SonarCloud reports false unused imports in Vue3

  • ALM used: Azure DevOps
  • CI system used: Azure DevOps
  • Scanner command used when applicable (private details masked)
    Default Azure DevOps yaml task
  • Languages of the repository
    Typescript + Vue3
  • Error observed
Code Smell: Remove this unused import of 'RouterView'. (javascript:S1128)

I’ve found an older, similar topic for SonarQube:
SonarQube reports false unused imports in Vue3 Composition API - Clean Code / Report False-positive / False-negative… - Sonar Community (sonarsource.com)
And some related GitHub issues:
FP S1128 (unused-import): consider imported symbols used in Vue.js SFC templates · Issue #2818 · SonarSource/SonarJS (github.com)
Upgrade vue-eslint-parser dependency · Issue #3233 · SonarSource/SonarJS (github.com)

But currently I’m still seeing this behavior on our new Vue3 project scanned with SonarCloud:

Any ideas if this is related to the old topic/github issue? Or what else could be causing this?

This behavior results in a lot of PR comments, and we will probably have to disable the rule if we can’t fix it.

1 Like
2 Likes

Hi Colin, Thanks for pointing this one out. Would this be active when using SonarCloud immediately? Or is it pending a new release? Our pipeline (using Azure DevOps) reports using version 1.33.0 of the “Run Code Analysis” task and SonarScanner 4.7.0.2747. With those we currently see those same PR comments.

Starting: SonarCloud - Code analysis
==============================================================================
Task         : Run Code Analysis
Description  : Run scanner and upload the results to the SonarCloud server.
Version      : 1.33.0
Author       : sonarsource
Help         : Version: 1.33.0. This task is not needed for Maven and Gradle projects since the scanner should be run as part of the build.```

INFO: SonarScanner 4.7.0.2747

It’s fixed on master but won’t be deployed for a bit. Once v9.10 of GitHub - SonarSource/SonarJS: SonarSource Static Analyzer for JavaScript and TypeScript is cut, it should be deployed to SonarCloud after.

1 Like