SonarJS

186 Rules

Offering a set of powerful rules, SonarJS is all you need to find bugs, vulnerabilities, and code smells in your JavaScript code. With SonarJS, monitoring your code quality is no longer a daunting task.


Bug
60

Vulnerability
9

Code Smell
117

Bug Detection Rules

Rule ID Name Sonar way Tags In Action
S3796 Callbacks of array methods should have return statements~59 issues
S2189 Loops should not be infinitecert~226 issues
S3827 Non-existent variables should not be referenced~17,292 issues
S3828 "yield" expressions should not be used outside generatorses2015~3 issues
S3834 "Symbol" should not be used as a constructores2015~1 issue
S3812 Results of "in" and "instanceof" should be negated rather than operands~52 issues
S3785 "in" should not be used with primitive types~156 issues
S2549 The "changed" property should not be manipulated directlybackbone
S3854 super() should be invoked appropriately~4 issues
S930 Function calls should not pass extra argumentscert, cwe, misra~3,446 issues
S3799 Destructuring patterns should not be empty~1 issue
S2583 Conditionally executed blocks should be reachablecert, cwe, misra, pitfall, unused~6,988 issues
BoundOrA. "eval" and "arguments" should not be bound or assignedpitfall~28 issues
S1656 Variables should not be self-assignedcert~316 issues
S905 Non-empty statements should change control flow or have at least one side-effectcert, cwe, misra, unused~155 issues
S2234 Parameters should be passed in the correct order~143 issues
S1145 Useless "if(true) {...}" and "if(false){...}" blocks should be removedcwe, misra~1 issue
S2873 Calls should not be made to non-callable values~3,848 issues
S1143 Jump statements should not occur in "finally" blockscert, cwe, error-handling~367 issues
S2757 "=+" should not be used instead of "+="~1 issue
S2999 "new" operators should be used with functions~22 issues
Duplicat. Property names should not be duplicated within a class or object literalpitfall~1,018 issues
S878 Comma operator should not be usedmisra~2 issues
S2688 "NaN" should not be used in comparisonscert~44 issues
S1751 Jump statements should not be used unconditionallycert, misra, unused~155 issues
S2201 Return values should not be ignored when function calls don't have any side effectscert, misra~513 issues
S3531 Generators should "yield" somethingapi-design, es2015~12 issues
S2681 Multiline blocks should be enclosed in curly bracescert, cwe~93 issues
Duplicat. Function argument names should be unique~3 issues
ForIn "for...in" loops should filter properties before acting on them~7,445 issues
S1764 Identical expressions should not be used on both sides of a binary operatorcert~1,497 issues
S3786 Template literal placeholder syntax should not be used in regular strings~5 issues
S1697 Short-circuit logic should be used to prevent null pointer dereferences in conditionals
S2424 Built-in objects should not be overriddenconfusing~1 issue
S3759 Non-existent properties should not be read~3,684 issues
S1854 Dead stores should be removedcert, cwe, unused~47,055 issues
S1862 Related "if/else if" statements and "cases" in a "switch" should not have the same conditioncert, pitfall, unused~403 issues
S3403 Strict equality operators should not be used with dissimilar types~1,067 issues
S2432 Setters should not return values~64 issues
S2550 "defaults" should be a function when objects or arrays are usedbackbone
Construc. Objects should not be created to be dropped immediately without being used~58 issues
S3923 All branches in a conditional structure should not have exactly the same implementation~254 issues
S3699 The output of functions that don't return anything should not be used~484 issues
S1154 Results of operations on strings should not be ignoredcert~1 issue
S2123 Values should not be uselessly incrementedunused~1 issue
S2769 Selection results should be tested with "length"jquery~1 issue
S3616 Comma and logical OR operators should not be used in switch cases~5 issues
Unreacha. Jump statements should not be followed by other statementscert, cwe, misra, unused~4,066 issues
S2259 Properties of variables with "null" or "undefined" values should not be accessedcert, cwe~4,797 issues
BitwiseO. Bitwise operators should not be used in boolean contexts~62,728 issues
S3500 Attempts should not be made to update "const" variableses2015~9 issues
S2251 A "for" loop update clause should move the counter in the right directioncert~21 issues
FailedUn. Failed unit tests should be fixed
S2508 The names of model properties should not contain spacesbackbone
Function. Function declarations should not be made within blockscross-browser, user-experience~505 issues
S2427 The base should be provided to "parseInt"user-experience
S3001 "delete" should be used only with object properties~72 issues
Trailing. Trailing commas should not be usedcross-browser~6 issues
NamedFun. Named function expressions should not be usedcross-browser, user-experience~1,059 issues
WithStat. "with" statements should not be used~271 issues

Vulnerability Detection Rules

Rule ID Name Sonar way Tags In Action
S2817 Web SQL databases should not be usedhtml5, owasp-a6, owasp-a9
S3271 Local storage should not be usedowasp-a6
S2611 Untrusted content should not be includedcwe, sans-top25-risky~8 issues
Eval Code should not be dynamically injected and executedcwe, owasp-a3~2,185 issues
S2819 Cross-document messaging domains should be carefully restrictedhtml5, owasp-a3~114 issues
S3523 Function constructors should not be usedclumsy~2,126 issues
S2228 Console logging should not be usedowasp-a6, user-experience~8,802 issues
Debugger. Debugger statements should not be usedcwe, user-experience~91 issues
S1442 "alert(...)" should not be usedcwe, user-experience~3,528 issues

Code Smell Detection Rules

Rule ID Name Sonar way Tags In Action
Variable. Variables should be declared before they are usedpitfall~12,728 issues
FutureRe. "future reserved words" should not be used as identifierslock-in, pitfall~68 issues
S1451 Track lack of copyright and license headers
OctalNum. Octal values should not be usedcert, misra, pitfall~876 issues
S1219 "switch" statements should not contain non-case labelsmisra, suspicious~109 issues
S3516 Function returns should not be invariant~139 issues
S2703 Variables should be declared explicitlypitfall~13,104 issues
NonEmpty. Switch cases should end with an unconditional "break" statementcert, cwe, misra, suspicious~3,083 issues
S2137 Local variables should not shadow "undefined"~98 issues
S3509 Default parameters should not cause side effectses2015, pitfall
Conditio. Internet Explorer's conditional comments should not be usedcross-browser~15 issues
StrictMo. "strict" mode should be used with cautioncross-browser, user-experience~1,117 issues
S3776 Cognitive Complexity of functions should not be too highbrain-overload~17,487 issues
S1994 "for" loop increment clauses should modify the loops' countersconfusing~330 issues
S2208 Wildcard imports should not be usedes2015, pitfall~1 issue
Variable. Variables should not be shadowedcert, misra, suspicious~1,477 issues
S3353 Unchanged variables should be marked "const"es2015~7,733 issues
CurlyBra. Control structures should use curly bracescert, misra, pitfall~1,608 issues
S1067 Expressions should not be too complexbrain-overload~17,032 issues
S2310 Loop counters should not be assigned to from within the loop bodypitfall~2,416 issues
S1186 Functions should not be emptysuspicious~12,785 issues
S3525 Class methods should be used instead of "prototype" assignmentses2015
SwitchWi. "switch" statements should end with "default" clausescert, cwe, misra~5,391 issues
Function. Functions should not be too complexbrain-overload~17,576 issues
S3735 "void" should not be usedconfusing~6,388 issues
ElseIfWi. "if ... else if" constructs should end with "else" clausescert, misra~1 issue
S888 Equality operators should not be used in "for" loop termination conditionscert, cwe, misra, suspicious~2 issues
NestedIf. Control flow statements "if", "for", "while", "switch" and "try" should not be nested too deeplybrain-overload~32,132 issues
S3504 Variables should be declared with "let" or "const"bad-practice, es2015
S2589 Boolean expressions should not be gratuitouscert, cwe, misra, redundant~6 issues
S3798 Variables and functions should not be declared in the global scope~32 issues
S1134 Track uses of "FIXME" tagscwe~1,068 issues
ParsingE. JavaScript parser failuresuspicious
LineLeng. Lines should not be too longconvention~44 issues
S104 Files should not have too many linesbrain-overload~39 issues
Parenthe. Redundant pairs of parentheses should be removedconfusing~3,396 issues
S3686 Functions should not be called both with and without "new"~639 issues
S2870 "delete" should not be used on arrays~146 issues
S881 Increment (++) and decrement (--) operators should not be used in a method call or mixed with other operators in an expressioncert, misra~27 issues
S1788 Function parameters with default values should be lastes2015~178 issues
S2685 "arguments.caller" and "arguments.callee" should not be usedobsolete~290 issues
S1871 Two branches in a conditional structure should not have exactly the same implementationdesign, suspicious~6,508 issues
Collapsi. Collapsible "if" statements should be mergedclumsy~6,049 issues
S1119 Labels should not be usedconfusing~1,820 issues
Assignme. Assignments should not be made from within sub-expressionscert, cwe, misra, suspicious~1,318 issues
UnusedFu. Unused function parameters should be removedcert, misra, unused~42,129 issues
S2692 "indexOf" checks should not be for positive numberssuspicious~305 issues
S3782 Arguments to built-in functions should match documented types~251 issues
S3358 Ternary operators should not be nestedconfusing~15,585 issues
S3513 "arguments" should not be accessed directlyapi-design, es2015
EmptyBlo. Nested blocks of code should not be left emptysuspicious~7,914 issues
LabelPla. Only "while", "do" and "for" statements should be labelledpitfall~1 issue
EqEqEq "===" and "!==" should be used instead of "==" and "!="suspicious~3,865 issues
S3758 Values not convertible to numbers should not be used in numeric comparisons~411 issues
S3757 Arithmetic operations should not result in "NaN"~444 issues
Excessiv. Functions should not have too many parametersbrain-overload~1,781 issues
S3003 Comparison operators should not be used with strings~24 issues
S3760 Arithmetic operators should only have numbers as operandsconfusing
OneState. Statements should be on separate linesconvention~145,939 issues
S2715 "find" should be used to select the children of an element known by idjquery, performance, user-experience~1 issue
S2716 Universal selectors should not be usedjquery, performance, user-experience
S2714 Element type selectors should not be used with class selectorsjquery, performance, user-experience
S3800 Functions should always return the same typeconfusing~2,133 issues
S3801 Functions should use "return" consistentlyapi-design, confusing~109 issues
S2392 Variables should be defined in the blocks where they are usedpitfall
S2762 Selections should be storedjquery, performance, user-experience~1 issue
S3579 Array indexes should be numericbad-practice~384 issues
Commente. Sections of code should not be "commented out"misra, unused~21,959 issues
Conditio. The ternary operator should not be usedbrain-overload
S2376 Property getters and setters should come in pairspitfall~1,365 issues
S2770 Deprecated jQuery methods should not be usedjquery, obsolete
S2814 Variables and functions should not be redeclaredconfusing~48,655 issues
S2898 "[type=...]" should be used to select elements by typejquery, performance
Function. Functions should not be defined inside loopssuspicious~5,491 issues
S138 Functions should not have too many linesbrain-overload~1,190 issues
Insuffic. Lines should have sufficient coverage by testsbad-practice~125 issues
Insuffic. Branches should have sufficient coverage by testsbad-practice~68 issues
Duplicat. Source files should not have any duplicated blockspitfall~20,302 issues
Insuffic. Source files should have a sufficient density of comment linesconvention
SkippedU. Skipped unit tests should be either removed or fixedpitfall
MissingN. Files should contain an empty new line at the endconvention~51 issues
TooManyB. Loops should not contain more than a single "break" or "continue" statementbrain-overload~3,037 issues
S3317 Default export names and file names should matchconfusing, convention, es2015~494 issues
S1301 "switch" statements should have at least 3 "case" clausesbad-practice, misra~1,218 issues
S1264 A "while" loop should be used instead of a "for" loopclumsy~1,094 issues
S2990 The global "this" object should not be usedconfusing~804 issues
S3723 Trailing commas should be usedconvention
S3499 Shorthand object properties should be grouped at the beginning or end of an object declarationconvention, es2015~380 issues
S3533 "import" should be used to include external codeconvention, es2015, obsolete~23 issues
S3498 Object literal shorthand syntax should be usedconvention, es2015~4 issues
S1472 Function call arguments should not start on new linessuspicious~1,795 issues
S1116 Extra semicolons should be removedcert, misra, unused~7,265 issues
S1126 Return of boolean expressions should not be wrapped into an "if-then-else" statementclumsy~231 issues
S1488 Local Variables should not be declared and then immediately returned or thrownclumsy~2,233 issues
S1125 Boolean literals should not be redundantclumsy~1,589 issues
SingleQu. Single quotes should be used for string literalsconvention~270 issues
S100 Function names should comply with a naming conventionconvention~21 issues
TabChara. Tabulation characters should not be usedconvention
S3512 Template strings should be used instead of concatenationclumsy, es2015~2 issues
HtmlComm. HTML-style comments should not be usedbad-practice~21 issues
S3514 Destructuring syntax should be used for assignmentsclumsy, es2015
Semicolo. Statements should end with semicolonsconvention~7,259 issues
Primitiv. Wrapper objects should not be used for primitive typespitfall~1,103 issues
UnusedVa. Unused local variables and functions should be removedunused~36,723 issues
S3402 Strings and non-strings should not be addedconfusing~82 issues
Continue. "continue" should not be usedbad-practice, misra
S3524 Braces and parentheses should be used consistently with arrow functionsconvention, es2015~19 issues
ArrayAnd. Array constructors should not be usedsuspicious~4,016 issues
S3002 Unary operators "+" and "-" should not be used with objectsconfusing~5 issues
S2713 JQuery cache variables should comply with a convention nameconvention, jquery~2 issues
S1226 Function parameters, caught exceptions and foreach variables should not be reassignedmisra, pitfall~11 issues
S1105 An open curly brace should be located at the end of a lineconvention~4 issues
Multilin. Multiline string literals should not be usedbad-practice~1,253 issues
Trailing. Comments should not be located at the end of lines of codeconvention~4 issues
S2138 "undefined" should not be assignedsuspicious~29 issues
Trailing. Lines should not end with trailing whitespacesconvention~297 issues
S1135 Track uses of "TODO" tagscwe~9,960 issues

Back to the top