SonarQube is a tool that analyzes codes. It checks bugs, security vulnerabilities, solid principles etc. in the code.
Get the latest version of SonarQube, the leading product for code quality and security, from the official download page.
SonarScanner require for scan codes.
npm install sonarqube-scanner -g
Extra: Sonarlint is linter solution for vscode. You can download from vscode extensions.
After downloading, run sonarqube from terminal.
/Applications/sonarqube-9.9.0.65466/bin/macosx-universal-64/sonar.sh console
The first time I tried, I got this error:
Exception in thread "main" java.lang.UnsupportedOperationException: The Security Manager is deprecated and will be removed in a future release
This error caoused by the java version. If your version java 18, you can downgrade to 17. Download 17 and run this command.
export JAVA_HOME=$(/usr/libexec/java_home -v 17)
Now we can reach it from http://localhost:9000.
Default credentials are username:admin , password:admin
Create a new project from the Sonarqube panel. Choose manuel and specify that will run from local. After that create token and select other for PHP and macOS.
We should get a result like this.
Copy scanner script and run it from code local terminal.
The above is the detailed content of SonarQube — PHP. For more information, please follow other related articles on the PHP Chinese website!
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
