search

xt / react-nitro-essentials

The extensions pack of essential extensions for building react apps
2 stars 1 forks source link

SonarLint discussion #1

Open Roustalski opened 5 years ago

Roustalski commented 5 years ago

Hi,

I have your extension pack installed but have run across an issue with SonarLint. There isn't currently a way to disable a particular rule, even though I find the code analysis very helpful.

As an example:

// Typescript snippet

import { IHookProperties, setDefault } from "ts-log-class";

setDefault({
  hook: (logProps: IHookProperties) => {
    if (logProps.arguments.hasOwnProperty("user")) {
      const user: any = JSON.parse(logProps.arguments.user);
      // @SupressWarnings("all")
      user.password = "[secret]";
      logProps.arguments.user = JSON.stringify(user);
    }
    return JSON.stringify(logProps);
  },
  out: (message?: any, ...optionalParameters: any[]) => {
    Logging.Logger.debug(message, optionalParameters);
  }
});

In this case I need to suppress the error Credentials should not be hard-coded (typescript:S2068) because one, it is a copy of the object, and two it prevents the password from being printed/logged in my cloud provider. Since there is no way to currently suppress this and any other errors that are false positives, should we consider temporarily removing SonarLint from the pack?

Roustalski commented 5 years ago

FYI, I started a discussion on the Sonar community forum and also commented on the Epic over the VSCode extension.