npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@natsunaaa/export-sonarqube-report

v0.1.62

Published

Generate PDF reports from SonarQube Community Edition

Readme

@natsunaaa/export-sonarqube-report

Generate reports (PDF / Excel / CSV / HTML) from SonarQube Community Edition.

English | 한국어 | 中文


English

Community Edition doesn't include built-in reporting. This tool fills that gap by calling the SonarQube Web API and generating reports in multiple formats (PDF, Excel, CSV, HTML) with quality gate status, metrics, and issues.

Examples

# Basic report (default: PDF, all issues included)
npx @natsunaaa/export-sonarqube-report \
  -u http://localhost:9000 \
  -t <your-sonarqube-token> \
  -k my-project-key \
  -o report.pdf

# Excel report (.xlsx) — multiple sheets: Summary, Quality Gate, Metrics, Issues
npx @natsunaaa/export-sonarqube-report \
  -u http://localhost:9000 -t <token> -k my-project \
  -f excel -o report.xlsx

# CSV report — UTF-8 with BOM (Excel-compatible for non-ASCII characters)
npx @natsunaaa/export-sonarqube-report \
  -u http://localhost:9000 -t <token> -k my-project \
  -f csv -o report.csv

# HTML report — self-contained with inline CSS, viewable in any browser
npx @natsunaaa/export-sonarqube-report \
  -u http://localhost:9000 -t <token> -k my-project \
  -f html -o report.html

# SonarQube 10+: filter by Software Quality (matches console categories)
npx @natsunaaa/export-sonarqube-report \
  -u http://localhost:9000 -t <token> -k my-project \
  --software-qualities RELIABILITY -o reliability-report.pdf

# SonarQube 10+: filter by impact severity
npx @natsunaaa/export-sonarqube-report \
  -u http://localhost:9000 -t <token> -k my-project \
  --impact-severities HIGH,MEDIUM -o high-medium-report.pdf

# Legacy: filter by type (BUG only)
npx @natsunaaa/export-sonarqube-report \
  -u http://localhost:9000 -t <token> -k my-project \
  --types BUG -o bugs-report.pdf

# Detailed report with source snippets and rule descriptions (works with all formats)
npx @natsunaaa/export-sonarqube-report \
  -u http://localhost:9000 -t <token> -k my-project \
  --software-qualities RELIABILITY --impact-severities HIGH \
  --detail -f html -o critical-reliability.html

# Metrics + Quality Gate only (no issues)
npx @natsunaaa/export-sonarqube-report \
  -u http://localhost:9000 -t <token> -k my-project \
  --no-issues -o summary.pdf

# Using SONAR_TOKEN env variable
SONAR_TOKEN=your-token npx @natsunaaa/export-sonarqube-report \
  -u http://localhost:9000 -t -k my-project -o report.pdf

Installation

npm i @natsunaaa/export-sonarqube-report

CLI Usage

npx @natsunaaa/export-sonarqube-report \
  -u http://localhost:9000 \
  -t <your-sonarqube-token> \
  -k my-project-key \
  -o report.pdf

Options

| Option | Description | | ------------------------------- | ---------------------------------------------------------------------- | | -u, --url <url> | SonarQube server URL (required) | | -t, --token <token> | Authentication token, or set SONAR_TOKEN env (required) | | -k, --project-key <key> | SonarQube project key (required) | | -o, --output <path> | Output file path (extension auto-set from format if omitted) | | -f, --format <format> | Output format: pdf (default), excel, csv, html | | --title <title> | Custom report title | | --no-issues | Exclude issues from report | | --detail | Include source snippets and rule descriptions (works with all formats) | | --severities <list> | Filter by legacy severity: BLOCKER,CRITICAL,MAJOR,MINOR,INFO | | --impact-severities <list> | Filter by impact severity (SonarQube 10+): HIGH,MEDIUM,LOW,INFO | | --software-qualities <list> | Filter by software quality (SonarQube 10+): SECURITY,RELIABILITY,MAINTAINABILITY | | --types <list> | Filter by issue type: BUG,VULNERABILITY,CODE_SMELL |

SonarQube 10+ vs Legacy Filtering

SonarQube 10+ introduced a new classification system based on Software Quality and Impact Severity, which differs from the legacy system.

| Console Category | New Filter (--software-qualities) | Legacy Filter (--types) | | ----------------- | ----------------------------------- | ------------------------- | | Security | SECURITY | VULNERABILITY | | Reliability | RELIABILITY | BUG | | Maintainability | MAINTAINABILITY | CODE_SMELL |

| Console Severity | New Filter (--impact-severities) | Legacy Filter (--severities) | | ---------------- | ---------------------------------- | ------------------------------------- | | High | HIGH | BLOCKER,CRITICAL | | Medium | MEDIUM | MAJOR | | Low | LOW | MINOR | | Info | INFO | INFO |

Tip: To match the numbers shown in SonarQube 10+ console, use --software-qualities and --impact-severities instead of --types and --severities.

Output Formats

| Format | Extension | Description | | ------ | --------- | ------------------------------------------------------------------------------------------------- | | pdf | .pdf | Print-ready document with formatted layout (default) | | excel| .xlsx | Multi-sheet spreadsheet (Summary, Quality Gate, Metrics, Issues) with auto-filter on Issues sheet | | csv | .csv | UTF-8 with BOM for Excel compatibility; sections separated by blank lines | | html | .html | Self-contained HTML with inline CSS, viewable in any browser |

--detail works with every format:

  • PDF / HTML: rule description and source snippet displayed inline below each issue
  • Excel / CSV: extra columns added — Rule Name, Rule Description, Source Snippet

Library Usage

import { generateReport } from "@natsunaaa/export-sonarqube-report";

const outputPath = await generateReport(
  {
    baseUrl: "http://localhost:9000",
    token: process.env.SONAR_TOKEN!,
    projectKey: "my-project",
  },
  {
    output: "report.xlsx",
    format: "excel",
    title: "Sprint Report",
    softwareQualities: ["RELIABILITY"],
    impactSeverities: ["HIGH", "MEDIUM"],
    detail: true,
  },
);

You can also call format-specific generators directly:

import { SonarQubeClient, generateExcel, generateHtml } from "@natsunaaa/export-sonarqube-report";

const client = new SonarQubeClient({ baseUrl, token, projectKey });
const data = {
  title: "My Report",
  projectKey,
  generatedAt: new Date(),
  qualityGate: await client.getQualityGateStatus(),
  metrics: await client.getMetrics(),
  issues: await client.getAllIssues(),
};
await generateExcel(data, "report.xlsx");
await generateHtml(data, "report.html");

Using the client directly

import { SonarQubeClient } from "@natsunaaa/export-sonarqube-report";

const client = new SonarQubeClient({
  baseUrl: "http://localhost:9000",
  token: process.env.SONAR_TOKEN!,
  projectKey: "my-project",
});

const metrics = await client.getMetrics();
const qualityGate = await client.getQualityGateStatus();
const { issues, total } = await client.getIssues({
  impactSeverities: ["HIGH"],
  softwareQualities: ["RELIABILITY"],
});

Report Contents

  • Quality Gate status (PASSED / FAILED)
  • Metrics: bugs, vulnerabilities, code smells, coverage, duplications, lines of code, ratings
  • Issues grouped by Software Quality and impact severity (SonarQube 10+)
  • Issue details with file location, source snippets, and rule descriptions (with --detail)
  • Available in PDF, Excel, CSV, and HTML formats

Requirements

  • Node.js >= 18
  • SonarQube server with a valid user token

한국어

SonarQube Community Edition에는 리포트 기능이 없습니다. 이 도구는 SonarQube Web API를 호출하여 Quality Gate 상태, 메트릭, 이슈를 PDF / Excel / CSV / HTML 리포트로 생성합니다.

예시

# 기본 리포트 (기본값 PDF, 전체 이슈 포함)
npx @natsunaaa/export-sonarqube-report \
  -u http://localhost:9000 \
  -t <소나큐브-토큰> \
  -k my-project-key \
  -o report.pdf

# Excel 리포트 (.xlsx) — Summary, Quality Gate, Metrics, Issues 시트로 구성
npx @natsunaaa/export-sonarqube-report \
  -u http://localhost:9000 -t <token> -k my-project \
  -f excel -o report.xlsx

# CSV 리포트 — UTF-8 BOM 포함 (한글이 Excel에서 깨지지 않음)
npx @natsunaaa/export-sonarqube-report \
  -u http://localhost:9000 -t <token> -k my-project \
  -f csv -o report.csv

# HTML 리포트 — 인라인 CSS, 어떤 브라우저에서도 열람 가능
npx @natsunaaa/export-sonarqube-report \
  -u http://localhost:9000 -t <token> -k my-project \
  -f html -o report.html

# SonarQube 10+: Software Quality 기준 필터 (콘솔 카테고리와 동일)
npx @natsunaaa/export-sonarqube-report \
  -u http://localhost:9000 -t <token> -k my-project \
  --software-qualities RELIABILITY -o reliability-report.pdf

# SonarQube 10+: impact severity 기준 필터
npx @natsunaaa/export-sonarqube-report \
  -u http://localhost:9000 -t <token> -k my-project \
  --impact-severities HIGH,MEDIUM -o high-medium-report.pdf

# 레거시: 타입 기준 필터 (BUG만)
npx @natsunaaa/export-sonarqube-report \
  -u http://localhost:9000 -t <token> -k my-project \
  --types BUG -o bugs-report.pdf

# 소스코드 스니펫 + 룰 설명 포함 상세 리포트 (모든 포맷에서 사용 가능)
npx @natsunaaa/export-sonarqube-report \
  -u http://localhost:9000 -t <token> -k my-project \
  --software-qualities RELIABILITY --impact-severities HIGH \
  --detail -f html -o critical-reliability.html

# 메트릭 + Quality Gate만 (이슈 제외)
npx @natsunaaa/export-sonarqube-report \
  -u http://localhost:9000 -t <token> -k my-project \
  --no-issues -o summary.pdf

# SONAR_TOKEN 환경변수 사용
SONAR_TOKEN=your-token npx @natsunaaa/export-sonarqube-report \
  -u http://localhost:9000 -t -k my-project -o report.pdf

설치

npm i @natsunaaa/export-sonarqube-report

CLI 사용법

npx @natsunaaa/export-sonarqube-report \
  -u http://localhost:9000 \
  -t <소나큐브-토큰> \
  -k my-project-key \
  -o report.pdf

옵션

| 옵션 | 설명 | | ------------------------------- | ----------------------------------------------------------------- | | -u, --url <url> | SonarQube 서버 URL (필수) | | -t, --token <token> | 인증 토큰, 또는 SONAR_TOKEN 환경변수 사용 (필수) | | -k, --project-key <key> | SonarQube 프로젝트 키 (필수) | | -o, --output <path> | 출력 파일 경로 (생략 시 포맷에 맞는 확장자 자동 적용) | | -f, --format <format> | 출력 포맷: pdf (기본), excel, csv, html | | --title <title> | 리포트 제목 | | --no-issues | 이슈 목록 제외 | | --detail | 소스코드 스니펫 및 룰 설명 포함 (모든 포맷 지원) | | --severities <list> | 레거시 심각도 필터: BLOCKER,CRITICAL,MAJOR,MINOR,INFO | | --impact-severities <list> | Impact 심각도 필터 (SonarQube 10+): HIGH,MEDIUM,LOW,INFO | | --software-qualities <list> | Software Quality 필터 (SonarQube 10+): SECURITY,RELIABILITY,MAINTAINABILITY | | --types <list> | 이슈 타입 필터: BUG,VULNERABILITY,CODE_SMELL |

SonarQube 10+ vs 레거시 필터링

SonarQube 10+에서는 Software QualityImpact Severity 기반의 새로운 분류 체계를 도입했습니다. 콘솔에 보이는 숫자와 동일한 결과를 얻으려면 새 필터를 사용하세요.

| 콘솔 카테고리 | 새 필터 (--software-qualities) | 레거시 필터 (--types) | | ----------------- | ----------------------------------- | ------------------------- | | Security | SECURITY | VULNERABILITY | | Reliability | RELIABILITY | BUG | | Maintainability | MAINTAINABILITY | CODE_SMELL |

| 콘솔 심각도 | 새 필터 (--impact-severities) | 레거시 필터 (--severities) | | ----------- | ---------------------------------- | ------------------------------------- | | High | HIGH | BLOCKER,CRITICAL | | Medium | MEDIUM | MAJOR | | Low | LOW | MINOR | | Info | INFO | INFO |

팁: SonarQube 10+ 콘솔에 표시되는 숫자와 일치시키려면 --types/--severities 대신 --software-qualities/--impact-severities를 사용하세요.

출력 포맷

| 포맷 | 확장자 | 설명 | | ------- | ------- | ----------------------------------------------------------------------------------- | | pdf | .pdf | 인쇄에 최적화된 형식 (기본값) | | excel | .xlsx | 다중 시트 (Summary, Quality Gate, Metrics, Issues), Issues 시트에 자동 필터 적용 | | csv | .csv | UTF-8 BOM 포함 (Excel 한글 호환), 섹션 사이 빈 줄로 구분 | | html | .html | 인라인 CSS 포함된 단일 파일, 어떤 브라우저에서도 열람 가능 |

--detail은 모든 포맷에서 동작합니다:

  • PDF / HTML: 각 이슈 아래에 룰 설명과 소스 스니펫이 인라인으로 표시
  • Excel / CSV: Rule Name, Rule Description, Source Snippet 컬럼이 추가됨

라이브러리 사용법

import { generateReport } from "@natsunaaa/export-sonarqube-report";

const outputPath = await generateReport(
  {
    baseUrl: "http://localhost:9000",
    token: process.env.SONAR_TOKEN!,
    projectKey: "my-project",
  },
  {
    output: "report.xlsx",
    format: "excel",
    title: "스프린트 리포트",
    softwareQualities: ["RELIABILITY"],
    impactSeverities: ["HIGH", "MEDIUM"],
    detail: true,
  },
);

포맷별 generator를 직접 호출할 수도 있습니다:

import { SonarQubeClient, generateExcel, generateHtml } from "@natsunaaa/export-sonarqube-report";

const client = new SonarQubeClient({ baseUrl, token, projectKey });
const data = {
  title: "내 리포트",
  projectKey,
  generatedAt: new Date(),
  qualityGate: await client.getQualityGateStatus(),
  metrics: await client.getMetrics(),
  issues: await client.getAllIssues(),
};
await generateExcel(data, "report.xlsx");
await generateHtml(data, "report.html");

클라이언트 직접 사용

import { SonarQubeClient } from "@natsunaaa/export-sonarqube-report";

const client = new SonarQubeClient({
  baseUrl: "http://localhost:9000",
  token: process.env.SONAR_TOKEN!,
  projectKey: "my-project",
});

const metrics = await client.getMetrics();
const qualityGate = await client.getQualityGateStatus();
const { issues, total } = await client.getIssues({
  impactSeverities: ["HIGH"],
  softwareQualities: ["RELIABILITY"],
});

리포트 내용

  • Quality Gate 상태 (PASSED / FAILED)
  • 메트릭: 버그, 취약점, 코드 스멜, 커버리지, 중복률, 코드 라인 수, 등급
  • Software Quality 및 Impact Severity 기준 이슈 분류 (SonarQube 10+)
  • 이슈 상세 (파일 위치, 소스코드 스니펫, 룰 설명) — --detail 사용 시
  • PDF, Excel, CSV, HTML 포맷 지원

요구사항

  • Node.js >= 18
  • 유효한 사용자 토큰이 있는 SonarQube 서버

中文

SonarQube Community Edition 不包含报告功能。本工具通过调用 SonarQube Web API,生成包含质量门状态、指标和问题的报告,支持 PDF / Excel / CSV / HTML 格式。

示例

# 基本报告(默认 PDF,包含所有问题)
npx @natsunaaa/export-sonarqube-report \
  -u http://localhost:9000 \
  -t <你的SonarQube令牌> \
  -k my-project-key \
  -o report.pdf

# Excel 报告 (.xlsx) — 多个工作表:Summary, Quality Gate, Metrics, Issues
npx @natsunaaa/export-sonarqube-report \
  -u http://localhost:9000 -t <token> -k my-project \
  -f excel -o report.xlsx

# CSV 报告 — 包含 UTF-8 BOM(Excel 兼容非 ASCII 字符)
npx @natsunaaa/export-sonarqube-report \
  -u http://localhost:9000 -t <token> -k my-project \
  -f csv -o report.csv

# HTML 报告 — 包含内联 CSS,可在任何浏览器中查看
npx @natsunaaa/export-sonarqube-report \
  -u http://localhost:9000 -t <token> -k my-project \
  -f html -o report.html

# SonarQube 10+:按软件质量过滤(与控制台分类一致)
npx @natsunaaa/export-sonarqube-report \
  -u http://localhost:9000 -t <token> -k my-project \
  --software-qualities RELIABILITY -o reliability-report.pdf

# SonarQube 10+:按影响严重程度过滤
npx @natsunaaa/export-sonarqube-report \
  -u http://localhost:9000 -t <token> -k my-project \
  --impact-severities HIGH,MEDIUM -o high-medium-report.pdf

# 旧版:按类型过滤(仅 BUG)
npx @natsunaaa/export-sonarqube-report \
  -u http://localhost:9000 -t <token> -k my-project \
  --types BUG -o bugs-report.pdf

# 包含源代码片段和规则说明的详细报告(适用于所有格式)
npx @natsunaaa/export-sonarqube-report \
  -u http://localhost:9000 -t <token> -k my-project \
  --software-qualities RELIABILITY --impact-severities HIGH \
  --detail -f html -o critical-reliability.html

# 仅指标 + 质量门(不含问题)
npx @natsunaaa/export-sonarqube-report \
  -u http://localhost:9000 -t <token> -k my-project \
  --no-issues -o summary.pdf

# 使用 SONAR_TOKEN 环境变量
SONAR_TOKEN=your-token npx @natsunaaa/export-sonarqube-report \
  -u http://localhost:9000 -t -k my-project -o report.pdf

安装

npm i @natsunaaa/export-sonarqube-report

CLI 使用方法

npx @natsunaaa/export-sonarqube-report \
  -u http://localhost:9000 \
  -t <你的SonarQube令牌> \
  -k my-project-key \
  -o report.pdf

选项

| 选项 | 说明 | | ------------------------------- | ------------------------------------------------------------------ | | -u, --url <url> | SonarQube 服务器 URL(必填) | | -t, --token <token> | 认证令牌,或设置 SONAR_TOKEN 环境变量(必填) | | -k, --project-key <key> | SonarQube 项目键(必填) | | -o, --output <path> | 输出文件路径(省略时根据格式自动设置扩展名) | | -f, --format <format> | 输出格式:pdf(默认)、excelcsvhtml | | --title <title> | 报告标题 | | --no-issues | 不包含问题列表 | | --detail | 包含源代码片段和规则说明(所有格式均支持) | | --severities <list> | 按旧版严重程度过滤:BLOCKER,CRITICAL,MAJOR,MINOR,INFO | | --impact-severities <list> | 按影响严重程度过滤(SonarQube 10+):HIGH,MEDIUM,LOW,INFO | | --software-qualities <list> | 按软件质量过滤(SonarQube 10+):SECURITY,RELIABILITY,MAINTAINABILITY | | --types <list> | 按问题类型过滤:BUG,VULNERABILITY,CODE_SMELL |

SonarQube 10+ 与旧版过滤对比

SonarQube 10+ 引入了基于软件质量影响严重程度的新分类系统。要获得与控制台一致的数字,请使用新过滤器。

| 控制台分类 | 新过滤器 (--software-qualities) | 旧版过滤器 (--types) | | ----------------- | ----------------------------------- | ------------------------- | | Security | SECURITY | VULNERABILITY | | Reliability | RELIABILITY | BUG | | Maintainability | MAINTAINABILITY | CODE_SMELL |

| 控制台严重程度 | 新过滤器 (--impact-severities) | 旧版过滤器 (--severities) | | -------------- | ---------------------------------- | ------------------------------------- | | High | HIGH | BLOCKER,CRITICAL | | Medium | MEDIUM | MAJOR | | Low | LOW | MINOR | | Info | INFO | INFO |

提示: 要匹配 SonarQube 10+ 控制台显示的数字,请使用 --software-qualities/--impact-severities 代替 --types/--severities

输出格式

| 格式 | 扩展名 | 说明 | | ------- | ------- | --------------------------------------------------------------------------------- | | pdf | .pdf | 适合打印的格式化文档(默认) | | excel | .xlsx | 多工作表(Summary, Quality Gate, Metrics, Issues),Issues 工作表含自动筛选 | | csv | .csv | 含 UTF-8 BOM(兼容 Excel 非 ASCII 字符),各部分用空行分隔 | | html | .html | 包含内联 CSS 的独立文件,可在任何浏览器中查看 |

--detail 适用于所有格式:

  • PDF / HTML:每个问题下方内联显示规则说明和源代码片段
  • Excel / CSV:增加 Rule NameRule DescriptionSource Snippet

作为库使用

import { generateReport } from "@natsunaaa/export-sonarqube-report";

const outputPath = await generateReport(
  {
    baseUrl: "http://localhost:9000",
    token: process.env.SONAR_TOKEN!,
    projectKey: "my-project",
  },
  {
    output: "report.xlsx",
    format: "excel",
    title: "Sprint 报告",
    softwareQualities: ["RELIABILITY"],
    impactSeverities: ["HIGH", "MEDIUM"],
    detail: true,
  },
);

也可以直接调用特定格式的生成器:

import { SonarQubeClient, generateExcel, generateHtml } from "@natsunaaa/export-sonarqube-report";

const client = new SonarQubeClient({ baseUrl, token, projectKey });
const data = {
  title: "我的报告",
  projectKey,
  generatedAt: new Date(),
  qualityGate: await client.getQualityGateStatus(),
  metrics: await client.getMetrics(),
  issues: await client.getAllIssues(),
};
await generateExcel(data, "report.xlsx");
await generateHtml(data, "report.html");

直接使用客户端

import { SonarQubeClient } from "@natsunaaa/export-sonarqube-report";

const client = new SonarQubeClient({
  baseUrl: "http://localhost:9000",
  token: process.env.SONAR_TOKEN!,
  projectKey: "my-project",
});

const metrics = await client.getMetrics();
const qualityGate = await client.getQualityGateStatus();
const { issues, total } = await client.getIssues({
  impactSeverities: ["HIGH"],
  softwareQualities: ["RELIABILITY"],
});

报告内容

  • 质量门状态(PASSED / FAILED)
  • 指标:缺陷、漏洞、代码异味、覆盖率、重复率、代码行数、评级
  • 按软件质量和影响严重程度分组的问题(SonarQube 10+)
  • 问题详情(文件位置、源代码片段、规则说明)— 使用 --detail
  • 支持 PDF、Excel、CSV、HTML 格式

系统要求

  • Node.js >= 18
  • 拥有有效用户令牌的 SonarQube 服务器

License

MIT