Uint8Array.buffer throws mixed-type MAJOR SMELL flag

The return line in the following code throws a MAJOR SMELL flag in at least SonarQube 8.9.6 (build 50800):

function demonstrate() {
	let myArray = new Uint8Array();
	//Omitting 'fill the array' steps for simple example
	return myArray.buffer;
}

The rule is javascript:S3800 “Functions should always return the same type” highlighting the possible return types as “Returns ArrayBuffer | SharedArrayBuffer” on this one line. SonarScan in Visual Studio Code reports the type as “ArrayBufferLike” and does not highlight an issue. The MDN documentation, also linked to from Node.JS documentation, documents this as an ArrayBuffer.

Even if it is actually a mixed type as does not appear to be the case, the issue is in the interpreter’s code, not the application code, and should not be flagged as a problem in the application, especially in JavaScript which does not require strict typing rather than Typescript. JavaScript is not a strictly typed language and SonarQube errs by treating it as one.

Hello Ben,

Thank you for reporting this bug.

Unfortunately, I was not able to reproduce this false-positive with the snippet you provided on SonarQube 8.9. In order to help you, I would need a minimal, reproducible project that includes project configuration as well as source code, which faithfully triggers the issue you are encountering.

It might also help to share with me which Node.js version you are using.

Thank you,
Yassin

I am not sure how much of the whole project I can provide, though the CI property line refers to the “java11-node14” standard image.
Are these logs from a run confirming observation of the issue sufficiently helpful?
Could not find executable in "/root/.sonar/native-sonar-scanner".
Proceed with download of the platform binaries for SonarScanner...
Creating /root/.sonar/native-sonar-scanner
Downloading from https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-4.5.0.2216-linux.zip
(executable will be saved in cache folder: /root/.sonar/native-sonar-scanner)
INFO: Scanner configuration file: /root/.sonar/native-sonar-scanner/sonar-scanner-4.5.0.2216-linux/conf/sonar-scanner.properties
INFO: Project root configuration file: NONE
INFO: SonarScanner 4.5.0.2216
INFO: Java 11.0.3 AdoptOpenJDK (64-bit)
INFO: Linux 4.14.246-187.474.amzn2.x86_64 amd64
INFO: Analyzing on SonarQube server 8.9.6
INFO: Default locale: "en_US", source code encoding: "UTF-8" (analysis is platform dependent)
INFO: Load global settings
INFO: Load global settings (done) | time=163ms
INFO: Quality profile for css: Sonar way
INFO: Quality profile for js: Sonar way
INFO: Quality profile for web: Sonar way
INFO: Quality profile for xml: Sonar way

Hello,

The logs are a bit helpful in the sense that now I known which node.js version you are using. However, I still need a minimal reproducer so that I can further investigate. You don’t need to prove the whole project, only a self-contained snippet that reproduces the issue on a fresh instance of SonarQube 8.9.6.

Yassin