New rules for JavaScript and TypeScript, improvements for React Redux, SAP UI5, and more!

JavaScript and TypeScript

New rules

  • S5148: Detects risky uses of without a noopener argument. This can be used to create phishing attacks in some circumstances.
  • S4125: Detects when typeof is used with an invalid value. This helps a lot with small typos that are hard to see otherwise.
  • S6397: Detects superfluous character classes in RegExp when you are only matching one character. This makes the regular expression easier to read by removing the unnecessary [ and ] characters.


  • S1788: No longer produces false positives for React Redux projects, where an initial state is commonly used as a default value of the state argument in a reducer. Small change but a big relief for Redux projects.
  • S3616: No longer raises warnings on expressions in the case’s of a switch(true) pattern. Use it wisely though!
  • S2259: Is now smarter detecting cases where calling a property of a null or undefined value would produce an error.
  • When using the SAP UI5 framework, we no longer raise a warning for the global variable sap. We know you’re out there SAP developers.


  • S4666: No longer raises false positives in SCSS when string interpolation is used in selectors.

Other updates

These improvements are available on SonarCloud, in the SonarQube 9.6 release and in the next SonarLint releases.

Please share any feedback. Enjoy!