SonarCloud reported issues to be reflected in VSCode

Is there a way to configure VSCode SonarLint to show SonarCloud reported issues for a specific branch (eg. dev) inside VSCode?
Eg., javascript:S3796 rule is being reported in SonarCloud, but not in SonarLint VSCode extension, so if per file scans do not work, would it make sense to somehow get the list of reported issues from SonarCloud and map to local project files?

I’ve configured SonarLint VSCode extension with:
for user settings:

"sonarlint.connectedMode.connections.sonarcloud": [
        {
            "organizationKey": "---my org---",
            "token": "---my token---"
        }
    ]

for project settings:

"sonarlint.connectedMode.project": {
        "projectKey": "some_key"
 },

But getting only some issues reported, eg. sonarlint(javascript:S1788), but not javascript:S3796.
What’s the difference?

• ALM used (GitHub)
• CI system used (Jenkins)
• Languages of the repository (javascript/typescript)

Hello @Vytautas_Vitkus, welcome to the community! And thank you for your report.

I managed to reproduce this behavior with the latest SonarLint in connected mode with SonarCloud.

This is definitely not expected, since the underlying JavaScript analyzer should work pretty much the same way in SonarLint and during SonarCloud analysis.

Would you mind setting both sonarlint.output.showAnalyzerLogs and sonarlint.output.showVerboseLogs to true in your VSCode user settings and post the contents of the SonarLint output?

Redacted the company & project strings, but here’s the output, hope that helps:

Executing /usr/bin/java -jar /Users/vytautas.vitkus/.vscode/extensions/sonarsource.sonarlint-vscode-1.19.0/server/sonarlint-ls.jar 59205 file:///Users/vytautas.vitkus/.vscode/extensions/sonarsource.sonarlint-vscode-1.19.0/analyzers/sonarjava.jar file:///Users/vytautas.vitkus/.vscode/extensions/sonarsource.sonarlint-vscode-1.19.0/analyzers/sonarjs.jar file:///Users/vytautas.vitkus/.vscode/extensions/sonarsource.sonarlint-vscode-1.19.0/analyzers/sonarphp.jar file:///Users/vytautas.vitkus/.vscode/extensions/sonarsource.sonarlint-vscode-1.19.0/analyzers/sonarpython.jar file:///Users/vytautas.vitkus/.vscode/extensions/sonarsource.sonarlint-vscode-1.19.0/analyzers/sonarhtml.jar
[stdout] Binding to 59205
Child process connected on port 59205
[Debug - 10:48:01.565] Enabling notifications for project 'MyCompany_my_project' on connection '<default>'
[Debug - 10:48:01.573] Default settings updated: WorkspaceFolderSettings[analyzerProperties={},testFilePattern=,connectionId=<default>,projectKey=MyCompany_my_project]
[Debug - 10:48:01.678] Create : /Users/vytautas.vitkus/.sonarlint/plugins
[Debug - 10:48:01.682] Plugin cache: /Users/vytautas.vitkus/.sonarlint/plugins
[Debug - 10:48:01.682] Create : /Users/vytautas.vitkus/.sonarlint/plugins/_tmp
[Debug - 10:48:01.686] Create : /Users/vytautas.vitkus/.sonarlint/plugins
[Debug - 10:48:01.686] Plugin cache: /Users/vytautas.vitkus/.sonarlint/plugins
[Debug - 10:48:01.687] Create : /Users/vytautas.vitkus/.sonarlint/plugins/_tmp
[Debug - 10:48:01.726] Load plugins
[Debug - 10:48:01.809] Load plugins (done) | time=82ms
[Debug - 10:48:01.899] Plugins:
[Debug - 10:48:01.899]   * License for SonarLint 8.0.0.16607 (license)
[Debug - 10:48:01.900]   * Python Code Quality and Security 3.1.0.7619 (python)
[Debug - 10:48:01.900]   * Java Code Quality and Security 6.11.0.24617 (java)
[Debug - 10:48:01.900]   * HTML Code Quality and Security 3.3.0.2534 (web)
[Debug - 10:48:01.900]   * PHP Code Quality and Security 3.14.0.6990 (php)
[Debug - 10:48:01.900]   * Apex Code Quality and Security 1.8.2.1946 (sonarapex)
[Debug - 10:48:01.901]   * JavaScript/TypeScript Code Quality and Security 7.1.0.14721 (javascript)
[Debug - 10:48:01.901]   * PL/SQL Code Quality and Security 3.5.1.3594 (plsql)
[Info  - 10:48:01.911] Using storage for server '<default>' (last update 1/22/21 3:47 PM)
[Debug - 10:48:01.925] Load plugins
[Debug - 10:48:01.954] Load plugins (done) | time=29ms
[Debug - 10:48:01.987] Plugins:
[Debug - 10:48:01.995]   * Python Code Quality and Security 3.1.0.7619 (python)
[Debug - 10:48:01.995]   * Java Code Quality and Security 6.10.0.24201 (java)
[Debug - 10:48:01.995]   * HTML Code Quality and Security 3.3.0.2534 (web)
[Debug - 10:48:01.996]   * PHP Code Quality and Security 3.13.0.6849 (php)
[Debug - 10:48:01.996]   * JavaScript/TypeScript Code Quality and Security 7.0.1.14561 (javascript)
[Debug - 10:48:02.678] SonarLint engine started for connection '<default>'
[Debug - 10:48:04.434] Standalone SonarLint engine started
[Debug - 10:48:08.038] Resolved binding ProjectBinding[projectKey=MyCompany_my_project,sqPathPrefix=,idePathPrefix=] for folder /Users/vytautas.vitkus/src/my_project
[Info  - 10:48:08.099] Analyzing file 'file:///Users/vytautas.vitkus/src/my_project/source/packages/gtm/asm/actions.js'...
[Debug - 10:48:08.100] Analysis triggered on 'file:///Users/vytautas.vitkus/src/my_project/source/packages/gtm/asm/actions.js' with configuration: 
[
  projectKey: MyCompany_my_project
  baseDir: /Users/vytautas.vitkus/src/my_project
  extraProperties: {}
  inputFiles: [
    file:///Users/vytautas.vitkus/src/my_project/source/packages/gtm/asm/actions.js (UTF-8) [js]
  ]
]

[Debug - 10:48:08.157] Start analysis
[Info  - 10:48:08.174] Index files
[Debug - 10:48:08.178] Language of file 'file:///Users/vytautas.vitkus/src/my_project/source/packages/gtm/asm/actions.js' is set to 'JavaScript'
[Info  - 10:48:08.184] 1 file indexed
[Debug - 10:48:08.260] Available languages:
[Debug - 10:48:08.260]   * Python => "py"
[Debug - 10:48:08.260]   * Java => "java"
[Debug - 10:48:08.260]   * HTML => "web"
[Debug - 10:48:08.260]   * JSP => "jsp"
[Debug - 10:48:08.260]   * PHP => "php"
[Debug - 10:48:08.260]   * Apex => "apex"
[Debug - 10:48:08.260]   * JavaScript => "js"
[Debug - 10:48:08.261]   * TypeScript => "ts"
[Debug - 10:48:08.261]   * PL/SQL => "plsql"
[Debug - 10:48:08.261] Quality profiles:
[Debug - 10:48:08.268]   * apex: 'Sonar way' (38 rules)
[Debug - 10:48:08.272]   * java: 'Sonar way' (425 rules)
[Debug - 10:48:08.274]   * js: 'Sonar way' (106 rules)
[Debug - 10:48:08.275]   * jsp: 'Sonar way' (0 rules)
[Debug - 10:48:08.276]   * php: 'TGo' (134 rules)
[Debug - 10:48:08.278]   * plsql: 'Sonar way' (130 rules)
[Debug - 10:48:08.279]   * py: 'Sonar way' (126 rules)
[Debug - 10:48:08.281]   * ts: 'Sonar way' (94 rules)
[Debug - 10:48:08.281]   * web: 'Sonar way' (27 rules)
[Debug - 10:48:09.103] 'JavaSquidSensor' skipped because there is no related file in current project
[Debug - 10:48:09.104] 'Python Sensor' skipped because there is no related file in current project
[Debug - 10:48:09.105] Execute Sensor: JavaXmlSensor
[Debug - 10:48:09.106] Execute Sensor: HTML
[Debug - 10:48:09.110] 'PHP sensor' skipped because there is no related file in current project
[Debug - 10:48:09.110] 'Analyzer for "php.ini" files' skipped because there is no related file in current project
[Debug - 10:48:09.110] 'Apex Sensor' skipped because there is no related file in current project
[Debug - 10:48:09.111] Execute Sensor: JavaScript analysis
[Debug - 10:48:09.112] Deploying bundle
[Debug - 10:48:09.112] Deploying eslint-bridge into /Users/vytautas.vitkus/.sonarlint/work/.sonartmp_260967258500272088/eslint-bridge-bundle
[Debug - 10:48:12.050] Deploying bundle (done) | time=2938ms
[Debug - 10:48:12.050] Starting server
[Warn  - 10:48:12.052] No workDir in SonarLint
[Info  - 10:48:12.053] Using Node.js executable /usr/local/bin/node from property sonar.nodejs.executable.
[Debug - 10:48:12.053] Checking Node.js version
[Debug - 10:48:12.055] Launching command /usr/local/bin/node -v
[Debug - 10:48:12.069] Using Node.js v15.5.1.
[Debug - 10:48:12.069] Starting Node.js process to start eslint-bridge server at port 59275
[Debug - 10:48:12.069] Launching command /usr/local/bin/node /Users/vytautas.vitkus/.sonarlint/work/.sonartmp_260967258500272088/eslint-bridge-bundle/package/bin/server 59275 127.0.0.1 /Users/vytautas.vitkus/src/my_project true 
[Debug - 10:48:12.942] starting eslint-bridge server at port 59275
[Debug - 10:48:12.948] eslint-bridge server is running at port 59275
[Debug - 10:48:13.022] Starting server (done) | time=972ms
[Warn  - 10:48:13.023] Generating temporary tsconfig is not supported in SonarLint context.
[Info  - 10:48:13.023] 1 source files to be analyzed
[Debug - 10:48:13.046] initializing linter with for-loop-increment-sign,no-accessor-field-mismatch,no-collection-size-mischeck,unverified-certificate,no-empty-collection,no-unthrown-error,updated-const-var,no-globals-shadowing,null-dereference,unverified-hostname,no-extra-arguments,no-redeclare,post-message,no-octal,no-element-overwrite,weak-ssl,no-useless-increment,no-same-line-conditional,conditional-indentation,no-use-of-empty-return-value,session-regeneration,no-associative-arrays,super-invocation,no-try-promise,no-weak-keys,comma-or-logical-or-case,label-position,no-with,no-unused-collection,no-global-this,no-sequences,no-array-delete,no-alphabetical-sort,inconsistent-function-call,file-uploads,no-inverted-boolean-check,xml-parser-xxe,default-param-last,non-existent-operator,new-operator-misuse,no-sparse-arrays,no-equals-in-for-termination,no-invalid-await,no-infinite-loop,array-callback-without-return,prefer-default-last,no-primitive-wrappers,no-gratuitous-expressions,no-empty-pattern,sonar-no-fallthrough,no-dupe-keys,file-name-differ-from-class,no-self-assign,no-new-symbol,no-dupe-args,no-small-switch,prefer-while,no-unsafe-finally,sonar-no-unused-vars,index-of-compare-to-positive-number,argument-type,in-operator-type-error,no-unreachable,no-identical-expressions,no-useless-catch,future-reserved-words,bitwise-operators,no-shadow,no-extra-semi,no-redundant-parentheses,no-unenclosed-multiline-block,no-unused-expressions,call-argument-line,no-empty,generator-without-yield,no-ignored-return,no-duplicated-branches,no-one-iteration-loop,use-isnan,max-switch-cases,no-unsafe-negation,function-inside-loop,no-multi-str,unused-import,prefer-single-boolean-return,no-delete-var,encryption-secure-mode,no-return-in-setter,no-weak-cipher,no-identical-conditions,different-types-comparison,no-all-duplicated-branches,no-case-label-in-switch,no-misleading-array-reverse,no-redundant-assignments,insecure-jwt-token,no-dead-store,no-invariant-returns,no-implicit-global
[Info  - 10:48:13.054] Version of TypeScript used during analysis: 3.8.3
[Debug - 10:48:13.144] Saving issue for rule default-param-last on line 27
[Debug - 10:48:13.146] Initializing metadata of file file:///Users/vytautas.vitkus/src/my_project/source/packages/gtm/asm/actions.js
[Info  - 10:48:13.357] 1/1 source files have been analyzed
[Debug - 10:48:13.358] 'TypeScript analysis' skipped because there is no related file in current project
[Debug - 10:48:13.358] 'PL/SQL Sensor' skipped because there is no related file in current project
[Debug - 10:48:13.361] fetchServerIssues projectKey=MyCompany_my_project, ideFilePath=source/packages/gtm/asm/actions.js
[Debug - 10:48:14.118] GET 200 https://sonarcloud.io/batch/issues?key=MyCompany_my_project%3Asource%2Fpackages%2Fgtm%2Fasm%2Factions.js | response time=710ms
[Debug - 10:48:14.122] Downloaded issues in 714ms
[Info  - 10:48:14.168] Found 1 issue(s)
[Debug - 10:49:01.923] GET 200 https://sonarcloud.io/api/developers/search_events?projects=MyCompany_my_project&from=2021-01-25T10%3A49%3A01%2B0200 | response time=346ms

Hey, thanks for the detailed log extract!

I notice this line that could have an impact:

[Warn  - 10:48:13.023] Generating temporary tsconfig is not supported in SonarLint context.

IIRC our JavaScript analyzer relies on the TypeScript compiler infrastructure to build semantic information, even for JS files; and to do so, it generates a temporary tsconfig.json on-the-fly that allows it to parse JS with the default runtime’s type definitions, such as Array - and the API to generate temporary files is not available in the SonarLint context.

My hypothesis here is that since the analyzer has trouble finding the right type(s), it is not raising the expected issues for rule javascript:S3796.

Is there anything I can do to provide the types to the analyzer to test the theory or would this require some adjustments to SonalLint on your side?

I tried to roll my own tsconfig.json file in a pure-JS project, but it seems like it did not get picked up by the analyzer.

I need to get in touch with the team responsible for development of the analyzer. Rest assured we’ll come back here once we are aligned on the best way to address this!