SonarCloud reports false unused imports in Vue3

Rules and Languages Report False-positive / False-negative...
, ,
1
  • ALM used: Azure DevOps
  • CI system used: Azure DevOps
  • Scanner command used when applicable (private details masked)
    Default Azure DevOps yaml task
  • Languages of the repository
    Typescript + Vue3
  • Error observed
Code Smell: Remove this unused import of 'RouterView'. (javascript:S1128)

I’ve found an older, similar topic for SonarQube:
SonarQube reports false unused imports in Vue3 Composition API - Clean Code / Report False-positive / False-negative… - Sonar Community (sonarsource.com)
And some related GitHub issues:
FP S1128 (unused-import): consider imported symbols used in Vue.js SFC templates · Issue #2818 · SonarSource/SonarJS (github.com)
Upgrade vue-eslint-parser dependency · Issue #3233 · SonarSource/SonarJS (github.com)

But currently I’m still seeing this behavior on our new Vue3 project scanned with SonarCloud:

image
image1354×685 44.8 KB

Any ideas if this is related to the old topic/github issue? Or what else could be causing this?

This behavior results in a lot of PR comments, and we will probably have to disable the rule if we can’t fix it.

1 Like
2
2 Likes
3

Hi Colin, Thanks for pointing this one out. Would this be active when using SonarCloud immediately? Or is it pending a new release? Our pipeline (using Azure DevOps) reports using version 1.33.0 of the “Run Code Analysis” task and SonarScanner 4.7.0.2747. With those we currently see those same PR comments.

Starting: SonarCloud - Code analysis
==============================================================================
Task         : Run Code Analysis
Description  : Run scanner and upload the results to the SonarCloud server.
Version      : 1.33.0
Author       : sonarsource
Help         : Version: 1.33.0. This task is not needed for Maven and Gradle projects since the scanner should be run as part of the build.```

INFO: SonarScanner 4.7.0.2747

4

It’s fixed on master but won’t be deployed for a bit. Once v9.10 of GitHub - SonarSource/SonarJS: SonarSource Static Analyzer for JavaScript and TypeScript is cut, it should be deployed to SonarCloud after.

1 Like
6

Hi Colin

Is that fix available on SonarQube Enterprise Edition? If yes, it was introduced in what version?
I’m working with Version 9.7.1 and it still reports those false-positive

Regards,
Victor Neves

7

It will arrive in SonarQube v9.8 – which will probably be announced today!

8

Thanks Colin

9

Hello,

Is this bug fixed in Sonarqube Developer edition? If so, could you please kindly tell me from which version should be work?

Currently we are using Sonarqube Developer edition 8.9 and we are facing that issue too.

thank you

10

As noted before, it was fixed in SonarQube v9.8. You’re in luck – SonarQube 9.9 LTS will be released in February, and includes the fix (in all editions)!