False Positive: "alert(...)" should not be used

javascript

(Ingolfur Stangeland) #1

When alert, confirm and prompt are defined as functions, SonarQube doesn’t recognize they are functions rather than debug statements.

  • SonarQube 7.3, sonar-scanner-3.2.0.1227-linux scanning JavaScript
confirm({
			title: 'Close account',
			message: Lang.get(
				'account.profile.disableUser Are you sure you want to disable your account?',
			),
			confirm: 'Disable user',
			danger: true,
			keyword: Meteor.user().username,
		}).then(({ confirmed }) => { 

(Elena Vilchik) #2

Let me rephrase you to make sure I’ve understood you correctly:
While the rule is supposed to raise issue for built-in alert, confirm etc, it also raises for same-named user-defined functions.

Indeed rule implementation is trivial and only checks callee name.

This ticket will fix your problem https://github.com/SonarSource/SonarJS/issues/1078


(Ingolfur Stangeland) #3

thanks, looks good :slight_smile: