Skip to content

test: verify branch protection with SonarQube #2

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
Lforlinux merged 2 commits into from
Dec 1, 2025
Merged

test: verify branch protection with SonarQube #2

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
6c022c9
test: verify branch protection with SonarQube
lekshmikolappan Dec 1, 2025
cc33921
test: add problematic code to trigger Quality Gate failure
lekshmikolappan Dec 1, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
{
"name": "online-diff-checker",
"private": true,
"version": "0.0.0",
"version": "0.0.1",
"type": "module",
"scripts": {
"dev": "vite",
Expand Down
70 changes: 70 additions & 0 deletions src/utils/testBadCode.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,70 @@
// This file contains intentionally bad code to test SonarQube Quality Gate failure

// Security Issue: Using eval (CRITICAL)
function dangerousEval(userInput) {
return eval(userInput) // Security vulnerability
}

// Security Issue: Hardcoded secret (CRITICAL)
const API_KEY = "sk_live_1234567890abcdef" // Hardcoded secret
const PASSWORD = "admin123" // Hardcoded password

// Code Smell: Unused variable
const unusedVariable = "This is never used"

// Code Smell: Complex function with too many parameters
function complexFunction(param1, param2, param3, param4, param5, param6, param7, param8, param9, param10) {

Check warning on line 16 in src/utils/testBadCode.js

View check run for this annotation

SonarQubeCloud / SonarCloud Code Analysis

Function 'complexFunction' has too many parameters (10). Maximum allowed is 7. 


See more on https://sonarcloud.io/project/issues?id=Lforlinux_diffctl&issues=AZrbkWxXix4m0SbCNvtK&open=AZrbkWxXix4m0SbCNvtK&pullRequest=2
return param1 + param2 + param3 + param4 + param5 + param6 + param7 + param8 + param9 + param10
}

// Bug: Potential null pointer
function processData(data) {
return data.value.toString() // No null check
}

// Code Smell: Duplicate code
function calculateSum1(a, b) {
return a + b
}

function calculateSum2(x, y) {
return x + y // Duplicate of calculateSum1
}

// Security Issue: SQL injection risk (even though it's JS, SonarQube flags patterns)
function buildQuery(userId) {
return `SELECT * FROM users WHERE id = ${userId}` // SQL injection risk pattern
}

// Code Smell: Empty catch block
try {
dangerousOperation()
} catch (error) {
// Empty catch - bad practice
}

Check warning on line 44 in src/utils/testBadCode.js

View check run for this annotation

SonarQubeCloud / SonarCloud Code Analysis

Handle this exception or don't catch it at all. 


See more on https://sonarcloud.io/project/issues?id=Lforlinux_diffctl&issues=AZrbkWxXix4m0SbCNvtL&open=AZrbkWxXix4m0SbCNvtL&pullRequest=2

// Bug: Infinite loop potential
function processItems(items) {
while (true) {

Check failure on line 48 in src/utils/testBadCode.js

View check run for this annotation

SonarQubeCloud / SonarCloud Code Analysis

Correct this loop's end condition to not be invariant. 


See more on https://sonarcloud.io/project/issues?id=Lforlinux_diffctl&issues=AZrbkWxXix4m0SbCNvtM&open=AZrbkWxXix4m0SbCNvtM&pullRequest=2
// No break condition
items.forEach(item => {
console.log(item)
})
}
}

// Code Smell: Too many nested if statements
function nestedHell(condition1, condition2, condition3, condition4) {
if (condition1) {
if (condition2) {
if (condition3) {
if (condition4) {
return "too nested"
}
}
}
}
}

export { dangerousEval, processData, buildQuery, processItems, nestedHell }