From 8954db60ca786600f131e6011c6c8e5c99d321b1 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 28 Nov 2023 16:59:46 +0100 Subject: [PATCH 1/3] Create rule S6861: Mutable variables should not be exported (#3467) * Create rule S6861 * Update metadata and description * Update rules/S6861/javascript/rule.adoc Co-authored-by: Ilia Kebets <104737176+ilia-kebets-sonarsource@users.noreply.github.com> --------- Co-authored-by: yassin-kammoun-sonarsource Co-authored-by: yassin-kammoun-sonarsource Co-authored-by: Yassin Kammoun <52890329+yassin-kammoun-sonarsource@users.noreply.github.com> Co-authored-by: Ilia Kebets <104737176+ilia-kebets-sonarsource@users.noreply.github.com> --- rules/S6861/javascript/metadata.json | 24 +++++++++++++ rules/S6861/javascript/rule.adoc | 51 ++++++++++++++++++++++++++++ rules/S6861/metadata.json | 2 ++ 3 files changed, 77 insertions(+) create mode 100644 rules/S6861/javascript/metadata.json create mode 100644 rules/S6861/javascript/rule.adoc create mode 100644 rules/S6861/metadata.json diff --git a/rules/S6861/javascript/metadata.json b/rules/S6861/javascript/metadata.json new file mode 100644 index 00000000000..72ccd7c2cb1 --- /dev/null +++ b/rules/S6861/javascript/metadata.json @@ -0,0 +1,24 @@ +{ + "title": "Mutable variables should not be exported", + "type": "CODE_SMELL", + "status": "ready", + "remediation": { + "func": "Constant\/Issue", + "constantCost": "5min" + }, + "tags": [ + ], + "defaultSeverity": "Major", + "ruleSpecification": "RSPEC-6861", + "sqKey": "S6861", + "scope": "All", + "defaultQualityProfiles": ["Sonar way"], + "quickfix": "infeasible", + "code": { + "impacts": { + "MAINTAINABILITY": "HIGH", + "RELIABILITY": "MEDIUM" + }, + "attribute": "CONVENTIONAL" + } +} diff --git a/rules/S6861/javascript/rule.adoc b/rules/S6861/javascript/rule.adoc new file mode 100644 index 00000000000..ab17e84e44e --- /dev/null +++ b/rules/S6861/javascript/rule.adoc @@ -0,0 +1,51 @@ +== Why is this an issue? + +In JavaScript, a mutable variable is one whose value can be changed after it has been initially set. This is in contrast to immutable variables, whose values cannot be changed once they are set. + +Exporting mutable variables can lead to unpredictable behavior and bugs in your code. This is because any module that imports the variable can change its value. If multiple modules import and change the value of the same variable, it can become difficult to track what the current value of the variable is and which module changed it last. + +== How to fix it + +If the value of the variable does not need to change, you can declare it as a constant using the ``++const++`` keyword. Alternatively, if you have a group of related variables that need to be mutable, consider using a class to encapsulate them. You can then export an instance of the class, or a factory function that creates instances of the class. + +=== Code examples + +==== Noncompliant code example + +[source,javascript] +---- +let mutableVar = "initial value"; + +export { mutableVar }; // Noncompliant +---- + +==== Compliant solution + +[source,javascript] +---- +const immutableVar = "constant value"; +export { immutableVar }; +---- + +or + +[source,javascript] +---- +class MyClass { + constructor() { + this.mutableVar = "initial value"; + } +} + +export function createMyClass() { + return new MyClass(); +} +---- + +== Resources +=== Documentation + +* MDN web docs - https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Statements/let[let] +* MDN web docs - https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Statements/const[const] +* MDN web docs - https://developer.mozilla.org/en-US/docs/Glossary/Mutable[Mutable] +* MDN web docs - https://developer.mozilla.org/en-US/docs/Glossary/Immutable[Immutable] diff --git a/rules/S6861/metadata.json b/rules/S6861/metadata.json new file mode 100644 index 00000000000..2c63c085104 --- /dev/null +++ b/rules/S6861/metadata.json @@ -0,0 +1,2 @@ +{ +} From 78c83870e6e2023bf146b946e983dd2770d44a8c Mon Sep 17 00:00:00 2001 From: Arseniy Zaostrovnykh Date: Tue, 28 Nov 2023 22:41:39 +0100 Subject: [PATCH 2/3] Modify rule S3743(cfamily): remove a dead link --- rules/S3743/cfamily/rule.adoc | 6 ------ 1 file changed, 6 deletions(-) diff --git a/rules/S3743/cfamily/rule.adoc b/rules/S3743/cfamily/rule.adoc index 4e33095aad1..b07cdfb9352 100644 --- a/rules/S3743/cfamily/rule.adoc +++ b/rules/S3743/cfamily/rule.adoc @@ -91,12 +91,6 @@ void init() noexcept(true) { // compliant because ... Destructors are not handled by this rule because there is a specific rule about exceptions in destructors (see ExceptionInDestructor). - -== Resources - -* https://www.hlsl.co.uk/blog/2017/12/1/c-noexcept-and-move-constructors-effect-on-performance-in-stl-containers[{cpp} noexcept and move constructors effect on performance in STL containers] - - ifdef::env-github,rspecator-view[] ''' From 20f66a35e9abf49f3363e66d7d5360c820cea389 Mon Sep 17 00:00:00 2001 From: SonarTech Date: Wed, 29 Nov 2023 00:32:34 +0000 Subject: [PATCH 3/3] update coverage information --- frontend/public/covered_rules.json | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/frontend/public/covered_rules.json b/frontend/public/covered_rules.json index 54abf8ca416..52c8c113e5c 100644 --- a/frontend/public/covered_rules.json +++ b/frontend/public/covered_rules.json @@ -3605,6 +3605,8 @@ "S6853": "SonarJS 10.10.0.24774", "S6854": "SonarJS 10.10.0.24774", "S6855": "SonarJS 10.10.0.24774", + "S6859": "SonarJS master", + "S6861": "SonarJS master", "S878": "SonarJS 3.3.0.5702", "S881": "SonarJS 3.3.0.5702", "S888": "SonarJS 3.3.0.5702", @@ -5807,6 +5809,8 @@ "S6853": "SonarJS 10.10.0.24774", "S6854": "SonarJS 10.10.0.24774", "S6855": "SonarJS 10.10.0.24774", + "S6859": "SonarJS master", + "S6861": "SonarJS master", "S878": "SonarJS 6.0.0.9595", "S881": "SonarJS 6.1.0.11503", "S888": "SonarJS 6.2.0.12043",