False Positive: "alert(...)" should not be used

istangeland · August 31, 2018, 8:29pm

When alert, confirm and prompt are defined as functions, SonarQube doesn’t recognize they are functions rather than debug statements.

SonarQube 7.3, sonar-scanner-3.2.0.1227-linux scanning JavaScript

confirm({
			title: 'Close account',
			message: Lang.get(
				'account.profile.disableUser Are you sure you want to disable your account?',
			),
			confirm: 'Disable user',
			danger: true,
			keyword: Meteor.user().username,
		}).then(({ confirmed }) => {

Lena · September 28, 2018, 2:48pm

Let me rephrase you to make sure I’ve understood you correctly:
While the rule is supposed to raise issue for built-in alert, confirm etc, it also raises for same-named user-defined functions.

Indeed rule implementation is trivial and only checks callee name.

This ticket will fix your problem https://github.com/SonarSource/SonarJS/issues/1078

istangeland · October 10, 2018, 2:27pm

thanks, looks good