This is the 8th day of my participation in Gwen Challenge
preface
To ensure the quality of our code, the company made all of our code go through static code checks by SonarLint before being released to production. But most of the front-end code we use today is ESLint to check the code, with different rules than SonarLint. So some errors are not reported locally, but become critical error warnings on sonarQube and cannot be released into production. In order to save time by passing code locally once through SonarLint, we studied how to use SonarLint locally.
work
To configure sonarlint in vscode we need to do the following:
- download
sonarlintthevscodeAnd install the plugin. - Log in your own
sonarQubeAccount, get your owngenerate token. - Configure your own
vscodethesettings.json
Download and install the SonarLint plug-in
Sonarlint is usually installed directly by searching for sonarLint in extensions. Or download the SonarLint plugin from the official website. Install by installing the plug-in package.
This is where to download the plug-in
Get the Generate Token
Log in to sonarQube first => click your avatar => enter myAccount => Enter the Security column => Write a token name defined by yourself => Copy the generated token and save it. Note that this token can only be seen at generation time, so save it and use it during configuration.
The configuration Settings. The json
Find the SonarLint plug-in you already have installed and go to the introduction section. You can see that the introduction section teaches us how to configure our own SonarLint.
"sonarlint.connectedMode.project": {
"serverId": "warming".// The custom ID must be the same as the serverId below
"projectKey": "juejin:frontend:master".// You can see the project key in sonarQube
},
"sonarlint.connectedMode.servers": [{"serverId": "warming".// Same as the serverId above
"serverUrl": "https://sonar.juejin.im/".// This is the same url
"token": "* * * * * * * * * * * * * * * * * *" // Get the token before}]."sonarlint.ls.javaHome": "C: \ \ \ \ Program Files \ \ Java \ \ jdk1.8.0 _91".// javaHome needs to be configured
Copy the codeThe end of the
At this point the configuration is complete, restart vscode and you will see an error from sonarlint. The production critical warning problem can now be effectively avoided.
sonarlint
Sonarlint does a good job in some respects, and many errors in code logic will be flagged. Eslint focuses on syntax errors. As in the following code block, SonarLint will indicate unsafe writing, while ESLint will not. Finally overwrites the return in the try and catch. In any case, a return in finally will be returned, which is not in accordance with our normal logic and will result in an error.
function final() {
try{
// doSomething();
return true;
} catch(err) {
return false;
} finally {
return 'is over'; // sonarlint error}}Copy the code