Skip to content

test: add multiple bad code files to trigger Quality Gate failure #4

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
Lforlinux wants to merge 2 commits into
base: main
Choose a base branch
from
Open

test: add multiple bad code files to trigger Quality Gate failure #4

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
458b9db
test: add multiple bad code files to trigger Quality Gate failure
lekshmikolappan Dec 1, 2025
5b8c1c3
check commit
lekshmikolappan Dec 2, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
55 changes: 55 additions & 0 deletions src/utils/bugs.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,55 @@
// Bugs and potential runtime errors

// Bug: Potential null pointer exception
export function processUser(user) {
return user.name.toUpperCase() // No null check
}

// Bug: Array access without bounds check
export function getFirstItem(items) {
return items[0].value // Could be undefined
}

// Bug: Division by zero
export function calculateAverage(numbers) {
const sum = numbers.reduce((a, b) => a + b, 0)
return sum / numbers.length // Could divide by zero if array is empty
}

// Bug: Infinite loop potential
export function processItems(items) {
let index = 0
while (index < items.length) {
// Missing index increment - infinite loop!
console.log(items[index])
}
}

// Bug: Type coercion issue
export function compareValues(a, b) {
return a == b // Should use === for strict comparison
}

// Bug: Missing return statement
export function getResult(data) {
if (data) {
return "success"
}
// No return for else case
}

// Bug: Uninitialized variable usage
export function calculateTotal(items) {
let total
items.forEach(item => {
total += item.price // total is undefined initially
})
return total
}

// Bug: Async/await without error handling
export async function fetchUserData(userId) {
const response = await fetch(`/api/users/${userId}`)
return response.json() // No error handling
}

87 changes: 87 additions & 0 deletions src/utils/codeSmells.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,87 @@
// Code smells and maintainability issues

// Code Smell: Unused variables
const unusedVar1 = "never used"
const unusedVar2 = 42
const unusedVar3 = { key: "value" }

// Code Smell: Too many parameters (should be max 7)
export function processUserData(

Check warning on line 9 in src/utils/codeSmells.js

View check run for this annotation

SonarQubeCloud / SonarCloud Code Analysis

Function 'processUserData' has too many parameters (12). Maximum allowed is 7. 


See more on https://sonarcloud.io/project/issues?id=Lforlinux_diffctl&issues=AZrbog7_OmmgFjkdQZpP&open=AZrbog7_OmmgFjkdQZpP&pullRequest=4
firstName,
lastName,
email,
phone,
address,
city,
state,
zipCode,
country,
dateOfBirth,
gender,
occupation
) {
return `${firstName} ${lastName}`
}

// Code Smell: Too complex function (high cyclomatic complexity)
export function complexLogic(a, b, c, d, e) {

Check failure on line 27 in src/utils/codeSmells.js

View check run for this annotation

SonarQubeCloud / SonarCloud Code Analysis

Refactor this function to reduce its Cognitive Complexity from 47 to the 15 allowed. 


See more on https://sonarcloud.io/project/issues?id=Lforlinux_diffctl&issues=AZrbog7_OmmgFjkdQZpQ&open=AZrbog7_OmmgFjkdQZpQ&pullRequest=4
if (a > 0) {
if (b < 10) {
if (c === "test") {
if (d !== null) {
if (e.length > 5) {
if (a + b > 15) {
if (c.includes("x")) {
if (d.value > 100) {
if (e[0] === "a") {
return "too nested"
} else {
return "else branch"
}
} else {
return "another else"
}
}
}
}
}
}
}
}
return "default"
}

// Code Smell: Empty catch block
export function riskyOperation() {
try {
dangerousFunction()
} catch (error) {
// Silently ignore errors - bad practice
}

Check warning on line 60 in src/utils/codeSmells.js

View check run for this annotation

SonarQubeCloud / SonarCloud Code Analysis

Handle this exception or don't catch it at all. 


See more on https://sonarcloud.io/project/issues?id=Lforlinux_diffctl&issues=AZrbog7_OmmgFjkdQZpR&open=AZrbog7_OmmgFjkdQZpR&pullRequest=4
}

// Code Smell: Magic numbers
export function calculatePrice(quantity) {
return quantity * 19.99 // What is 19.99?
}

// Code Smell: Long function (should be < 50 lines)
export function veryLongFunction() {
const step1 = "do something"
const step2 = "do something else"
const step3 = "do another thing"
const step4 = "continue processing"
const step5 = "more processing"
const step6 = "even more"
const step7 = "keep going"
const step8 = "almost done"
const step9 = "final step"
const step10 = "one more"
const step11 = "another one"
const step12 = "last step"
const step13 = "really last"
const step14 = "final"
const step15 = "done"
return step1 + step2 + step3 + step4 + step5 + step6 + step7 + step8 + step9 + step10 + step11 + step12 + step13 + step14 + step15
}

54 changes: 54 additions & 0 deletions src/utils/duplication.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,54 @@
// Code duplication issues

// Duplicate code block 1
export function formatName1(first, last) {
const trimmedFirst = first.trim()
const trimmedLast = last.trim()
const capitalizedFirst = trimmedFirst.charAt(0).toUpperCase() + trimmedFirst.slice(1)
const capitalizedLast = trimmedLast.charAt(0).toUpperCase() + trimmedLast.slice(1)
return `${capitalizedFirst} ${capitalizedLast}`
}

// Duplicate code block 2 (same logic as formatName1)
export function formatName2(first, last) {

Check warning on line 13 in src/utils/duplication.js

View check run for this annotation

SonarQubeCloud / SonarCloud Code Analysis

Update this function so that its implementation is not identical to the one on line 4. 


See more on https://sonarcloud.io/project/issues?id=Lforlinux_diffctl&issues=AZrbog6IOmmgFjkdQZpI&open=AZrbog6IOmmgFjkdQZpI&pullRequest=4
const trimmedFirst = first.trim()
const trimmedLast = last.trim()
const capitalizedFirst = trimmedFirst.charAt(0).toUpperCase() + trimmedFirst.slice(1)
const capitalizedLast = trimmedLast.charAt(0).toUpperCase() + trimmedLast.slice(1)
return `${capitalizedFirst} ${capitalizedLast}`
}

// Duplicate code block 3 (same logic again)
export function formatName3(first, last) {

Check warning on line 22 in src/utils/duplication.js

View check run for this annotation

SonarQubeCloud / SonarCloud Code Analysis

Update this function so that its implementation is not identical to the one on line 4. 


See more on https://sonarcloud.io/project/issues?id=Lforlinux_diffctl&issues=AZrbog6IOmmgFjkdQZpJ&open=AZrbog6IOmmgFjkdQZpJ&pullRequest=4
const trimmedFirst = first.trim()
const trimmedLast = last.trim()
const capitalizedFirst = trimmedFirst.charAt(0).toUpperCase() + trimmedFirst.slice(1)
const capitalizedLast = trimmedLast.charAt(0).toUpperCase() + trimmedLast.slice(1)
return `${capitalizedFirst} ${capitalizedLast}`
}

// Another duplicate pattern
export function validateEmail1(email) {
if (!email) return false
if (email.length < 5) return false
if (!email.includes("@")) return false
if (!email.includes(".")) return false
return true
}

export function validateEmail2(email) {

Check warning on line 39 in src/utils/duplication.js

View check run for this annotation

SonarQubeCloud / SonarCloud Code Analysis

Update this function so that its implementation is not identical to the one on line 31. 


See more on https://sonarcloud.io/project/issues?id=Lforlinux_diffctl&issues=AZrbog6IOmmgFjkdQZpK&open=AZrbog6IOmmgFjkdQZpK&pullRequest=4
if (!email) return false
if (email.length < 5) return false
if (!email.includes("@")) return false
if (!email.includes(".")) return false
return true
}

export function validateEmail3(email) {

Check warning on line 47 in src/utils/duplication.js

View check run for this annotation

SonarQubeCloud / SonarCloud Code Analysis

Update this function so that its implementation is not identical to the one on line 31. 


See more on https://sonarcloud.io/project/issues?id=Lforlinux_diffctl&issues=AZrbog6IOmmgFjkdQZpL&open=AZrbog6IOmmgFjkdQZpL&pullRequest=4
if (!email) return false
if (email.length < 5) return false
if (!email.includes("@")) return false
if (!email.includes(".")) return false
return true
}

32 changes: 32 additions & 0 deletions src/utils/securityIssues.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
// Security vulnerabilities to trigger Quality Gate failure

// CRITICAL: Using eval() - Code injection vulnerability
export function executeUserCode(userInput) {
return eval(userInput) // CRITICAL SECURITY ISSUE
}

// CRITICAL: Hardcoded secrets
export const DATABASE_PASSWORD = "SuperSecret123!"
export const API_SECRET_KEY = "FAKE_SECRET_KEY_FOR_TESTING_ONLY_12345"
export const JWT_SECRET = "my-secret-key-12345"

// CRITICAL: SQL Injection pattern
export function getUserData(userId) {
const query = `SELECT * FROM users WHERE id = ${userId}` // SQL injection risk
return query
}

// CRITICAL: XSS vulnerability pattern
export function renderUserContent(content) {
return `<div>${content}</div>` // XSS risk - no sanitization
}

// HIGH: Weak cryptography
export function hashPassword(password) {
return btoa(password) // Base64 is not encryption!
}

// HIGH: Insecure random number generation
export function generateToken() {
return Math.random().toString() // Not cryptographically secure
}