False Positives in Duplications Check

srudavath · August 6, 2024, 8:39pm

Hello,
It is observed in multiples instances on our Sonar cloud that there are False Positives in the duplication check. This false duplications are impacting code coverage results and hence need to mitigate these false positives or have control over to manage them.

Bachri_Abdel · August 6, 2024, 11:35pm

HI @srudavath,

Detecting code duplication is not an easy task. The algorithms are continually improved but remain imperfect. To get around this weakness, you have the code duplication exclusion with the sonar.cpd.exclusions parameter.

srudavath · August 23, 2024, 6:58pm

Thanks for the response. Just trying to understand why would Sonar complain block 1 is the duplicate of block 2 below where the pattern of them are similar but having different values. Could you help to understand if this is categorized as a bug from Sonar or any other way to fix?

Block 1:
this.gridColumns = [
{
title: ‘UPLOAD DATE’,
field: ‘createdTs’,
type: ‘date-time’,
widthStyle: { width: ‘20%’ },
},
{
title: ‘FILE NAME’,
field: ‘fileName’,
type: ‘text’,
widthStyle: { width: ‘30%’ },
},
{
title: ‘CREATED BY’,
field: ‘createdBy’,
type: ‘text’,
widthStyle: { width: ‘20%’ },
}

Block 2:

this.columns = [
{
title: ‘STORE NAME’,
field: ‘storeName’,
type: ‘text’,
widthStyle: { width: ‘12%’ },
},
{ field: ‘dmc’, title: ‘dmc’, type: ‘text’, widthStyle: { width: ‘10%’ } },
{
title: ‘NAME’,
field: ‘name’,
type: ‘text’,
widthStyle: { width: ‘20%’ },
},
{
title: ‘PHONE#’,
field: ‘phone’,
type: ‘phone’,
widthStyle: { width: ‘9%’ },
}

Bachri_Abdel · August 24, 2024, 10:53am

Hi @srudavath,
This article is about how SonarQube defines executable lines of code
It discusses what is considered executable code and what is not. Executable lines are used to calculate missing test coverage. Each line of code containing a statement is usually considered executable, with some exceptions. Some examples of non-executable code are method signatures, package statements, and variable declarations.

In the context of your previous question about SonarQube reporting variable assignments as code duplication, this article explains why this happens. SonarQube’s scanning algorithm only considers the left-hand side of an assignment (the variable name) as executable code, not the right-hand side (the assigned value). This means that if you have multiple lines assigning values to the same variable, they will be considered duplicates even if the values are different.

Let me know if you have other questions!