un-ts / eslint-plugin-sonar Goto Github PK

Hi,

The following rule is not working , no warning or error

no-commented-code | https://sonarsource.github.io/rspec/#/rspec/S125/javascript

I'm currently switching from the legacy format .eslintrc.js to eslint.config.js and I'm importing this plugin as an esm module. Due to how TypeScript is built, being a commonjs file, you can't use explicit named exports.

Your file uses:

import ts__default, { SyntaxKind, TypeFlags } from 'typescript';

But should rather be this:

import ts__default from 'typescript';
const { SyntaxKind, TypeFlags } = ts__default

or this:

import ts__default, { type SyntaxKind, type TypeFlags } from 'typescript'; // type imports are removed after ts compilation

https://github.com/SonarSource/SonarJS/tree/master/eslint-bridge/src/linting/stylelint

First of all, thank you for this amazing plugin!! It caught a good amount of code smells in our project on the first run.

I noticed that https://github.com/un-ts/eslint-plugin-sonar#rule-list has a lot of rules, but it's unclear which ones I could look into enabling on top of the recommended config without going through the code.

https://github.com/playwright-community/eslint-plugin-playwright#list-of-supported-rules does this really well and it makes it also clear what is autofixable. It would be great to have a table similar to that for being able to get the maximum out of this plugin!

There is an error with this repository's Renovate configuration that needs to be fixed. As a precaution, Renovate will stop PRs until it is resolved.

Location: package.json
Error type: The renovate configuration file contains some invalid settings
Message: Invalid configuration option: author, Invalid configuration option: commitlint, Invalid configuration option: eslintIgnore, Invalid configuration option: jest, Invalid configuration option: license, Invalid configuration option: name, Invalid configuration option: packageRules[0].@1stg/common-config, Invalid configuration option: packageRules[0].npm-run-all, Invalid configuration option: packageRules[0].rollup, Invalid configuration option: packageRules[0].rollup-plugin-ts, Invalid configuration option: packageRules[0].standard-version, Invalid configuration option: packageRules[0].yarn-deduplicate, Invalid configuration option: prettier, Invalid configuration option: private, Invalid configuration option: remarkConfig, Invalid configuration option: renovate, Invalid configuration option: resolutions, Invalid configuration option: scripts, Invalid configuration option: version, Invalid configuration option: workspaces

typescript-eslint v6 was released a while ago, it would be great to support it officially.

See more: https://typescript-eslint.io/blog/announcing-typescript-eslint-v6/

Currently, this is the output on pnpm:

 WARN  Issues with peer dependencies found
.
└─┬ eslint-plugin-sonar 0.12.0
  └─┬ @typescript-eslint/eslint-plugin 5.62.0
    └── ✕ unmet peer @typescript-eslint/parser@^5.0.0: found 6.1.0

Sonar plugin is preventing us from updating eslint-plugin to v7 which was released a week ago.

Announcement: https://typescript-eslint.io/blog/announcing-typescript-eslint-v7/

Please add support. Thanks

When importing this molule in a now-required flat config file, I get the following error:

Error: This method cannot be used with flat config. Add your entries directly into the config array.
    at assertEslintrcConfig (REPO/node_modules/eslint/lib/linter/linter.js:1286:15)
    at Linter.getRules (REPO/node_modules/eslint/lib/linter/linter.js:2215:9)
    at Object.<anonymous> (REPO/node_modules/eslint-plugin-sonar/lib/index.cjs:193:60)
    at Module._compile (node:internal/modules/cjs/loader:1375:14)
    at Module._extensions..js (node:internal/modules/cjs/loader:1434:10)
    at Module.load (node:internal/modules/cjs/loader:1206:32)
    at Module._load (node:internal/modules/cjs/loader:1022:12)
    at Module.require (node:internal/modules/cjs/loader:1234:19)
    at require (node:internal/modules/helpers:176:18)
    at Object.<anonymous> (REPO/eslint.config.js:5:27)

Using:

"eslint": "9.0.0",
"eslint-plugin-sonar": "0.13.2"

For example, "sonar/expression-complexity": "error" doesn't work, but "sonar/expression-complexity": ["error", 3] does.
That wasn't obvious to me.

I think there are 2 ways to improve this:

1. Use a default value. So "sonar/expression-complexity": "error" would implicitly use 3.
2. Make options required. So "sonar/expression-complexity": "error" would fail validation, and ESLint would throw a config validation error, like Configuration for rule "sonar/expression-complexity" is invalid: value is required.

Note: I used sonar/expression-complexity rule as an example, but there may be other rules that have the same problem.

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Repository problems

These problems occurred while renovating this repository. View logs.

• WARN: Using npm packages for Renovate presets is now deprecated. Please migrate to repository-based presets instead.

Awaiting Schedule

These updates are awaiting their schedule. Click on a checkbox to get an update now.

• chore(deps): update dependency minimatch to ^9.0.4
• chore(deps): update yarn to v1.22.22
• fix(deps): update dependency eslint-plugin-react-hooks to ^4.6.2
• chore(deps): update dependency eslint to ^8.57.0
• chore(deps): update dependency eslint-plugin-sonarjs to ^0.25.1
• chore(deps): update dependency type-coverage to ^2.28.2
• fix(deps): update dependency eslint-plugin-react to ^7.34.1
• chore(deps): update dependency eslint to v9
• chore(deps): update dependency eslint-plugin-sonarjs to v1
• chore(deps): update typescript-eslint monorepo to v7 (major) (@typescript-eslint/eslint-plugin, @typescript-eslint/parser, @typescript-eslint/scope-manager, @typescript-eslint/type-utils, @typescript-eslint/utils)
• fix(deps): update dependency builtin-modules to v4

Open

These updates have all been created already. Click a checkbox below to force a retry/rebase of any.

• chore(deps): update dependency tmp to ^0.2.3
• chore(deps): update babel monorepo to ^7.24.5 (@babel/core, @babel/eslint-parser)
• chore(deps): update dependency rollup to ^4.17.2
• chore(deps): update dependency tsx to ^4.10.1
• chore(deps): update typescript-eslint monorepo to ^6.21.0 (@typescript-eslint/eslint-plugin, @typescript-eslint/parser, @typescript-eslint/scope-manager, @typescript-eslint/type-utils, @typescript-eslint/utils)
• chore(deps): update dependency @1stg/common-config to v10
• chore(deps): update dependency prettier to v3 (prettier, @types/prettier)
• chore(deps): update github/codeql-action action to v3
• chore(deps): update node.js to v20
• Click on this checkbox to rebase all open PRs at once

Ignored or Blocked

These are blocked by an existing closed PR and will not be recreated unless you click a checkbox below.

• chore(deps): update node.js to >=14.21.3

Detected dependencies

• Check this box to trigger a request for Renovate to run again on this repository

Can't install it in projects that use TypeScript v5, getting this:

npm ERR! code ERESOLVE
npm ERR! ERESOLVE unable to resolve dependency tree
npm ERR! 
npm ERR! While resolving: [email protected]
npm ERR! Found: [email protected]
npm ERR! node_modules/typescript
npm ERR!   dev typescript@"^5.0.4" from the root project
npm ERR! 
npm ERR! Could not resolve dependency:
npm ERR! peer typescript@"^4.0.0" from [email protected]
npm ERR! node_modules/eslint-plugin-sonar
npm ERR!   eslint-plugin-sonar@"*" from the root project

After adding eslint-plugin-sonar to my project, I'm seeing the following warning when installing dependencies:

warn Package eslint-plugin-sonar has been ignored because it contains invalid configuration. Reason: Package subpath './package.json' is not defined by "exports" in node_modules/eslint-plugin-sonar/package.json

Are these 2 separate plugins?

I found this problem when I tried to use version 7.32 of eslint
when used the no-unused-private-class-members rule,eslint would report an error
Details about the error message is meta is undefined because the above rules are only supported by eslint 8.1.0
Do you want to update the eslint version in peerDependencies or remove this rule temporarily?

Anyway, thank you for providing such a great plugin

When looking at differences between eslint-plugin-sonarjs and eslint-plugin-sonar, it seems that eslint-plugin-sonar installs way more transitive dependencies:

/[email protected]([email protected]):
  resolution: {integrity: sha512-87zp50mbbNrSTuoEOebdRQBPa0mdejA5UEjyuScyIw8hEpEjfWP89Qhkq5xVZfVyVSRQKZc9alVm7yRKQvvUmg==}
  engines: {node: '>=16'}
  peerDependencies:
    eslint: ^5.0.0 || ^6.0.0 || ^7.0.0 || ^8.0.0
  dependencies:
    eslint: 8.57.0
  dev: true

vs

/[email protected](@babel/[email protected])(@typescript-eslint/[email protected])([email protected])([email protected]):
  resolution: {integrity: sha512-7mZkk4/E2tGtIi3OCNCTmEWthweWzoAj9YcsxxIDI38r7q4RDusWDpsdGHPZXp/+QU8ZKkvmE11G4DtJW+k1kg==}
  engines: {node: '>=14'}
  peerDependencies:
    '@babel/core': ^7.11.0
    '@typescript-eslint/parser': ^6.0.0
    eslint: ^8.0.0
    typescript: ^4.0.0 || ^5.0.0
  dependencies:
    '@babel/core': 7.24.0
    '@babel/eslint-parser': 7.23.10(@babel/[email protected])([email protected])
    '@eslint-community/regexpp': 4.10.0
    '@typescript-eslint/eslint-plugin': 6.21.0(@typescript-eslint/[email protected])([email protected])([email protected])
    '@typescript-eslint/parser': 6.21.0([email protected])([email protected])
    builtin-modules: 3.3.0
    bytes: 3.1.2
    eslint: 8.57.0
    eslint-plugin-jsx-a11y: 6.8.0([email protected])
    eslint-plugin-react: 7.34.0([email protected])
    eslint-plugin-react-hooks: 4.6.0([email protected])
    eslint-plugin-sonarjs: 0.23.0([email protected])
    functional-red-black-tree: 1.0.1
    jsx-ast-utils: 3.3.5
    minimatch: 9.0.3
    scslre: 0.3.0
    tmp: 0.2.3
    typescript: 5.4.2
  transitivePeerDependencies:
    - supports-color
  dev: false

We are using eslint-plugin-sonar in a SvelteKit monorepo, so we have no need for e.g. eslint-plugin-jsx-a11y, eslint-plugin-react, eslint-plugin-react-hooks and so on. On top of that, these dependencies have a huge amount of bloat and install useless polyfills which is well-known due to one of their maintainers' questionable stance, unfortunately.