Tsconfig.json files with comments are not scanned correctly

onigoetz · March 24, 2026, 9:23pm

The Sonar Scanner can’t parse tsconfig.json files that contain comments:

21:31:25.784 WARN  Cannot parse 'packages/messageformat/tsconfig.json:12:1'
21:31:25.798 WARN  Cannot parse 'packages/i18n-types/tsconfig.json:16:1'
21:31:25.812 WARN  Cannot parse 'packages/intl-formatters/tsconfig.json:12:1'
21:31:25.814 WARN  Cannot parse 'packages/make-plural/tsconfig.json:12:1'

And the error appears in the UI: SonarQube Cloud

(Source file, CI step)

Comments in tsconfig.json have been accepted since TypeScript 1.8

This integration is on a GitHub repository using the SonarSource/sonarqube-scan-action@v6 GitHub action.

I don’t know what the effect is on the scanning of not being able to parse the tsconfig.json but it seems to me that it is a false positive of javascript:S2260 is it possible to treat tsconfig.json as a JSONC file instead of pure json?

Marcin_Stachniuk · March 26, 2026, 3:42pm

Hello @onigoetz,

Thank you for the detailed report, including the example project, CI logs, and links to related discussions — that context is very helpful.

The issue SonarQube Cloud. is actually json:S2260 and not javascript:S2260. It is another analyzer (sonar-iac) that scans json files. It is know limitation of sonar-iac, because of the limitation of snakeyaml-engine used to parse JSON files.

Possible solutions for now:

remove all comments from tsconfig.json
disable json:S2260 rule in your Quality Profile

Best
Marcin Stachniuk

onigoetz · March 26, 2026, 8:21pm

Thanks Marcin

Oh indeed, that’s a typo from my part on the rule name.

Thanks, I will probably disable the rule in the quality profile.
Is there an issue I could follow either on your side or on the snakeyaml-engine side?

Best,
Stéphane

alexoren · May 17, 2026, 1:59am

Hi @Marcin_Stachniuk ,

Will it be possible to support comments in JSON?
Many parsers allow them (as “json with comments” extensions) and the parsing failures prevent “real” issues from being flagged.

Marcin_Stachniuk · May 29, 2026, 10:43am

Hi @alexoren

We have a ticket for that open for a very long time. It is not so easy to handle it as the maintainer of snakeyaml-engine was against implementing the features like:

tab characters in YAML
comments in JSON

as they are not allowed by the YAML or JSON specification. (The issues are not available anymore as “issues” are now disabled in BitBucket where snakeyaml-engine is hosted).

We know that other IaC related tools allows them. It is not so easy to implement the workaround for this limitation, we have other priorities. I hope we will implement it some day but for now I can’t promise you any implementation date.

Best
Marcin Stachniuk

onigoetz · May 29, 2026, 11:02am

Thanks for checking,
I can wait, no worries.

As long as it is tracked it’s already good for me.

Best
Stéphane Goetz

Topic		Replies	Views
TypeScript tsconfig.json detection fundamentally broken SonarQube Server / Community Build typescript , sonarjs	5	5550	November 2, 2020
Explicitly specifying tsconfig.json file paths to analyze fails SonarQube Cloud typescript , configuration , sonarqube-cloud	7	268	June 17, 2025
TS - Skipping files with no tsconfig.json SonarQube Server / Community Build typescript	15	12401	March 2, 2021
Typescript document comments are not measure SonarQube Server / Community Build typescript , comments	2	910	November 27, 2020
Scan comments in the code Suggest new features typescript , vue , sonarqube-ide	3	1247	January 29, 2023

Tsconfig.json files with comments are not scanned correctly

Related topics