Product
Introducing Webhook Events for Pull Request Scans
Add real-time Socket webhook events to your workflows to automatically receive pull request scan results and security alerts in real time.
By Jeppe Hasseriis -  Oct 22, 2025
🚀 DAY 2 OF LAUNCH WEEK: Unify Your Security Stack with Socket Basics.Learn more →
vitest-sonar-reporter
Advanced tools
vitest-sonar-reporter
Live examples | Installation | Configuration | Code coverage | Examples
Generates Generic Execution reports from vitest tests for SonarQube to analyze.
Live examples
- Project with Vitest Workspaces | Stackblitz
- Project with
{ type: "module" }| Stackblitz - Project with
{ type: "commonjs" }| Stackblitz
Installation
vitest-sonar-reporter should be included in development dependencies. vitest is required as peer dependency.
npm install --save-dev vitest-sonar-reporter
Configuration
Add new custom reporter and define outputFile in your vite.config.ts:
import { defineConfig } from 'vitest/config';
export default defineConfig({
test: {
reporters: [
'default', // Vitest's default reporter so that terminal output is still visible
['vitest-sonar-reporter', { outputFile: 'sonar-report.xml' }],
],
},
});
If you are using Vitest below version ^1.3.0 you can define file in test.outputFile:
test: {
reporters: ['json', 'verbose', 'vitest-sonar-reporter'],
outputFile: {
json: 'my-json-report.json',
'vitest-sonar-reporter': 'sonar-report.xml',
},
},
Instruct SonarQube to pick report in your sonar-project.properties:
sonar.testExecutionReportPaths=sonar-report.xml
Options
You can pass additional options to reporter. Note that this requires vitest@^1.3.0.
silent
Silence reporter's verbose logging.
test: {
reporters: [
['vitest-sonar-reporter', { silent: true }]
],
}
onWritePath
Rewrite path attribute of <file>. This can be useful when you need to change relative paths of the files.
test: {
reporters: [
['vitest-sonar-reporter', {
onWritePath(path: string) {
// Prefix all paths with root directory
// e.g. '<file path="test/math.ts">' to '<file path="frontend/test/math.ts">'
return `frontend/${path}`;
}
}]
],
}
<testExecutions version="1">
- <file path="test/math.ts">
+ <file path="frontend/test/math.ts">
<testCase name="multiply" duration="123" />
</file>
</testExecutions>
outputFile
Location for the report.
test: {
reporters: [
['vitest-sonar-reporter', { outputFile: 'sonar-report.xml' }]
],
}
Code Coverage
This reporter does not process code coverage - Vitest already supports that out-of-the-box!
Simply configure vitest to output LCOV reports and instruct SonarQube to pick these reports.
test: {
coverage: {
reporters: 'lcov',
},
},
sonar.javascript.lcov.reportPaths=./coverage/lcov.info
Examples
Workspace
See examples/example-workspace for example setup using Vitest Workspaces.
Basic
import { describe, expect, test } from 'vitest';
describe('animals', () => {
test('dogs say woof', () => {
const dog = { say: () => 'woof' };
expect(dog.say()).toBe('woof');
});
test.todo('figure out what rabbits say', () => {
const rabbit = { say: () => '????' };
expect(rabbit.say()).toBe('?');
});
describe('flying ones', () => {
test('cats can fly', () => {
const cat = { fly: () => false };
expect(cat.fly()).toBe(true);
});
test('birds can fly', () => {
const bird = { fly: () => true };
expect(bird.fly()).toBe(true);
});
});
});
<?xml version="1.0" encoding="UTF-8"?>
<testExecutions version="1">
<file path="test/animals.test.ts">
<testCase name="animals - dogs say woof" duration="2" />
<testCase name="animals - figure out what rabbits say" duration="0">
<skipped message="figure out what rabbits say" />
</testCase>
<testCase name="animals - flying ones - cats can fly" duration="4">
<failure message="expected false to be true // Object.is equality">
<![CDATA[AssertionError: expected false to be true // Object.is equality
at /workspaces/example/test/animals.test.ts:15:47
at /workspaces/example/node_modules/vitest/dist/chunk-runtime-chain.7032872a.js:82:26
at runTest (/workspaces/example/node_modules/vitest/dist/entry.js:771:40)
at async runSuite (/workspaces/example/node_modules/vitest/dist/entry.js:836:13)
at async runSuite (/workspaces/example/node_modules/vitest/dist/entry.js:836:13)
at async runSuite (/workspaces/example/node_modules/vitest/dist/entry.js:836:13)
at async runFiles (/workspaces/example/node_modules/vitest/dist/entry.js:873:5)
at async startTests (/workspaces/example/node_modules/vitest/dist/entry.js:879:3)
at async /workspaces/example/node_modules/vitest/dist/entry.js:906:7
at async withEnv (/workspaces/example/node_modules/vitest/dist/entry.js:503:5)]]>
</failure>
</testCase>
<testCase name="animals - flying ones - birds can fly" duration="5" />
</file>
</testExecutions>
FAQs
SonarQube reporter for Vitest
The npm package vitest-sonar-reporter receives a total of 104,028 weekly downloads. As such, vitest-sonar-reporter popularity was classified as popular.
We found that vitest-sonar-reporter demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 05 Aug 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Malicious NuGet Packages Typosquat Nethereum to Exfiltrate Wallet Keys
The Socket Threat Research Team uncovered malicious NuGet packages typosquatting the popular Nethereum project to steal wallet keys.
By Kirill Boychenko -  Oct 22, 2025
Product
Unify Your Security Stack with Socket Basics
A single platform for static analysis, secrets detection, container scanning, and CVE checks—built on trusted open source tools, ready to run out of the box.
By Douglas Coburn, Eli Insua -  Oct 21, 2025