Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Check SonarQube #21

Open
kaisermann opened this issue Jan 16, 2020 · 1 comment
Open

Check SonarQube #21

kaisermann opened this issue Jan 16, 2020 · 1 comment
Labels
discussion Something isn't working todo

Comments

@kaisermann
Copy link
Contributor

What is to be discussed?

SonarQube is a great static analysis tool that can detect dark-patterns, security flaws and elusive bugs way deeper than a linter can. We should check if we can use it in some of our projects.

Does someone have previous experience with it? I've only used it once.

Additional context

Reference: https://www.sonarsource.com/products/codeanalyzers/sonarjs.html
@kaisermann kaisermann added discussion Something isn't working todo labels Jan 16, 2020
@julioleitao
Copy link

I had a previous experience with SonarQube. There are other alternatives with more minimalistic configuration, but with fewer options to set up a profile.

There are good plugins and integrations for the SonarQube. It is easy to set up a configuration for TS: https://docs.sonarqube.org/latest/analysis/languages/typescript

If we choose this tool it is necessary to set up a profile with the desired rules. The default profile helps but it is opined.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
discussion Something isn't working todo
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@julioleitao @kaisermann