Hi all,
@Colin suggested I start a discussion here in the community per this VSCode extension epic. I’ll just bring in my comment on the epic here:
I have installed the SonarLint extension for VSCode as a recommendation in an extension pack. I do see the benefit of the code analysis, but I cannot currently find a way to disable some legitimate findings.
For example:
// Typesscript snippet
import { IHookProperties, setDefault } from "ts-log-class";
setDefault({
hook: (logProps: IHookProperties) => {
if (logProps.arguments.hasOwnProperty("user")) {
const user: any = JSON.parse(logProps.arguments.user);
// @SupressWarnings("all") // NOSONAR // How to suppress this specific error?
user.password = "[secret]";
logProps.arguments.user = JSON.stringify(user);
}
return JSON.stringify(logProps);
},
out: (message?: any, ...optionalParameters: any[]) => {
Logging.Logger.debug(message, optionalParameters);
}
});
In this case I need to suppress the error Credentials should not be hard-coded (typescript:S2068)
because one, it is a copy of the object, and two it prevents the password from being printed/logged in my cloud provider. Is there a way to do this? We do not use SonarQube or any server related features, but only this extension within VSCode.