SonarJS

186 Rules

Offering a set of powerful rules, SonarJS is all you need to find bugs, vulnerabilities, and code smells in your JavaScript code. With SonarJS, monitoring your code quality is no longer a daunting task.


Bug
60

Vulnerability
9

Code Smell
117

Bug Detection Rules

Rule ID Name Sonar way Tags In Action
S3796 Callbacks of array methods should have return statements~47 issues
S2189 Loops should not be infinitecert~148 issues
S3828 "yield" expressions should not be used outside generatorses2015
S3827 Non-existent variables should not be referenced~17,247 issues
S3854 super() should be invoked appropriately~4 issues
S3834 "Symbol" should not be used as a constructores2015
S3812 Results of "in" and "instanceof" should be negated rather than operands~29 issues
S3785 "in" should not be used with primitive types~120 issues
S2549 The "changed" property should not be manipulated directlybackbone
S930 Function calls should not pass extra argumentscert, cwe, misra~1,958 issues
S2583 Conditionally executed blocks should be reachablecert, cwe, misra, pitfall, unused~5,047 issues
S905 Non-empty statements should change control flow or have at least one side-effectcert, cwe, misra, unused~85 issues
S2757 "=+" should not be used instead of "+="~1 issue
S2688 "NaN" should not be used in comparisonscert~36 issues
S3531 Generators should "yield" somethingapi-design, es2015~5 issues
ForIn "for...in" loops should filter properties before acting on them~7,264 issues
S1764 Identical expressions should not be used on both sides of a binary operatorcert~1,379 issues
S3759 Non-existent properties should not be read~3,975 issues
S1854 Dead stores should be removedcert, cwe, unused~25,843 issues
S3923 All branches in a conditional structure should not have exactly the same implementation~57 issues
S2769 Selection results should be tested with "length"jquery
Unreacha. Jump statements should not be followed by other statementscert, cwe, misra, unused~3,761 issues
BitwiseO. Bitwise operators should not be used in boolean contexts~67,427 issues
S3500 Attempts should not be made to update "const" variableses2015~8 issues
S2873 Calls should not be made to non-callable values~3,428 issues
S3616 Comma and logical OR operators should not be used in switch cases
Duplicat. Property names should not be duplicated within a class or object literalpitfall~394 issues
S1154 Results of operations on strings should not be ignoredcert~1 issue
S3799 Destructuring patterns should not be empty~1 issue
S1751 Jump statements should not be used unconditionallycert, misra, unused~122 issues
S2201 Return values should not be ignored when function calls don't have any side effectscert, misra~319 issues
S3786 Template literal placeholder syntax should not be used in regular strings
S3403 Strict equality operators should not be used with dissimilar types~684 issues
S1143 Jump statements should not occur in "finally" blockscert, cwe, error-handling~267 issues
BoundOrA. "eval" and "arguments" should not be bound or assignedpitfall~18 issues
Construc. Objects should not be created to be dropped immediately without being used~58 issues
S3699 The output of functions that don't return anything should not be used~338 issues
S1656 Variables should not be self-assignedcert~233 issues
S2234 Parameters should be passed in the correct order~141 issues
S1145 Useless "if(true) {...}" and "if(false){...}" blocks should be removedcwe, misra~1 issue
S2999 "new" operators should be used with functions~10 issues
S878 Comma operator should not be usedmisra
S2681 Multiline blocks should be enclosed in curly bracescert, cwe~31 issues
Duplicat. Function argument names should be unique~3 issues
S1697 Short-circuit logic should be used to prevent null pointer dereferences in conditionals
S2424 Built-in objects should not be overriddenconfusing
S1862 Related "if/else if" statements and "cases" in a "switch" should not have the same conditioncert, pitfall, unused~314 issues
S2432 Setters should not return values
S2550 "defaults" should be a function when objects or arrays are usedbackbone
S2123 Values should not be uselessly incrementedunused
S2259 Properties of variables with "null" or "undefined" values should not be accessedcert, cwe~2,672 issues
S2251 A "for" loop update clause should move the counter in the right directioncert~18 issues
FailedUn. Failed unit tests should be fixed
S2508 The names of model properties should not contain spacesbackbone
Function. Function declarations should not be made within blockscross-browser, user-experience~478 issues
S2427 The base should be provided to "parseInt"user-experience
S3001 "delete" should be used only with object properties~34 issues
Trailing. Trailing commas should not be usedcross-browser~6 issues
NamedFun. Named function expressions should not be usedcross-browser, user-experience~1,059 issues
WithStat. "with" statements should not be used~216 issues

Vulnerability Detection Rules

Rule ID Name Sonar way Tags In Action
S2817 Web SQL databases should not be usedhtml5, owasp-a6, owasp-a9
Eval Code should not be dynamically injected and executedcwe, owasp-a3~1,126 issues
S3523 Function constructors should not be usedclumsy~1,279 issues
S3271 Local storage should not be usedowasp-a6
S2611 Untrusted content should not be includedcwe, sans-top25-risky~8 issues
S2819 Cross-document messaging domains should be carefully restrictedhtml5, owasp-a3~23 issues
S2228 Console logging should not be usedowasp-a6, user-experience~8,655 issues
Debugger. Debugger statements should not be usedcwe, user-experience~37 issues
S1442 "alert(...)" should not be usedcwe, user-experience~1,960 issues

Code Smell Detection Rules

Rule ID Name Sonar way Tags In Action
S3516 Function returns should not be invariant~3 issues
S1219 "switch" statements should not contain non-case labelsmisra, suspicious~2 issues
NonEmpty. Switch cases should end with an unconditional "break" statementcert, cwe, misra, suspicious~1,604 issues
S2137 Local variables should not shadow "undefined"~99 issues
Variable. Variables should be declared before they are usedpitfall~12,607 issues
FutureRe. "future reserved words" should not be used as identifierslock-in, pitfall~69 issues
S1451 Track lack of copyright and license headers
OctalNum. Octal values should not be usedcert, misra, pitfall~604 issues
S2703 Variables should be declared explicitlypitfall~6,090 issues
S3509 Default parameters should not cause side effectses2015, pitfall
S1994 "for" loop increment clauses should modify the loops' countersconfusing~358 issues
CurlyBra. Control structures should use curly bracescert, misra, pitfall~1,608 issues
S3735 "void" should not be usedconfusing~7,408 issues
S3776 Cognitive Complexity of functions should not be too highbrain-overload~17,555 issues
S1186 Functions should not be emptysuspicious~12,956 issues
Function. Functions should not be too complexbrain-overload~16,518 issues
Conditio. Internet Explorer's conditional comments should not be usedcross-browser~15 issues
StrictMo. "strict" mode should be used with cautioncross-browser, user-experience~1,117 issues
S2208 Wildcard imports should not be usedes2015, pitfall~1 issue
Variable. Variables should not be shadowedcert, misra, suspicious~1,466 issues
S3353 Unchanged variables should be marked "const"es2015~7,755 issues
S1067 Expressions should not be too complexbrain-overload~16,783 issues
S2310 Loop counters should not be assigned to from within the loop bodypitfall~2,376 issues
S3525 Class methods should be used instead of "prototype" assignmentses2015
SwitchWi. "switch" statements should end with "default" clausescert, cwe, misra~5,305 issues
ElseIfWi. "if ... else if" constructs should end with "else" clausescert, misra~1 issue
S888 Equality operators should not be used in "for" loop termination conditionscert, cwe, misra, suspicious~2 issues
NestedIf. Control flow statements "if", "for", "while", "switch" and "try" should not be nested too deeplybrain-overload~31,815 issues
S3504 Variables should be declared with "let" or "const"bad-practice, es2015
S2589 Boolean expressions should not be gratuitouscert, cwe, misra, redundant
Parenthe. Redundant pairs of parentheses should be removedconfusing~2,409 issues
S3686 Functions should not be called both with and without "new"~389 issues
S2870 "delete" should not be used on arrays~91 issues
S1871 Two branches in a conditional structure should not have exactly the same implementationdesign, suspicious~5,568 issues
S1119 Labels should not be usedconfusing~1,576 issues
Assignme. Assignments should not be made from within sub-expressionscert, cwe, misra, suspicious~1,196 issues
UnusedFu. Unused function parameters should be removedcert, misra, unused~40,806 issues
S2692 "indexOf" checks should not be for positive numberssuspicious~300 issues
S3782 Arguments to built-in functions should match documented types~312 issues
S3513 "arguments" should not be accessed directlyapi-design, es2015
EmptyBlo. Nested blocks of code should not be left emptysuspicious~6,397 issues
EqEqEq "===" and "!==" should be used instead of "==" and "!="suspicious~3,813 issues
S3758 Values not convertible to numbers should not be used in numeric comparisons~437 issues
S3757 Arithmetic operations should not result in "NaN"~447 issues
S3003 Comparison operators should not be used with strings~23 issues
OneState. Statements should be on separate linesconvention~148,305 issues
S2715 "find" should be used to select the children of an element known by idjquery, performance, user-experience
S2716 Universal selectors should not be usedjquery, performance, user-experience
S2714 Element type selectors should not be used with class selectorsjquery, performance, user-experience
S3579 Array indexes should be numericbad-practice~127 issues
S2762 Selections should be storedjquery, performance, user-experience
S2814 Variables and functions should not be redeclaredconfusing~21,305 issues
S2898 "[type=...]" should be used to select elements by typejquery, performance
Function. Functions should not be defined inside loopssuspicious~4,191 issues
S3358 Ternary operators should not be nestedconfusing~15,907 issues
S3798 Variables and functions should not be declared in the global scope~1 issue
S3800 Functions should always return the same typeconfusing~2,187 issues
S3801 Functions should use "return" consistentlyapi-design, confusing~34 issues
S2376 Property getters and setters should come in pairspitfall~1,428 issues
Insuffic. Lines should have sufficient coverage by testsbad-practice~114 issues
Insuffic. Branches should have sufficient coverage by testsbad-practice~50 issues
S1134 Track uses of "FIXME" tagscwe~1,030 issues
S3760 Arithmetic operators should only have numbers as operandsconfusing
S2392 Variables should be defined in the blocks where they are usedpitfall
ParsingE. JavaScript parser failuresuspicious
LineLeng. Lines should not be too longconvention~16 issues
S104 Files should not have too many linesbrain-overload~30 issues
S881 Increment (++) and decrement (--) operators should not be used in a method call or mixed with other operators in an expressioncert, misra~4 issues
S1788 Function parameters with default values should be lastes2015~175 issues
S2685 "arguments.caller" and "arguments.callee" should not be usedobsolete~283 issues
Collapsi. Collapsible "if" statements should be mergedclumsy~5,970 issues
LabelPla. Only "while", "do" and "for" statements should be labelledpitfall~1 issue
Excessiv. Functions should not have too many parametersbrain-overload~1,708 issues
Commente. Sections of code should not be "commented out"misra, unused~21,216 issues
Conditio. The ternary operator should not be usedbrain-overload
S2770 Deprecated jQuery methods should not be usedjquery, obsolete
S138 Functions should not have too many linesbrain-overload~1,156 issues
Duplicat. Source files should not have any duplicated blockspitfall~20,353 issues
Insuffic. Source files should have a sufficient density of comment linesconvention
SkippedU. Skipped unit tests should be either removed or fixedpitfall
TooManyB. Loops should not contain more than a single "break" or "continue" statementbrain-overload~3,044 issues
S1264 A "while" loop should be used instead of a "for" loopclumsy~1,132 issues
S2990 The global "this" object should not be usedconfusing~800 issues
S1472 Function call arguments should not start on new linessuspicious~1,496 issues
S1116 Extra semicolons should be removedcert, misra, unused~7,158 issues
S1125 Boolean literals should not be redundantclumsy~1,326 issues
TabChara. Tabulation characters should not be usedconvention
Primitiv. Wrapper objects should not be used for primitive typespitfall~950 issues
S3402 Strings and non-strings should not be addedconfusing~81 issues
ArrayAnd. Array constructors should not be usedsuspicious~4,041 issues
S3002 Unary operators "+" and "-" should not be used with objectsconfusing~5 issues
S1226 Function parameters, caught exceptions and foreach variables should not be reassignedmisra, pitfall~1 issue
Multilin. Multiline string literals should not be usedbad-practice~652 issues
S1105 An open curly brace should be located at the end of a lineconvention
S1488 Local Variables should not be declared and then immediately returned or thrownclumsy~2,132 issues
S3723 Trailing commas should be usedconvention
SingleQu. Single quotes should be used for string literalsconvention~2 issues
Trailing. Comments should not be located at the end of lines of codeconvention
MissingN. Files should contain an empty new line at the endconvention~29 issues
S3317 Default export names and file names should matchconfusing, convention, es2015~450 issues
S1301 "switch" statements should have at least 3 "case" clausesbad-practice, misra~1,163 issues
S3499 Shorthand object properties should be grouped at the beginning or end of an object declarationconvention, es2015~385 issues
S3533 "import" should be used to include external codeconvention, es2015, obsolete~23 issues
S3498 Object literal shorthand syntax should be usedconvention, es2015~4 issues
S1126 Return of boolean expressions should not be wrapped into an "if-then-else" statementclumsy~218 issues
S100 Function names should comply with a naming conventionconvention
S3512 Template strings should be used instead of concatenationclumsy, es2015~2 issues
HtmlComm. HTML-style comments should not be usedbad-practice~3 issues
S3514 Destructuring syntax should be used for assignmentsclumsy, es2015
Semicolo. Statements should end with semicolonsconvention~7,243 issues
UnusedVa. Unused local variables and functions should be removedunused~20,440 issues
Continue. "continue" should not be usedbad-practice, misra
S3524 Braces and parentheses should be used consistently with arrow functionsconvention, es2015~19 issues
S2713 JQuery cache variables should comply with a convention nameconvention, jquery
S2138 "undefined" should not be assignedsuspicious~1 issue
Trailing. Lines should not end with trailing whitespacesconvention~3 issues
S1135 Track uses of "TODO" tagscwe~9,496 issues

Back to the top