UNPKG

@sonar/scan

Version:

SonarQube/SonarCloud Scanner for the JavaScript world

docs.sonarsource.com/sonarqube-server/latest/analyzing-source-code/scanners/npm/introduction/

54 lines (53 loc) 2.36 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
"use strict"; /* * sonar-scanner-npm * Copyright (C) 2022-2025 SonarSource SA * mailto:info AT sonarsource DOT com * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU Lesser General Public * License as published by the Free Software Foundation; either * version 3 of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * Lesser General Public License for more details. * * You should have received a copy of the GNU Lesser General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */ var __importDefault = (this && this.__importDefault) || function (mod) { return (mod && mod.__esModule) ? mod : { "default": mod }; }; Object.defineProperty(exports, "__esModule", { value: true }); exports.locateExecutableFromPath = locateExecutableFromPath; const child_process_1 = require("child_process"); const util_1 = __importDefault(require("util")); const constants_1 = require("./constants"); const logging_1 = require("./logging"); const platform_1 = require("./platform"); const execAsync = util_1.default.promisify(child_process_1.exec); /** * Verify that a given executable is accessible from the PATH. * We use where.exe on Windows to check for the existence of the command to avoid * search path vulnerabilities. Otherwise, Windows would search the current directory * for the executable. */ async function locateExecutableFromPath(executable) { try { (0, logging_1.log)(logging_1.LogLevel.INFO, `Trying to find ${executable}`); const child = await execAsync(`${(0, platform_1.isWindows)() ? constants_1.WINDOWS_WHERE_EXE_PATH : 'which'} ${executable}`); const stdout = child.stdout?.trim(); if (stdout.length) { return stdout; } (0, logging_1.log)(logging_1.LogLevel.INFO, 'Local install of SonarScanner CLI found.'); return null; } catch (error) { (0, logging_1.log)(logging_1.LogLevel.INFO, `Local install of SonarScanner CLI (${executable}) not found`); return null; } }