to have Node.js >= 10 installed on the machine running the scan.” Which machine does this mean in the scenario I described (Maven running on one machine but connecting to a SonarQube server on another machine)? Does it mean the machine running Maven, or the machine running SonarQube, or both?
In your case, since you did not mention scanning any JavaScript/TypeScript project, then you do not need Node.js at all, so that means neither machine. Node.js is required if you are scanning JS/TS projects on your own machine (you have Maven running on your machine, no JS/TS projects so Node.js not required) and SonarQube only needs Node.js on its own machine if it needs to scan JS/TS projects.
Let’s look at the opposite case:
You have JS/TS project on your own machine => Then you need Node.js on your machine
Your SonarQube server needs to scan JS/TS project => Then you need Node.js on SonarQube machineEDIT: this is not true, you only need Node.js on the machine doing the scan
Yes, I’m scanning a JS project (actually multilanguage; includes Java and HTML). So we have node.js installed; it’s just a question of which version is required and where.
For Java, my machine running Maven has Java8 installed, as that is what the source and target use. But I had to install 11 on the SQ server as it is post-7.7. This combo seems to work fine.
From that, I would infer that to scan JS, I can have an older version of node.js on the Maven machine (assuming I don’t use any newer JS features) as long as the SQ server has node.js 10+. Is my inference correct?
The source of my confusion is my (lack of) understanding of where the scanning actually occurs. It seems that a lot of it happens on the machine running Maven, based on its output, but then it halts (successfully) and the SonarQube server continues for some time. So perhaps Maven is just sending everything off to the SQ server, which is doing the actual scan, and just outputting status messages returned by SQ?
OK, I got it working by making sure the system PATH variable includes the location of the node executable.
If I want to specify this in the sonar.nodejs.executable property as recommended in the doc, is that something that would go in the Maven settings.xml file?
I’m not sure the best place, so you can try 3 ways since it will depend on your build and if you use the sonar-scanner CLI or sonar-scanner for Maven plugin.
If you are using the sonar-maven-plugin, set sonar.nodejs.executable in your Maven pom.xml within the element: <sonar.nodejs.executable>put-your-path-here</sonar.node.js.executable>.
If you using sonar-scanner CLI, set sonar.nodejs.executable at the command line: -Dsonar.nodejs.executable=path-to-nodejs.
If you want to consolidate your sonar properties, put the sonar.nodejs.executable property in the sonar-project.properties file.