Open kaisermann opened 4 years ago
I had a previous experience with SonarQube. There are other alternatives with more minimalistic configuration, but with fewer options to set up a profile.
There are good plugins and integrations for the SonarQube. It is easy to set up a configuration for TS: https://docs.sonarqube.org/latest/analysis/languages/typescript
If we choose this tool it is necessary to set up a profile with the desired rules. The default profile helps but it is opined.
What is to be discussed?
SonarQube is a great static analysis tool that can detect dark-patterns, security flaws and elusive bugs way deeper than a linter can. We should check if we can use it in some of our projects.
Does someone have previous experience with it? I've only used it once.
Additional context
Reference: https://www.sonarsource.com/products/codeanalyzers/sonarjs.html