SonarLint does not show same issues as in SonarQube

Hi All,

I am using SonarQube version, VSCode version 1.72.2 and SonarLint extension version 3.11.0
I connected SonarLint to my server and bound the project successfully.

In SonarQube i use a modified version of Sonarway JavaScript profile (just a single modification in cognitive complexity rule).

However, in local SonarLint i don’t see the issues reported in SonarQube.


Any advice, what can be the issue?


Hey there.

It looks like those issues are being raised by cspell, which is not SonarLint.

Thanks for the reply.

My main issue that SonarQube is showing two issues but they dont appear in SonarLint although tools are connected.

i will ignore the extra issues in Sonarlint which comes from CSpell.

it would be great if you can give me a hint where i can check so that SonarLint shows the same issues as SonarQube.


Ah, sorry for the misunderstanding.

SonarLint is using a newer version of our Javascript analyzer than SonarQube – I would recommend updating to the latest version of SonarQube (v9.7), reanalyze your code, and see if the issues still exist in SonarQube (they could be false-positives that we fixed).

Thanks Colin, will do and reply here for the benefits of everyone

1 Like

Hi Colin,

We upgraded SonarQube to Version

Still same issue, sonarQube shows the 2 messages, but sonarLint does not, although both are linked in VSCode.


Hello, thanks for coming back with the additional information.

Could you please enable SonarLint verbose and analyzer logs in the VSCode settings and upload an extract from the SonarLint Output when analyzing the lock_order.js file you mentioned earlier? Maybe there is something off with the analyzer and/or IDE setup on this particular file.


here is the log file after verbose mode has been enabled (i only searched/replaced the project name)

SonarLintLog.txt (7.5 KB)

Hmm :thinking: I don’t see anything strange in the logs.

Would it be possible for you to share a minimal reproducer for this issue (a file that reports these issues in SonarQube but not in SonarLint)?

I’m wondering whether this could be linked to type resolution, e.g on SonarQube the analyzer is able to infer that a function in the code is used as a callback, whereas in the current version of SonarLint, type resolution in JS is less precise and can result in such false negatives.


attached is the whole file (1.1 KB)

Hi @JBL_SonarSource

Have you had a chance to check the file?

Thanks and Regards