SonarSource · saberduck · Nov 21, 2024 · Nov 18, 2024
diff --git a/its/ruling/src/test/expected/jsts/file-for-rules/javascript-S1291.json b/its/ruling/src/test/expected/jsts/file-for-rules/javascript-S1291.json
@@ -0,0 +1,6 @@
+{
+"file-for-rules:S1291.js": [
+1,
+2
+]
+}
diff --git a/its/ruling/src/test/expected/jsts/file-for-rules/javascript-S1451.json b/its/ruling/src/test/expected/jsts/file-for-rules/javascript-S1451.json
@@ -2,6 +2,9 @@
 "file-for-rules:S1068.js": [
 0
 ],
+"file-for-rules:S1291.js": [
+0
+],
 "file-for-rules:S1534.js": [
 0
 ],

diff --git a/its/sources/jsts/custom/S1291.js b/its/sources/jsts/custom/S1291.js
@@ -0,0 +1,3 @@
+// NOSONAR
+/* NOSONAR */
+// NOFOOBAR
diff --git a/packages/jsts/src/rules/README.md b/packages/jsts/src/rules/README.md
@@ -286,6 +286,7 @@ If you are a [SonarQube](https://www.sonarqube.org) or [SonarCloud](https://sona
 | [no-self-import](https://sonarsource.github.io/rspec/#/rspec/S7060/javascript)                          | Module should not import itself                                                                                                | ✅  |     | 💡  |     |     |
 | [no-skipped-test](https://sonarsource.github.io/rspec/#/rspec/S1607/javascript)                         | Tests should not be skipped without providing a reason                                                                         | ✅  |     |     |     |     |
 | [no-small-switch](https://sonarsource.github.io/rspec/#/rspec/S1301/javascript)                         | "if" statements should be preferred over "switch" when simpler                                                                 | ✅  |     |     |     |     |
+| [no-sonar-comments](https://sonarsource.github.io/rspec/#/rspec/S1291/javascript)                       | Track uses of "NOSONAR" comments                                                                                               |     |     |     |     |     |
 | [no-tab](https://sonarsource.github.io/rspec/#/rspec/S105/javascript)                                   | Tabulation characters should not be used                                                                                       |     |     |     |     | ❌  |
 | [no-table-as-layout](https://sonarsource.github.io/rspec/#/rspec/S5257/javascript)                      | HTML "&lt;table&gt;" should not be used for layout purposes                                                                    | ✅  |     |     |     |     |
 | [no-this-alias](https://sonarsource.github.io/rspec/#/rspec/S4327/javascript)                           | "this" should not be assigned to variables                                                                                     |     |     |     |     |     |

diff --git a/packages/jsts/src/rules/S1291/index.ts b/packages/jsts/src/rules/S1291/index.ts
@@ -0,0 +1,20 @@
+/*
+ * SonarQube JavaScript Plugin
+ * Copyright (C) 2011-2024 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+export { rule } from './rule.js';
diff --git a/packages/jsts/src/rules/S1291/meta.ts b/packages/jsts/src/rules/S1291/meta.ts
@@ -0,0 +1,33 @@
+/*
+ * SonarQube JavaScript Plugin
+ * Copyright (C) 2011-2024 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+
+// DO NOT EDIT! This file is autogenerated by "npm run generate-meta"
+
+export const meta = {
+  type: 'suggestion',
+  docs: {
+    description: 'Track uses of "NOSONAR" comments',
+    recommended: false,
+    url: 'https://sonarsource.github.io/rspec/#/rspec/S1291/javascript',
+    requiresTypeChecking: false,
+  },
+};
+
+export const sonarKey = 'S1291';
diff --git a/packages/jsts/src/rules/S1291/rule.ts b/packages/jsts/src/rules/S1291/rule.ts
@@ -0,0 +1,58 @@
+/*
+ * SonarQube JavaScript Plugin
+ * Copyright (C) 2011-2024 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+// https://sonarsource.github.io/rspec/#/rspec/S1291
+
+import type { Rule } from 'eslint';
+import { generateMeta } from '../helpers/index.js';
+import { meta } from './meta.js';
+
+const NOSONAR = 'NOSONAR';
+
+export const rule: Rule.RuleModule = {
+  meta: generateMeta(meta as Rule.RuleMetaData, {
+    messages: {
+      noSonar: '"NOSONAR" comments should not be used.',
+    },
+  }),
+  create(context) {
+    return {
+      Program: () => {
+        // Note: The detection of `NOSONAR` comments must be aligned
+        // with the way the analyzer computes the `NOSONAR` metrics.
+        // @see `findNoSonarLines` in `nosonar.ts`
+        const comments = context.sourceCode.getAllComments();
+        for (const comment of comments) {
+          if (!comment.loc) {
+            continue;
+          }
+          const commentValue = comment.value.startsWith('*')
+            ? comment.value.substring(1).trim()
+            : comment.value.trim();
+          if (commentValue.toUpperCase().startsWith(NOSONAR)) {
+            context.report({
+              loc: comment.loc,
+              messageId: 'noSonar',
+            });
+          }
+        }
+      },
+    };
+  },
+};
diff --git a/packages/jsts/src/rules/S1291/unit.test.ts b/packages/jsts/src/rules/S1291/unit.test.ts
@@ -0,0 +1,77 @@
+/*
+ * SonarQube JavaScript Plugin
+ * Copyright (C) 2011-2024 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+import { NodeRuleTester } from '../../../tests/tools/testers/rule-tester.js';
+import { rule } from './index.js';
+
+const ruleTester = new NodeRuleTester({ parserOptions: { ecmaVersion: 2018 } });
+ruleTester.run('"NOSONAR" comments should not be used', rule, {
+  valid: [
+    {
+      code: '//',
+    },
+    {
+      code: '/* */',
+    },
+    {
+      code: '// foo',
+    },
+    {
+      code: '/* foo */',
+    },
+    {
+      code: '// no sonar',
+    },
+    {
+      code: '/* no sonar */',
+    },
+  ],
+  invalid: [
+    {
+      code: '// NOSONAR',
+      errors: [
+        {
+          message: '"NOSONAR" comments should not be used.',
+          line: 1,
+          column: 1,
+        },
+      ],
+    },
+    {
+      code: '// nosonar',
+      errors: 1,
+    },
+    {
+      code: '/* NOSONAR */',
+      errors: 1,
+    },
+    {
+      code: '/* nosonar */',
+      errors: 1,
+    },
+    {
+      code: '// NOSONARSOURCE',
+      errors: 1,
+    },
+    {
+      code: '/* NOSONARSOURCE */',
+      errors: 1,
+    },
+  ],
+});
diff --git a/packages/jsts/src/rules/original.ts b/packages/jsts/src/rules/original.ts
@@ -197,6 +197,7 @@ export { rule as S5863 } from './S5863/index.js'; // no-same-argument-assert
 export { rule as S3972 } from './S3972/index.js'; // no-same-line-conditional
 export { rule as S1607 } from './S1607/index.js'; // no-skipped-tests
 export { rule as S1301 } from './S1301/index.js'; // no-small-switch
+export { rule as S1291 } from './S1291/index.js'; // no-sonar-comments
 export { rule as S105 } from './S105/index.js'; // no-tab
 export { rule as S5257 } from './S5257/index.js'; // no-table-as-layout
 export { rule as S4822 } from './S4822/index.js'; // no-try-promise

diff --git a/packages/jsts/src/rules/plugin.ts b/packages/jsts/src/rules/plugin.ts
@@ -207,6 +207,7 @@ export const rules: Record<string, Rule.RuleModule> = {
   'no-same-line-conditional': originalRules.S3972,
   'no-selector-parameter': originalRules.S2301,
   'no-skipped-test': originalRules.S1607,
+  'no-sonar-comments': originalRules.S1291,
   'no-small-switch': originalRules.S1301,
   'no-tab': originalRules.S105,
   'no-table-as-layout': originalRules.S5257,

diff --git a/sonar-plugin/javascript-checks/src/main/java/org/sonar/javascript/checks/CheckList.java b/sonar-plugin/javascript-checks/src/main/java/org/sonar/javascript/checks/CheckList.java
@@ -328,6 +328,7 @@ public static List<Class<? extends JavaScriptCheck>> getAllChecks() {
       NoSelfCompareCheck.class,
       NoSelfImportCheck.class,
       NoSkippedTestsCheck.class,
+      NoSonarCommentsCheck.class,
       NoSparseArraysCheck.class,
       NoStaticElementInteractionsCheck.class,
       NoStringRefsCheck.class,

diff --git a/...gin/javascript-checks/src/main/java/org/sonar/javascript/checks/NoSonarCommentsCheck.java b/...gin/javascript-checks/src/main/java/org/sonar/javascript/checks/NoSonarCommentsCheck.java
@@ -0,0 +1,32 @@
+/*
+ * SonarQube JavaScript Plugin
+ * Copyright (C) 2011-2024 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+package org.sonar.javascript.checks;
+
+import org.sonar.check.Rule;
+import org.sonar.plugins.javascript.api.Check;
+import org.sonar.plugins.javascript.api.JavaScriptRule;
+import org.sonar.plugins.javascript.api.TypeScriptRule;
+
+@JavaScriptRule
+@TypeScriptRule
+@Rule(key = "S1291")
+public class NoSonarCommentsCheck extends Check {
+
+}
diff --git a/...avascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S1291.html b/...avascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S1291.html
@@ -0,0 +1,5 @@
+<h2>Why is this an issue?</h2>
+<p>Any issue to quality rule can be deactivated with the <code>NOSONAR</code> marker. This marker is pretty useful to exclude false-positive results
+but it can also be used abusively to hide real quality flaws.</p>
+<p>This rule raises an issue when <code>NOSONAR</code> is used.</p>
+
diff --git a/...avascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S1291.json b/...avascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S1291.json
@@ -0,0 +1,27 @@
+{
+  "title": "Track uses of \"NOSONAR\" comments",
+  "type": "CODE_SMELL",
+  "code": {
+    "impacts": {
+      "MAINTAINABILITY": "MEDIUM"
+    },
+    "attribute": "CLEAR"
+  },
+  "status": "ready",
+  "remediation": {
+    "func": "Constant\/Issue",
+    "constantCost": "1min"
+  },
+  "tags": [
+    "bad-practice"
+  ],
+  "defaultSeverity": "Major",
+  "ruleSpecification": "RSPEC-1291",
+  "sqKey": "S1291",
+  "scope": "All",
+  "quickfix": "unknown",
+  "compatibleLanguages": [
+    "JAVASCRIPT",
+    "TYPESCRIPT"
+  ]
+}
-Original file line number
+Diff line change
@@ Expand Up / @@ -2,6 +2,9 @@ @@
     "file-for-rules:S1068.js": [
     ],
+    "file-for-rules:S1291.js": [
+    ],
     "file-for-rules:S1534.js": [
     ],
@@ Expand Down @@