The return line in the following code throws a MAJOR SMELL flag in at least SonarQube 8.9.6 (build 50800):
function demonstrate() {
let myArray = new Uint8Array();
//Omitting 'fill the array' steps for simple example
return myArray.buffer;
}
The rule is javascript:S3800 “Functions should always return the same type” highlighting the possible return types as “Returns ArrayBuffer | SharedArrayBuffer” on this one line. SonarScan in Visual Studio Code reports the type as “ArrayBufferLike” and does not highlight an issue. The MDN documentation, also linked to from Node.JS documentation, documents this as an ArrayBuffer.
Even if it is actually a mixed type as does not appear to be the case, the issue is in the interpreter’s code, not the application code, and should not be flagged as a problem in the application, especially in JavaScript which does not require strict typing rather than Typescript. JavaScript is not a strictly typed language and SonarQube errs by treating it as one.
Unfortunately, I was not able to reproduce this false-positive with the snippet you provided on SonarQube 8.9. In order to help you, I would need a minimal, reproducible project that includes project configuration as well as source code, which faithfully triggers the issue you are encountering.
It might also help to share with me which Node.js version you are using.
I am not sure how much of the whole project I can provide, though the CI property line refers to the “java11-node14” standard image.
Are these logs from a run confirming observation of the issue sufficiently helpful? Could not find executable in "/root/.sonar/native-sonar-scanner". Proceed with download of the platform binaries for SonarScanner... Creating /root/.sonar/native-sonar-scanner Downloading from https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-4.5.0.2216-linux.zip (executable will be saved in cache folder: /root/.sonar/native-sonar-scanner) INFO: Scanner configuration file: /root/.sonar/native-sonar-scanner/sonar-scanner-4.5.0.2216-linux/conf/sonar-scanner.properties INFO: Project root configuration file: NONE INFO: SonarScanner 4.5.0.2216 INFO: Java 11.0.3 AdoptOpenJDK (64-bit) INFO: Linux 4.14.246-187.474.amzn2.x86_64 amd64 INFO: Analyzing on SonarQube server 8.9.6 INFO: Default locale: "en_US", source code encoding: "UTF-8" (analysis is platform dependent) INFO: Load global settings INFO: Load global settings (done) | time=163ms INFO: Quality profile for css: Sonar way INFO: Quality profile for js: Sonar way INFO: Quality profile for web: Sonar way INFO: Quality profile for xml: Sonar way
The logs are a bit helpful in the sense that now I known which node.js version you are using. However, I still need a minimal reproducer so that I can further investigate. You don’t need to prove the whole project, only a self-contained snippet that reproduces the issue on a fresh instance of SonarQube 8.9.6.