Project Discovery
Bob the Fixer automatically analyzes your project structure to detect languages, frameworks, and recommend optimal configurations.
How It Works
When you run a scan or setup, Bob the Fixer's Project Discovery service:
- Scans the project directory for configuration files
- Identifies languages, frameworks, and build tools
- Recommends a quality gate template
- Generates a unique project key
Supported Languages
| Language | Detection Method | Indicators |
|---|---|---|
| JavaScript | package.json | Dependencies, scripts |
| TypeScript | tsconfig.json | Compiler configuration |
| Java | pom.xml, build.gradle | Maven/Gradle projects |
| Python | requirements.txt, pyproject.toml, setup.py, Pipfile | Package files |
| Go | go.mod | Go modules |
| Rust | Cargo.toml | Cargo package |
| C# | *.csproj | .NET project files |
Framework Detection
JavaScript/TypeScript
| Framework | Detection | Indicator |
|---|---|---|
| React | package.json | react dependency |
| Vue | package.json | vue dependency |
| Angular | package.json | @angular/core dependency |
| Next.js | package.json | next dependency |
| Express | package.json | express dependency |
Java
| Framework | Detection | Indicator |
|---|---|---|
| Spring Boot | pom.xml | spring-boot in dependencies |
Python
Detected via package manager files (requirements.txt, pyproject.toml, etc.)
Build Tool Detection
| Language | Build Tools Detected |
|---|---|
| JavaScript/TypeScript | webpack, vite, npm scripts |
| Java | Maven, Gradle |
| Python | pip, Poetry, Pipenv |
| Go | Go Modules |
| Rust | Cargo |
| C# | dotnet |
Using Project Discovery
Via AI Assistant
Analyze this project and tell me what you detect
Uses the sonar_project_discovery tool.
Discovery Options
| Option | Type | Description |
|---|---|---|
path | string | Directory to analyze (defaults to current) |
deep | boolean | Perform deep analysis including dependencies |
Example Output
PROJECT DISCOVERY RESULTS
Project: my-awesome-app
Path: /Users/dev/my-awesome-app
LANGUAGES DETECTED:
- Typescript
- Javascript
Framework: react
Build Tool: vite
Package Manager: npm
RECOMMENDED QUALITY GATE: balanced
QUALITY CONDITIONS:
- new_bugs: LT 1
- new_vulnerabilities: LT 1
- new_blocker_violations: LT 1
- new_critical_violations: LT 1
- new_coverage: LT 60
- new_duplicated_lines_density: GT 5
RECOMMENDED PROJECT KEY: my-awesome-app-a1b2c3d4
NEXT STEPS:
1. Run sonar_auto_setup to configure SonarQube
2. Use sonar_scan_project to analyze code quality
Quality Gate Recommendations
Based on project type, Bob the Fixer recommends appropriate quality gates:
| Project Type | Recommended Template | Reason |
|---|---|---|
| New projects | Strict | Start with high standards |
| Production apps | Strict | Ensure quality |
| Libraries/SDKs | Balanced | Allow some flexibility |
| Legacy code | Permissive | Gradual improvement |
| Prototypes | Permissive | Fast iteration |
Project Key Generation
Bob the Fixer generates unique project keys using:
{project-name}-{path-hash}
Where:
project-name: Lowercase, alphanumeric version of directory namepath-hash: 8-character SHA-256 hash of full path
Example: my-app-a1b2c3d4
This ensures:
- Unique keys across different directories
- Consistent keys for the same project
- Human-readable identification
Multi-Language Projects
For projects with multiple languages, all detected languages are reported:
LANGUAGES DETECTED:
- Typescript
- Javascript
- Python
The primary language (first detected) influences:
- Quality gate selection
- Default exclusion patterns
- Scanner configuration
Monorepo Support
For monorepos, you can run discovery on specific subdirectories:
Analyze the project at packages/frontend
Or use the path option:
{
"path": "./packages/frontend",
"deep": true
}
Deep Analysis
With deep: true, additional analysis includes:
- Dependency tree inspection
- Test framework detection
- CI/CD configuration detection
- Code coverage tool detection
Troubleshooting
"No language detected"
If Bob the Fixer reports generic as the language:
- Ensure configuration files exist (package.json, pom.xml, etc.)
- Check file permissions
- Run with
deep: truefor more thorough detection
Wrong framework detected
The detection is based on dependencies. If multiple frameworks are present, the first match wins. You can override in sonar-project.properties:
sonar.language=typescript
Project key conflicts
If you have multiple projects with the same name in different locations, they'll have different keys due to the path hash.
Next Steps
- Auto Setup - Automatic SonarQube configuration
- Quality Gates - Understanding quality thresholds
- Configuration - Manual configuration options