Java HTML Other
Pull request Compare This branch is 43 commits ahead, 66 commits behind Pablissimo:master.
Fetching latest commit…
Cannot retrieve the latest commit at this time.


SonarQube plugin for EsLint linter and its extensions. The code is based on the TypeScript plugin published by Pablissimo.

Download the plugin.

Basically this plugin launches EsLint and collects its results into SonarQube. It may be slower than the own SonarQube javascript parser that I recommend to use for most usages. However if you are interested by AngularJS coding rules, uses my plugin :-)

Build Status Coverage Status


0.3.0 - Upgrade to the latest Sonar API and dependencies and fix an issue (#2) when ESLint is meeting parsing errors or simply ignoring files.

  • SonarQube API 6.7

0.2.0 - Upgrade to the latest Sonar API and dependencies :

  • GSON 2.8.2
  • <sslr.version>1.22</sslr.version>
  • SonarQube API 6.5


This is plugin for SonarQube 6.7 for analysing projects with Javascript content that supports:

  • EsLint for code quality information
  • EsLint AngularJS extension

Notice : The plugin is known to not work with SonarQube 7.+ since the latest version of SonarQube has made significant changes on the Plugin API. I am working on it.

Notice: if you disagree with the severity evaluation of the EsLint rules inside SonarQube that I provided, please send a P/R on the file

It's presented only for the interested, and the brave.


  • Java 1.8+
  • SonarQube 5.6 LTS+
  • EsLint 3+ (Tested on 3.14)


  • Install Node.js
  • Install EsLint (3+) with npm install -g eslint, or ensure it is installed locally against your project
    • If you're installing globally, find the path to EsLint and copy it - will be similar to C:\Users\\[Username]\AppData\Roaming\npm\node_modules\eslint\bin\eslint.js on Windows
  • Copy .jar file (from target/ after build, or downloaded from Releases page) to SonarQube extensions folder
  • Restart SonarQube server
  • Browse to SonarQube web interface, login as Admin, hit up Settings
  • Hit the Rules tab, then the EsLint rule set, then apply it to your project - alter rule activation as required

Optional steps :

  • Find the Javascript tab, paste in the Javascript path

  • Make sure you have a .eslintrc.* file next to, or specify its path using the sonar.eslint.eslintconfigpath setting

  • If LCOV data available, add sonar.ts.lcov.reportpath=lcov.dat to your file (replace lcov.dat with your lcov output, will be sought relative to the file)

  • Run sonar-runner or sonar-scanner

  • EsLint rule breaches should be shown in the web view

EsLint installation and configuration

By default, SonarEsLintPlugin will look for a version of EsLint installed locally within your project (i.e. in node_modules\eslint\bin), relative to the file. This may not be what you want, so you can set this directly via the sonar.eslint.eslintpath configuration setting:

  • At project level
  • Globally, for all projects

If analysis is failing, run sonar-runner with the -X -e options for more diagnostic information, including a note of where the plugin is searching for eslint. Bear in mind that if running on a build server, the account running the build will need access to the path to eslint.

By default, SonarEsLintPlugin will look for a EsLint configuration file called eslint.json next to the file. You can override this using the sonar.eslint.eslintconfigpath configuration setting if this isn't the case for your project.

Here an configuration example for .eslintrc.json

    "extends":  ["angular", "eslint:recommended"]


Example project configuration

This is an example of what a project configuration file ( could look like:

sonar.projectName=My Application

  • See the Analysis Parameters documentation page for general configuration options.
  • See the Narrowing the Focus documentation page for configuration options related to which files to include.
  • See the rest of this README for the SonarEsLintPlugin specific configuration options.

Global configuration options

sonar.eslint.eslintpathRecommendedPath to the installed copy of EsLint to use - can also be set at project level, see note below
sonar.eslint.ruleconfigsOptionalA list of configurations to map custom EsLint rules to dedicated SonarQube rules & settings - see EsLint Custom Rules section below

Project-level configuration options

sonar.eslint.eslintpathRecommendedPath to the installed copy of EsLint to use - see note below
sonar.eslint.eslintconfigpathRecommendedPath to the eslint.json file that configures the rules to be used in linting - see note below
sonar.eslint.excludetypedefinitionfilesOptionalExcludes .d.ts files from analysis, defaults to true
sonar.eslint.forceZeroCoverageOptionalForces code coverage percentage to zero when no report is supplied, defaults to false
sonar.eslint.ignoreNotFoundOptionalDon't set code coverage percentage to zero when file is not found in report, defaults to false
sonar.eslint.eslinttimeoutOptionalMax time to wait for EsLint to finish processing a single file (in milliseconds), defaults to 60 seconds
sonar.eslint.eslintrulesdirOptionalPath to a folder containing custom EsLint rules referenced in eslint.json

EsLint Custom Rules

To present custom EsLint rules in SonarQube analysis, you can provide a configuration that maps the EsLint rules from your sonar.eslint.eslintrulesdir directory to dedicated Sonar rules for analysis. The configuration for a EsLint Sonar rule consists of a line declaring the EsLint rule id, a boolean switch to enable or disable the rule if needed and some attached properties that are used by Sonar for analysis and reporting.

For example taking the export-name rule from the tslint-microsoft-contrib package, a configuration for that rule in SonarEsLintPlugin could look as follows:

export-name=true name of the exported module must match the filename of the source file.
export-name.description=This is case-sensitive but ignores file extension. Since version 1.0, this rule takes a list of regular expressions as a parameter. Any export name matching that regular expression will be ignored.

You will need to restart the SonarQube server after configuring custom rules this way before subsequent analyses will pick them up. You will also need to activate the new rules after restart for any quality profile you want them to participate in - by default they will be disabled.

  • For documentation about the technical debt parameters look here and here
  • For possible values for debtType go here




  • Download the source
  • Build with maven, mvn clean && mvn install


Thanks to the following for contributions to the plugin: