{"id":2144,"date":"2025-12-09T15:17:00","date_gmt":"2025-12-09T15:17:00","guid":{"rendered":"https:\/\/www.almtoolbox.com\/fr\/blog\/?p=2144"},"modified":"2026-01-29T15:20:00","modified_gmt":"2026-01-29T15:20:00","slug":"sonarqube-and-javascript","status":"publish","type":"post","link":"https:\/\/www.almtoolbox.com\/fr\/blog\/sonarqube-and-javascript\/","title":{"rendered":"SonarQube et JavaScript"},"content":{"rendered":"<p>Dans l&#8217;article suivant, je passerai en revue les capacit\u00e9s de SonarQube li\u00e9es \u00e0 JavaScript (JS) qui aident les d\u00e9veloppeurs et les responsables de d\u00e9veloppement, avec des d\u00e9monstrations \u00e0 l&#8217;appui.<\/p>\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"930\" height=\"450\" src=\"https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2025\/11\/sonarqube-js.webp\" alt=\"SonarQube et Javascript\" class=\"wp-image-12881\" srcset=\"https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2025\/11\/sonarqube-js.webp 930w, https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2025\/11\/sonarqube-js-300x145.webp 300w, https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2025\/11\/sonarqube-js-768x372.webp 768w\" sizes=\"auto, (max-width: 930px) 100vw, 930px\" \/><\/figure>\n<\/div>\n<p>SonarQube propose des tests de s\u00e9curit\u00e9 statiques des applications (SAST) pour plus de 30 langages et frameworks (y compris les langages d&#8217;infrastructure).<br \/>L&#8217;un des plus populaires d&#8217;entre eux est <em>JavaScript<\/em> (JS).<br \/>L&#8217;outil propose plus de 420 r\u00e8gles pour JS (dont beaucoup sont uniques) et prend en charge 5 aspects :<br \/>Bugs, Vuln\u00e9rabilit\u00e9s de S\u00e9curit\u00e9, Security Hotspots (zones sensibles), Code Smells (mauvaises odeurs de code) et corrections rapides (Quick fix).<br \/><em>Vous pouvez recevoir de notre part un fichier Excel d\u00e9taill\u00e9 et \u00e0 jour contenant toutes les r\u00e8gles pour JS (et d&#8217;autres langages) &#8211; contactez-nous via l&#8217;email indiqu\u00e9 ci-dessous.<\/em><\/p>\n<div class=\"alm-box alm-contact\" style=\"display: inline-block;\">\n<h3>Table des mati\u00e8res :<\/h3>\n<ul>\n<li class=\"\"><a style=\"opacity: 1;\" href=\"#bugs\"> Bugs<\/a><\/li>\n<li><a style=\"opacity: 1;\" href=\"#vulnerability\">Vuln\u00e9rabilit\u00e9 de S\u00e9curit\u00e9<\/a><\/li>\n<li><a style=\"opacity: 1;\" href=\"#hotspot\">Security Hotspot<\/a><\/li>\n<li><a style=\"opacity: 1;\" href=\"#code-smell\">Code Smell<\/a><\/li>\n<li><a href=\"#cpp-advantage\">Pourquoi SonarQube est-il particuli\u00e8rement adapt\u00e9 \u00e0 JavaScript ?<\/a><\/li>\n<li><a href=\"#demo\">Vid\u00e9o de D\u00e9monstration<\/a><\/li>\n<li><a href=\"#standards\">Prise en charge d&#8217;un large \u00e9ventail de normes<\/a><\/li>\n<li><a href=\"#os-compilers\">Prise en charge de divers syst\u00e8mes d&#8217;exploitation et compilateurs<\/a><\/li>\n<li><a href=\"#pricing\">Tarifs et informations sur les co\u00fbts<\/a><\/li>\n<\/ul>\n<\/div>\n<h4 class=\"wp-block-heading alm-box\"><em class=\"\">Des questions ? N&#8217;h\u00e9sitez pas \u00e0 nous contacter, nous serons ravis de vous r\u00e9pondre ! Email : <a href=\"mailto:sonarqube@almtoolbox.com\" target=\"_blank\" rel=\"noopener\">sonarqube@almtoolbox.com<\/a> (Num\u00e9ro de t\u00e9l\u00e9phone disponible plus loin dans l&#8217;article)<\/em><\/h4>\n<h2 class=\"wp-block-heading\">Bugs<\/h2>\n<p>SonarQube dispose de plus de 80 r\u00e8gles pour JS qui d\u00e9tectent les bugs et expliquent comment les corriger.<br \/>Voici quelques exemples :<\/p>\n<figure class=\"wp-block-gallery has-nested-images columns-3 is-cropped wp-block-gallery-1 is-layout-flex wp-block-gallery-is-layout-flex\">\n<figure class=\"wp-block-image size-large\"><a href=\"https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-bug-RSPEC-1736.png\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"370\" data-id=\"8263\" src=\"https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-bug-RSPEC-1736-1024x370.png\" alt=\"sonarqube bug exemple 3\" class=\"wp-image-8263\" srcset=\"https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-bug-RSPEC-1736-1024x370.png 1024w, https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-bug-RSPEC-1736-300x108.png 300w, https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-bug-RSPEC-1736-768x278.png 768w, https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-bug-RSPEC-1736-1536x555.png 1536w, https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-bug-RSPEC-1736-2048x741.png 2048w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/a><\/figure>\n<figure class=\"wp-block-image size-large\"><a href=\"https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-bug-RSPEC-3584.png\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"466\" data-id=\"8262\" src=\"https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-bug-RSPEC-3584-1024x466.png\" alt=\"sonarqube bug exemple 2\" class=\"wp-image-8262\" srcset=\"https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-bug-RSPEC-3584-1024x466.png 1024w, https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-bug-RSPEC-3584-300x136.png 300w, https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-bug-RSPEC-3584-768x349.png 768w, https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-bug-RSPEC-3584-1536x698.png 1536w, https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-bug-RSPEC-3584-2048x931.png 2048w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/a><\/figure>\n<figure class=\"wp-block-image size-large\"><a href=\"https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-bug-RSPEC-3923.png\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"393\" data-id=\"8259\" src=\"https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-bug-RSPEC-3923-1024x393.png\" alt=\"sonarqube bug exemple 1\" class=\"wp-image-8259\" srcset=\"https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-bug-RSPEC-3923-1024x393.png 1024w, https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-bug-RSPEC-3923-300x115.png 300w, https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-bug-RSPEC-3923-768x295.png 768w, https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-bug-RSPEC-3923-1536x590.png 1536w, https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-bug-RSPEC-3923-2048x787.png 2048w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/a><\/figure>\n<\/figure>\n<p><span id=\"vulnerability\">&nbsp;<\/span><\/p>\n<h2 class=\"wp-block-heading\">Vuln\u00e9rabilit\u00e9 de S\u00e9curit\u00e9<\/h2>\n<p>SonarQube dispose actuellement de plus de 30 r\u00e8gles pour JS qui d\u00e9tectent les vuln\u00e9rabilit\u00e9s de s\u00e9curit\u00e9 et expliquent comment les corriger.<br \/>Voici quelques exemples :<\/p>\n<figure class=\"wp-block-gallery has-nested-images columns-3 is-cropped wp-block-gallery-2 is-layout-flex wp-block-gallery-is-layout-flex\">\n<figure class=\"wp-block-image size-large\"><a href=\"https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-vulnerability-1.webp\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"278\" data-id=\"8287\" src=\"https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-vulnerability-1-1024x278.webp\" alt=\"&quot;memset&quot; ne doit pas \u00eatre utilis\u00e9 pour supprimer des donn\u00e9es sensibles\" class=\"wp-image-8287\" srcset=\"https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-vulnerability-1-1024x278.webp 1024w, https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-vulnerability-1-300x82.webp 300w, https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-vulnerability-1-768x209.webp 768w, https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-vulnerability-1.webp 1200w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/a><\/figure>\n<figure class=\"wp-block-image size-large\"><a href=\"https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-vulnerability-2.webp\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"492\" data-id=\"8288\" src=\"https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-vulnerability-2-1024x492.webp\" alt=\"L&#8217;acc\u00e8s aux fichiers ne doit pas introduire de vuln\u00e9rabilit\u00e9s TOCTOU\" class=\"wp-image-8288\" srcset=\"https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-vulnerability-2-1024x492.webp 1024w, https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-vulnerability-2-300x144.webp 300w, https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-vulnerability-2-768x369.webp 768w, https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-vulnerability-2.webp 1200w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/a><\/figure>\n<figure class=\"wp-block-image size-large\"><a href=\"https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-vulnerability-3.webp\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"656\" data-id=\"8289\" src=\"https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-vulnerability-3-1024x656.webp\" alt=\"Les protocoles SSL\/TLS faibles ne doivent pas \u00eatre utilis\u00e9s\" class=\"wp-image-8289\" srcset=\"https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-vulnerability-3-1024x656.webp 1024w, https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-vulnerability-3-300x192.webp 300w, https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-vulnerability-3-768x492.webp 768w, https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-vulnerability-3.webp 1200w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/a><\/figure>\n<\/figure>\n<p><span id=\"hotspot\">&nbsp;<\/span><\/p>\n<h2 class=\"wp-block-heading\">Security Hotspot (Points sensibles de s\u00e9curit\u00e9)<\/h2>\n<p>SonarQube dispose de plus de 60 r\u00e8gles pour JS qui d\u00e9tectent les Security Hotspots et expliquent comment les traiter.<\/p>\n<p>Un Security Hotspot est une zone du code suspect\u00e9e d&#8217;\u00eatre une vuln\u00e9rabilit\u00e9 &#8211; g\u00e9n\u00e9ralement due \u00e0 l&#8217;utilisation d&#8217;API sensibles, de mod\u00e8les ou d&#8217;actions qui pourraient \u00eatre critiques &#8211; n\u00e9cessitant un examen humain pour d\u00e9cider si une vuln\u00e9rabilit\u00e9 existe r\u00e9ellement.<br \/>Voici quelques exemples :<\/p>\n<figure class=\"wp-block-gallery has-nested-images columns-3 is-cropped wp-block-gallery-3 is-layout-flex wp-block-gallery-is-layout-flex\">\n<figure class=\"wp-block-image size-large\"><a href=\"https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-hotspot-1.webp\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"700\" data-id=\"8291\" src=\"https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-hotspot-1-1024x700.webp\" alt=\"D\u00e9finir des permissions de fichiers POSIX laxistes est sensible \u00e0 la s\u00e9curit\u00e9\" class=\"wp-image-8291\" srcset=\"https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-hotspot-1-1024x700.webp 1024w, https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-hotspot-1-300x205.webp 300w, https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-hotspot-1-768x525.webp 768w, https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-hotspot-1.webp 1200w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/a><\/figure>\n<figure class=\"wp-block-image size-large\"><a href=\"https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-hotspot-2.webp\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"700\" data-id=\"8292\" src=\"https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-hotspot-2-1024x700.webp\" alt=\"L&#8217;utilisation de &quot;strncpy&quot; ou &quot;wcsncpy&quot; est sensible \u00e0 la s\u00e9curit\u00e9\" class=\"wp-image-8292\" srcset=\"https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-hotspot-2-1024x700.webp 1024w, https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-hotspot-2-300x205.webp 300w, https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-hotspot-2-768x525.webp 768w, https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-hotspot-2.webp 1200w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/a><\/figure>\n<figure class=\"wp-block-image size-large\"><a href=\"https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-hotspot-3.webp\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"700\" data-id=\"8293\" src=\"https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-hotspot-3-1024x700.webp\" alt=\"L&#8217;utilisation d&#8217;algorithmes de hachage faibles est sensible \u00e0 la s\u00e9curit\u00e9\" class=\"wp-image-8293\" srcset=\"https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-hotspot-3-1024x700.webp 1024w, https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-hotspot-3-300x205.webp 300w, https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-hotspot-3-768x525.webp 768w, https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-hotspot-3.webp 1200w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/a><\/figure>\n<\/figure>\n<p><span id=\"code-smell\">&nbsp;<\/span><\/p>\n<h2 class=\"wp-block-heading\">Code Smell (Mauvaises odeurs de code)<\/h2>\n<p>SonarQube dispose de plus de 240 r\u00e8gles pour JS qui d\u00e9tectent les Code Smells et expliquent comment les corriger.<br \/>Voici quelques exemples :<\/p>\n<figure class=\"wp-block-gallery has-nested-images columns-3 is-cropped wp-block-gallery-4 is-layout-flex wp-block-gallery-is-layout-flex\">\n<figure class=\"wp-block-image size-large\"><a href=\"https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-code-smell-3.webp\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"263\" data-id=\"8295\" src=\"https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-code-smell-3-1024x263.webp\" alt=\"Les instructions &quot;if&quot; imbriqu\u00e9es doivent \u00eatre fusionn\u00e9es\" class=\"wp-image-8295\" srcset=\"https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-code-smell-3-1024x263.webp 1024w, https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-code-smell-3-300x77.webp 300w, https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-code-smell-3-768x197.webp 768w, https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-code-smell-3.webp 1200w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/a><\/figure>\n<figure class=\"wp-block-image size-large\"><a href=\"https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-code-smell-2.webp\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"324\" data-id=\"8297\" src=\"https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-code-smell-2-1024x324.webp\" alt=\"La r\u00e9cursivit\u00e9 ne doit pas \u00eatre utilis\u00e9e\" class=\"wp-image-8297\" srcset=\"https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-code-smell-2-1024x324.webp 1024w, https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-code-smell-2-300x95.webp 300w, https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-code-smell-2-768x243.webp 768w, https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-code-smell-2.webp 1200w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/a><\/figure>\n<figure class=\"wp-block-image size-large\"><a href=\"https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-code-smell-1.webp\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"135\" data-id=\"8296\" src=\"https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-code-smell-1-1024x135.webp\" alt=\"L&#8217;instruction &quot;goto&quot; ne doit pas \u00eatre utilis\u00e9e\" class=\"wp-image-8296\" srcset=\"https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-code-smell-1-1024x135.webp 1024w, https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-code-smell-1-300x40.webp 300w, https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-code-smell-1-768x101.webp 768w, https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2022\/10\/Cpp-code-smell-1.webp 1200w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/a><\/figure>\n<\/figure>\n<p><span id=\"cpp-advantage\">&nbsp;<\/span><\/p>\n<h2 class=\"wp-block-heading\">Pourquoi SonarQube est-il particuli\u00e8rement adapt\u00e9 \u00e0 JavaScript ?<\/h2>\n<ul class=\"wp-block-list\">\n<li>Large gamme de r\u00e8gles (plus de 420)<\/li>\n<li>Adaptation \u00e0 de nombreux frameworks JS (tels que React, Node.JS, Vue.js, Angular, etc. &#8211; d\u00e9tails ci-dessous)<\/li>\n<li>Approche &#8220;Clean Code&#8221;<\/li>\n<li>Analyse rapide ! Y compris l&#8217;analyse incr\u00e9mentale (uniquement sur le code modifi\u00e9) et l&#8217;analyse multithread pour une utilisation optimale des ressources informatiques<\/li>\n<li>D\u00e9tection des bugs li\u00e9s \u00e0 la s\u00e9curit\u00e9 de l&#8217;information<\/li>\n<li>Forte int\u00e9gration avec les processus de d\u00e9veloppement et la CI<\/li>\n<li>Int\u00e9gration avec les IDE et les outils de d\u00e9veloppement prenant en charge JavaScript<\/li>\n<li>Support de qualit\u00e9 de la part de l&#8217;\u00e9diteur, y compris des options de support local ou notre service g\u00e9r\u00e9, vous \u00e9vitant d&#8217;avoir \u00e0 g\u00e9rer la maintenance du serveur et les op\u00e9rations courantes<\/li>\n<\/ul>\n<p><span id=\"demo\">&nbsp;<\/span><\/p>\n<h3 class=\"wp-block-heading\">Vid\u00e9o de D\u00e9monstration SonarQube et JS<\/h3>\n<p>Vous trouverez ci-dessous une vid\u00e9o de d\u00e9monstration de SonarQube int\u00e9gr\u00e9 \u00e0 JavaScript.<br \/>Pour votre commodit\u00e9, nous avons ajout\u00e9 des points cl\u00e9s sur la timeline de la vid\u00e9o (cliquables via le lecteur) :<\/p>\n<ul class=\"wp-block-list\">\n<li>13:20 D\u00e9monstration du Clean Code et du &#8220;New Code&#8221; avec JS utilisant SonarQube<\/li>\n<li>18:20 68% des d\u00e9veloppeurs \u00e9crivent en JavaScript<\/li>\n<\/ul>\n<p class=\"has-text-align-center\"><iframe loading=\"lazy\" title=\"YouTube video player\" src=\"https:\/\/www.youtube.com\/embed\/SrySvsiQp6A\" width=\"700\" height=\"393.75\" frameborder=\"0\" allowfullscreen=\"allowfullscreen\"><span data-mce-type=\"bookmark\" style=\"display: inline-block; width: 0px; overflow: hidden; line-height: 0;\" class=\"mce_SELRES_start\">\ufeff<\/span><\/iframe><\/p>\n<p><span id=\"standards\">&nbsp;<\/span><\/p>\n<h3 class=\"wp-block-heading\">Prise en charge d&#8217;un large \u00e9ventail de normes et de frameworks :<\/h3>\n<ul class=\"wp-block-list\">\n<li>\u00c9ditions 3 &amp; 5, ECMAScript 2015 \u00e0 2022<\/li>\n<li>React JSX, Angular, Vue.js, Node.js, Express, Flow<\/li>\n<li>Prise en charge des frameworks de test (Mocha, Chai)<\/li>\n<li>Prise en charge des applications Cloud natives :<br \/>R\u00e8gles AWS CDK d\u00e9di\u00e9es pour trouver les vuln\u00e9rabilit\u00e9s dans les infrastructures cloud d\u00e9crites en JS\/TS<\/li>\n<li>Prise en charge des API de base de donn\u00e9es :<br \/>Sequelize, pg, pg-pool, pg-promise, mysql, mysql2, sqlite3, better-sqlite3, knex, MongoDB node.js, Mongoose ODM<\/li>\n<li>OWASP Top 10<\/li>\n<li>CWE Top 25<\/li>\n<li>SANS Top 25<\/li>\n<li>PCI DSS<\/li>\n<\/ul>\n<p><span id=\"os-compilers\">&nbsp;<\/span><\/p>\n<h3 class=\"wp-block-heading\">Prise en charge de divers syst\u00e8mes d&#8217;exploitation et compilateurs (\u00e9galement pour l&#8217;analyse de code dans d&#8217;autres langages) :<\/h3>\n<ul class=\"wp-block-list\">\n<li>Windows, Linux, macOS<\/li>\n<li>Compilateurs Clang, GCC, MSVC, ARM, QNX<\/li>\n<li>Compilateurs Intel pour Linux, macOS<\/li>\n<li>Compilateurs enti\u00e8rement bas\u00e9s sur GCC, y compris Linaro GCC<\/li>\n<li>Wind River Diab et GCC<\/li>\n<li>Compilateurs IAR pour 8051, ARM, AVR32, AVR, Renesas RL78, Renesas RX, Renesas V850, Renesas H8 et Texas Instruments MSP430<\/li>\n<li>Compilateurs Texas Instruments sous Windows et macOS pour ARM, C2000, C6000, C7000, MSP430, PRU<\/li>\n<\/ul>\n<p><span id=\"pricing\">&nbsp;<\/span><\/p>\n<h3 class=\"wp-block-heading\">Tarifs et informations sur les co\u00fbts<\/h3>\n<p>La plupart des r\u00e8gles d\u00e9tectant les probl\u00e8mes de s\u00e9curit\u00e9 dans le code JavaScript ne sont pas disponibles dans l&#8217;\u00e9dition gratuite (Community Edition) de SonarQube.<br \/>La prise en charge compl\u00e8te de JavaScript existe dans les \u00e9ditions suivantes : Developer Edition, Enterprise Edition et DataCenter Edition.<br \/>La prise en charge des rapports de s\u00e9curit\u00e9 et de l&#8217;OWASP est disponible uniquement dans l&#8217;\u00e9dition SonarQube Enterprise.<\/p>\n<p>Le prix de SonarQube d\u00e9pend de plusieurs param\u00e8tres. Pour plus de d\u00e9tails sur les diff\u00e9rences entre les \u00e9ditions, <a href=\"https:\/\/www.almtoolbox.com\/blog_he\/sonarqube-editions-differences\/\" target=\"_blank\" rel=\"noopener\">vous pouvez lire l&#8217;article suivant<\/a> ou nous contacter (coordonn\u00e9es ci-dessous).<\/p>\n<h5 class=\"wp-block-heading\"><em>L&#8217;article a \u00e9t\u00e9 publi\u00e9 pour la premi\u00e8re fois en octobre 2024 et nous le mettons \u00e0 jour p\u00e9riodiquement depuis.<\/em><\/h5>\n<h4 class=\"wp-block-heading alm-box\"><em class=\"\">ALM-Toolbox est le distributeur officiel exclusif de SonarSource (\u00e9diteur de SonarQube, SonarCloud et SonarLint) en Isra\u00ebl et dans d&#8217;autres pays.<br \/>Nous fournissons des services g\u00e9r\u00e9s, du support, de la formation, du conseil et des licences pour SonarQube et une vari\u00e9t\u00e9 d&#8217;outils de d\u00e9veloppement et DevOps compl\u00e9mentaires.<br \/><strong>Pour plus de d\u00e9tails, contactez-nous \u00e0 <a href=\"mailto:sonarqube@almtoolbox.com\" target=\"_blank\" rel=\"noopener\">sonarqube@almtoolbox.com<\/a>&nbsp;ou par t\u00e9l\u00e9phone au +972-72-240-5222<\/strong><\/em><\/h4>\n<h3 class=\"wp-block-heading\">Liens utiles :<\/h3>\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/www.almtoolbox.com\/il\/sonarqube\" target=\"_blank\" rel=\"noopener\">Site Web SonarQube<\/a><\/li>\n<li><a title=\"How SonarQube helps developers and R&#038;D managers?\" href=\"https:\/\/www.almtoolbox.com\/blog_he\/what-in-sonarqube-developers-rnd-managers\/\" target=\"_blank\" rel=\"bookmark noopener\">Comment SonarQube aide les d\u00e9veloppeurs et les responsables R&#038;D ?<\/a><\/li>\n<li><a href=\"https:\/\/www.almtoolbox.com\/blog_he\/sonarqube-webinar-feb-2024\/\" target=\"_blank\" rel=\"noopener\">Enregistrement du Webinaire : Pr\u00e9sentation de SonarQube et Nouveaut\u00e9s<\/a> (2025)<\/li>\n<li><a href=\"https:\/\/www.almtoolbox.com\/blog_he\/sonarqube-dell-webinar\" target=\"_blank\" rel=\"noopener\">Enregistrement du Webinaire avec t\u00e9moignage client : SonarQube chez Dell<\/a> (H\u00e9breu)<\/li>\n<li><a href=\"https:\/\/www.almtoolbox.com\/blog_he\/sonarqube-enterprise-webinar\/\" target=\"_blank\" rel=\"noopener\">Enregistrement du Webinaire &#8211; Explications sur SonarQube et la s\u00e9curit\u00e9 du code<\/a> (H\u00e9breu)<\/li>\n<li><a href=\"https:\/\/www.almtoolbox.com\/blog_he\/sonarqube-and-java\" target=\"_blank\" rel=\"noopener\">Explications sur le support de Java par SonarQube<\/a><\/li>\n<li><a href=\"https:\/\/www.almtoolbox.com\/blog_he\/sonarqube-and-csharp\/\" target=\"_blank\" rel=\"noopener\">Explications sur le support de C# par SonarQube<\/a><\/li>\n<li><a href=\"https:\/\/www.almtoolbox.com\/blog_he\/sonarqube-cpp\" target=\"_blank\" rel=\"noreferrer noopener\">Explications sur le support de C++ par SonarQube<\/a><\/li>\n<li><a href=\"https:\/\/docs.sonarsource.com\/sonarqube\/latest\/\" target=\"_blank\" rel=\"noopener\">Site Web de l&#8217;\u00e9diteur<\/a> (Technique)<\/li>\n<\/ul>\n<h5 class=\"wp-block-heading\">&nbsp;<\/h5>\n<h5 class=\"wp-block-heading\">&nbsp;<\/h5>\n","protected":false},"excerpt":{"rendered":"<p>SonarQube propose une analyse statique de code (SAST) pour de nombreux langages, JavaScript (JS) \u00e9tant l&#8217;un des plus populaires. L&#8217;outil d\u00e9tecte les bugs, les vuln\u00e9rabilit\u00e9s de s\u00e9curit\u00e9, les hotspots et les code smells.&hellip; <a class=\"more-link\" href=\"https:\/\/www.almtoolbox.com\/fr\/blog\/sonarqube-and-javascript\/\">Continue reading <span class=\"screen-reader-text\">SonarQube et JavaScript<\/span> <span class=\"meta-nav\" aria-hidden=\"true\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":4,"featured_media":2143,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[42,261,117],"tags":[302,303,304,55],"class_list":["post-2144","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-devops","category-javascript","category-sonarqube","tag-cwe","tag-js","tag-owasp","tag-vulnerabilities"],"_links":{"self":[{"href":"https:\/\/www.almtoolbox.com\/fr\/blog\/wp-json\/wp\/v2\/posts\/2144","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.almtoolbox.com\/fr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.almtoolbox.com\/fr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.almtoolbox.com\/fr\/blog\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.almtoolbox.com\/fr\/blog\/wp-json\/wp\/v2\/comments?post=2144"}],"version-history":[{"count":1,"href":"https:\/\/www.almtoolbox.com\/fr\/blog\/wp-json\/wp\/v2\/posts\/2144\/revisions"}],"predecessor-version":[{"id":2146,"href":"https:\/\/www.almtoolbox.com\/fr\/blog\/wp-json\/wp\/v2\/posts\/2144\/revisions\/2146"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.almtoolbox.com\/fr\/blog\/wp-json\/wp\/v2\/media\/2143"}],"wp:attachment":[{"href":"https:\/\/www.almtoolbox.com\/fr\/blog\/wp-json\/wp\/v2\/media?parent=2144"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.almtoolbox.com\/fr\/blog\/wp-json\/wp\/v2\/categories?post=2144"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.almtoolbox.com\/fr\/blog\/wp-json\/wp\/v2\/tags?post=2144"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}