An enhanced fork of sonar-report that provides modern vulnerability reporting for SonarQube.
Enhanced vulnerability reporting with modern UI and advanced features
| Feature | sonar-report | SonarFlex |
|---|---|---|
| SonarQube Support | ≤ 7.9 | Up to 10.x |
| PDF Export | ❌ | ✅ |
| Modern UI | Basic | Enhanced |
| Quality Gates | Basic | Detailed |
| Issue Tracking | Basic | Enhanced |
| Hotspot Support | Limited | Full |
| Delta Analysis | Limited | Full |
| Debug Mode | ❌ | ✅ |
| Proxy Support | Basic | Advanced |
| Custom Templates | Basic | Full EJS |
# Installation
npm install -g sonarflex
# Basic Usage
sonarflex \
--sonarurl="https://sonar.company.com" \
--sonarcomponent="project-key" \
--sonartoken="your-token" \
--output="report.html"# Authentication (Token - Recommended)
sonarflex --sonartoken="your-token"
# Authentication (Username/Password)
sonarflex --sonarusername="user" --sonarpassword="pass"
# Branch Analysis
sonarflex --branch="feature/new-auth"
# Quality Gates
sonarflex --quality-gate-status --coverage# Custom Template
sonarflex --ejs-file="template.ejs"
# Custom Styling
sonarflex --stylesheet-file="custom.css"
# Custom Labels
sonarflex \
--vulnerability-phrase="Security Issue" \
--vulnerability-plural-phrase="Security Issues"| Option | Description | Default |
|---|---|---|
--sonarurl |
SonarQube URL | - |
--sonarcomponent |
Project key | - |
--sonartoken |
Auth token | - |
--output |
Report path | - |
| Option | Description | Default |
|---|---|---|
--branch |
Branch to analyze | main |
--in-new-code-period |
Delta analysis | false |
--allbugs |
Include all bugs | false |
--no-security-hotspot |
Disable hotspots | false |
| Option | Description | Default |
|---|---|---|
--quality-gate-status |
Show quality gates | false |
--coverage |
Show coverage | false |
--link-issues |
Link to SonarQube | false |
--no-rules-in-report |
Hide rules section | false |
Track changes between versions:
sonarflex \
--in-new-code-period \
--branch="feature/new-auth"Include detailed quality metrics:
sonarflex \
--quality-gate-status \
--coveragesonarflex \
--stylesheet-file="custom.css" \
--ejs-file="template.ejs"Enable detailed logging:
sonarflex --debugDebug output includes:
- API requests/responses
- Authentication process
- Template rendering
- File operations
- Fork the repository
- Create feature branch (
git checkout -b feature/AmazingFeature) - Commit changes (
git commit -m 'Add AmazingFeature') - Push to branch (
git push origin feature/AmazingFeature) - Open Pull Request
MIT License - see LICENSE for details
- Original sonar-report team
- SonarQube team for their excellent API
- Community contributors and users
Made with ❤️ by the SonarFlex Team