How to tell SonarQube that I am not using React?

jesperkristensen · May 3, 2023, 11:37am

We have started using SolidJS for frontend development, and SonarQube gives us a lot of React-specific warnings (e.g. typescript:S6478 and typescript:S6481), but we are not using React at all.

How do I set up our code, so SonarQube knows that I am not using React, so it can stop telling me to change my SolidJS components into React components?

Here is an example:

import { type JSXElement, createSignal } from "solid-js";

export function Component1(props: { something: (count: number) => JSXElement }) {
    const [count, setCount] = createSignal(0);
    return <div>
        {props.something(count())}
        <button onClick={() => setCount(prev => prev + 1)}>Increment</button>
    </div>
}

export function Component2() {
    return <Component1 something={count => <h1>{count}</h1>}></Component1>
}

SonarQube and SonarLint gives this warning on the example:

“Do not define components during render. React will see a new component type on every render and destroy the entire subtree’s DOM nodes and state. Instead, move this component definition out of the parent component “Component2” and pass data as props. If you want to allow component creation in props, set allowAsProps option to true.sonarlint(typescript:S6478)”

Using SonarQube 9.x and SonarLint v3.17.0 for VS Code. We cannot use Connected Mode, so please don’t suggest solutions that require Connected Mode.

Colin · May 5, 2023, 6:24am

Hey there.

Which specific version of SonarQube v9.x?

jesperkristensen · May 8, 2023, 7:37am

Enterprise Edition Version 9.9 (build 65466)

victor.diez · May 12, 2023, 10:03am

Hello @jesperkristensen,

thanks for reporting this. Indeed there are some rules which we need to improve React detection before raising an issue. I’ve created a ticket to fix this.

In the meantime, I would recommend you to disable that rule in your profile.

Cheers,
Victor

jesperkristensen · May 12, 2023, 10:11am

Thanks. I will look forward to that. Is there any configuration file or annotation I can put in my Git repository to “disable that rule in my profile”?

victor.diez · May 12, 2023, 11:55am

Hi @jesperkristensen,

either you can disable it in your SonarQube quality profile (if you are not using your own custom one you may need to create one) or follow this instructions: Narrowing the focus with analysis scope

Cheers,
Victor

jesperkristensen · May 12, 2023, 12:30pm

So I guess you say it is not possible? (I don’t have access to make changes in the SonarQube UI, I only have access to make changes in my Git repository.)

victor.diez · May 15, 2023, 8:27am

Hello @jesperkristensen,

depending on how your CI pipeline is configured it’s possible you can change the scanner properties from the very same repository. In any case, I would recommend you to contact your SonarQube or IT OPS admin to help you with the SQ or Scanner configuration, as it all depends on your CI setup.

Cheers,
Victor