Help for run License Check for NPM modules

[HSSE-Dev]

Hello,
we already use License Check for Java from bug #44 and now want to use LicenseCheck for our NPM projects as well.
How is Sonar Qube configured to have all the necessary information for LicenseCheck and run the analysis?
Currently, no package.json is uploaded to the code files with Sonar Qube.
Thank you very much for your help.

[derkoe]

When the sonar scanner (via Maven or the standalone version) detects a package.json in the root of your module it is scanned automatically. The dependency files (pom.xml, package.json) are not uploaded to SonarQube

[HSSE-Dev]

Thank you very much for your answer. We had a bug in the Sonar Qube Task configuration (Azure Devops) and had to explicitly set the ProjectBaseDir as property and for the NPM project the wrong Java Quality profile was used. It would be very good if, as already suggested, there were still separate rules for it.

We are scanning a pure NPM project without Java/Maven dependencies, the following exception is thrown:

INFO: Sensor License Check [licensecheck]
WARN: Error reading file
java.lang.IllegalStateException: Maven application directory was not specified, and ${maven.home} is not provided in the system properties. Please specify at least on of these.
	at org.apache.maven.shared.invoker.MavenCommandLineBuilder.checkRequiredState(MavenCommandLineBuilder.java:124)
	at org.apache.maven.shared.invoker.MavenCommandLineBuilder.build(MavenCommandLineBuilder.java:59)
	at org.apache.maven.shared.invoker.DefaultInvoker.execute(DefaultInvoker.java:101)
	at at.porscheinformatik.sonarqube.licensecheck.maven.MavenDependencyScanner.readDependecyList(MavenDependencyScanner.java:116)
	at at.porscheinformatik.sonarqube.licensecheck.maven.MavenDependencyScanner.scan(MavenDependencyScanner.java:75)
	at at.porscheinformatik.sonarqube.licensecheck.LicenseCheckSensor.execute(LicenseCheckSensor.java:101)
	at org.sonar.scanner.sensor.AbstractSensorWrapper.analyse(AbstractSensorWrapper.java:48)
	at org.sonar.scanner.sensor.ModuleSensorsExecutor.execute(ModuleSensorsExecutor.java:85)
	at org.sonar.scanner.sensor.ModuleSensorsExecutor.lambda$execute$1(ModuleSensorsExecutor.java:59)
	at org.sonar.scanner.sensor.ModuleSensorsExecutor.withModuleStrategy(ModuleSensorsExecutor.java:77)
	at org.sonar.scanner.sensor.ModuleSensorsExecutor.execute(ModuleSensorsExecutor.java:59)
	at org.sonar.scanner.scan.ModuleScanContainer.doAfterStart(ModuleScanContainer.java:82)
	at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:136)
	at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:122)
	at org.sonar.scanner.scan.ProjectScanContainer.scan(ProjectScanContainer.java:359)
	at org.sonar.scanner.scan.ProjectScanContainer.scanRecursively(ProjectScanContainer.java:354)
	at org.sonar.scanner.scan.ProjectScanContainer.doAfterStart(ProjectScanContainer.java:317)
	at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:136)
	at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:122)
	at org.sonar.scanner.bootstrap.GlobalContainer.doAfterStart(GlobalContainer.java:128)
	at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:136)
	at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:122)
	at org.sonar.batch.bootstrapper.Batch.doExecute(Batch.java:73)
	at org.sonar.batch.bootstrapper.Batch.execute(Batch.java:67)
	at org.sonarsource.scanner.api.internal.batch.BatchIsolatedLauncher.execute(BatchIsolatedLauncher.java:46)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
	at java.lang.reflect.Method.invoke(Unknown Source)
	at org.sonarsource.scanner.api.internal.IsolatedLauncherProxy.invoke(IsolatedLauncherProxy.java:60)
	at com.sun.proxy.$Proxy0.execute(Unknown Source)
	at org.sonarsource.scanner.api.EmbeddedScanner.doExecute(EmbeddedScanner.java:185)
	at org.sonarsource.scanner.api.EmbeddedScanner.execute(EmbeddedScanner.java:137)
	at org.sonarsource.scanner.cli.Main.execute(Main.java:111)
	at org.sonarsource.scanner.cli.Main.execute(Main.java:75)
	at org.sonarsource.scanner.cli.Main.main(Main.java:61)
INFO: Dependency @angular/animations uses a not allowed license 

How can you bypass the error or exclude the required Maven analysis infos?