The UpgradeJS Blog

SonarQube is an open-source platform developed by SonarSource that provides continuous inspection of code quality through static code analysis.

There are two ways to set up SonarQube analysis - you can select from the cloud solution (sonarcloud) or install a SonarQube instance on your machine or a remote server. Today we will cover setting up a local SonarQube instance to analyze your code.

Node.js has always been an essential part of the tech stack for many companies and developers. And here at OmbuLabs and UpgradeJS we use it too, due to its efficiency, scalability, and the robust ecosystem it provides.

Recently, the Node.js team released version 20, bringing with it a host of new features and improvements. In this post, we’ll highlight some notable changes and explain why and how to upgrade to Node.js 20.x.

In this article, we’ll cover essential steps, from backing up data to performing the upgrade of your servers, to ensure a successful upgrade of Node.js. These steps can be applied to any version, whether you’re moving between older versions or upgrading to the latest stable release.

By following these steps, you can avoid potential issues, such as data loss or compatibility problems, and ensure a smooth process.

In a previous post, I covered some useful static code analysis tools for getting a sense of the size of a Node.js application, as well as the health of its external dependencies. This post will continue to look at static analysis tools, with a focus on understanding and visualizing the application’s architecture, patterns (good and bad), and internal dependencies.

My team and I were upgrading an OSS project for research purposes, and this blog was written after the actual upgrade was done. Here we will highlight why the step of inspecting the application with SonarQube-like tool is essential and what we missed because we should have checked it during the upgrade project.

Whether you’re joining a team to work on an existing application, or just want to get a better idea of the status of the application you’ve been working on for a while, static analysis tools can help.

These tools can provide you with a better sense of the size and scope of your application, its architecture, and provide insight into areas of importance, high complexity, low test coverage or poor testability, and more.

Of course, these tools are no substitute for human review and team discussion, but they certainly can be used to expedite that process.

In the fast-paced world of software development, keeping track of dependencies and ensuring they are compatible with the latest version of Node can be a daunting task. This is where depngn comes in - a powerful CLI tool designed to help developers determine if their dependencies support a specific version of Node.