JS rule flagging some code that may be ok

mehulkar · March 17, 2021, 9:11am

SonarQube server 8.5.1 (Enterprise 8.5.1.38104)
JavaScript/TypeScript Code Quality and Security 6.5.0.13383 (javascript)
sonar-scanner: 3.3.0.1492

This code is flagged as a bug due to the rule “Objects should not be created to be dropped immediately without being used”.

function isValidURL(url) {
  try {
    new URL(url);
    return true;
  } catch (e) {
    return false;
  }
}

This is somewhat ok code for testing a string whether it’s a valid URL. The URL constructor will throw on invalid URLs.

I wonder if there’s a way to test if a try/catch is being purposefully used to return a boolean, so that it could be inferred that it’s intentional? Or maybe it’s just new URL() that could be special cased?

Yassin · April 14, 2021, 8:18am

Hello @mehulkar,

Thank for your message, and sorry for the delay.

We recently added an exception to the rule for such use of constructors in try-catch constructs. The exception has been implemented, and the new version of the rule will be part of the upcoming SonarQube 8.9 LTS release.

Best,
Yassin

Topic		Replies	Views
PHP RSPEC-1848 inside a try catch Report False-positive / False-negative... sonarqube	4	319	June 29, 2023
SonarQubeScanner-2.12 scans js files. Throw an exception that the file cannot be parsed SonarQube Server / Community Build javascript , scanner , bug-no-category	1	555	July 9, 2021
RSPEC-1125 does not follow modern exception throwing Report False-positive / False-negative... csharp , sonarqube	1	395	August 23, 2022
About the Report False-positive / False-negative... category Report False-positive / False-negative...	5	1759	March 23, 2022
java:S5411 after constructor call SonarQube Server / Community Build java , false-positive	7	889	October 31, 2022

JS rule flagging some code that may be ok

Related topics