Continuous Inspection

SonarQube JavaScript 2.14 Released

SonarSource is pleased to announce the release of the SonarQube JavaScript plugin version 2.14.

The version brings support for SonarQube version 5.6, the new Long Term Support version, as well as precise issue location for all rules, and improvements in symbolic execution. Let’s look at some examples:

The advent of precise issue locations means we no longer highlight the entire line when we raise an issue on a line. Instead, we can now highlight only, and precisely that part of the line that’s relevant to the issue being raised. For instance, on line 106, only the declaration of i is highlighted:

Along with precise issue highlighting comes the ability to add secondary highlights to help you understand the context of the issue. So in the example above, you see that the initial declaration of i is also highlighted.

Also in this version are improvements to semantic execution, to help find even trickier bugs. For example, in this case an issue is raised on line 2651 saying that !selector is always false.

We know the condition must always be false because on line 2050, there’s an early return if !(node && selector). Since that translates to !node || !selector, we cannot reach line 2051 if selector is false.

This example’s a little more complex:

Since scope can only be true if view is true (line 6969), and tool can only be true if scope is true (line 6970), that means that tool is true if view is true. Since you can’t get to line 6976, where the issue is raised, unless tool is true, that must necessarily mean that view is true.

This is the type of issue that’s not obvious to the coder at first glace, but is easy to find with JavaScript’s enhanced symbolic execution.

This version additionally offers two new rules:

Please read the release notes for more information. You can install or update it via the Update Center.

Documentation is available on the product page.