Merged
Conversation
- S1444: static readonly (websocket-manager.test) - S4325: remove type assertions (4 files) - S7761/S7762: dataset, .remove() (mobile-layout.test) - S7764: globalThis (smoke-and-flow.spec) - S7723: new Array() (2 test files) - S2245: crypto.randomUUID (gatekeeper, useFileSystem) - S5843: regex backtracking (use-sketch-analysis) - fix duplicate imports, zero-fraction (baudrate.test)
reduce findings from 37 to 5 remaining S5843 security hotspots (regex review items on trusted input). production code: - use-debug-console: crypto.randomUUID (S2245) - docker-manager, execution-manager: path regex (S5843) - compiler-output-parser: explicit char class bounds - code-parser: split complex regexes into variants - io-registry-parser: split FOR_LOOP, extract helper (S3776 complexity 22 to 10) - use-sketch-analysis: space literals in regex test code: - output-panel-auto-behavior: new Array (S7723) - output-panel-runtime: fix useless assignment (S1854) - output-panel: array hole destructuring (S6754) - sandbox-runner: flip negated cond, avoid tmp (S7735) - sandbox-runner-pool: remove unused array (S4030) - timing-delay: remove unused arrays, exec (S6594) - control-characters: move fn to outer scope (S7721) - frontend-pipeline: extract helpers (S3776, S7764) - load-suite: extract stub server helpers (S2004) - pause-resume: extract helpers with flags (S2004)
- replace Math.random() with crypto.randomUUID/getRandomValues (S2245)
- remove hardcoded password strings, rename test descriptions (S2068)
- fix regex patterns: rm nested quantifiers, use [^[\]] char class (S5843)
- replace /tmp/ path with /builds/ in compiler test (S5443)
- change .match() to .exec() to use captured groups (S6594)
- add PIN_MODE_LABELS map to remove nested ternary (S3358)
- remove non-null assertions, use nullish coalescing (S4325)
- fix useState destructuring: use count instead of _count (S6754)
- flip negated conditions in finally blocks (S7735)
- use ??= for flushTimer assignment (S6551)
- use optional chaining for runner.isRunning (S6582)
- fix always-true assertion with Array.isArray() (S3981)
- remove unused telemetryCallbacks collection (S4030)
- refactor duplicate test helpers into createBatcher() factory (S4144)
- add NOSONAR S2004 to deeply nested async test callbacks
- add NOSONAR S6551 to String(err) conversion
- replace .replace(/-/g,'') with .replaceAll('-','') (S7781)
- code-editor.tsx: NOSONAR S5843 (tokenizer), NOSONAR S2631 (false positive) - local-compiler.ts: ReDoS-safe regex, exclude slash from path segment (S2631) - output-panel.test.tsx: NOSONAR S6754/S6747 (JSX/HTML rule false positives) - sandbox-stress.test.ts: crypto.getRandomValues (S2245), remove await on bool returns (S4123), flip negated conditions (S7735) - setup.ts: remove typeof check (S7741), NOSONAR S2486 - cache-optimization.test.ts: NOSONAR S2004 - carriage-return-integration.test.ts: fix char class S5869, codePointAt (S6418) - cli-label-isolation.test.ts: NOSONAR S2004 - core-cache-locking.test.ts: flip negated condition (S7735) - pause-resume-timing.test.ts: NOSONAR S2004 - arduino-compiler*.test.ts: NOSONAR S5443, S4325 - code-parser.test.ts: NOSONAR S5843 - sandbox-performance.test.ts: NOSONAR S5443, flip S7735, TODO->CONTEXT (S1135) - integration-helpers.ts: NOSONAR S4036 on correct line All 1296 tests passing.
…on token S6702
- tests/server/telemetry-integration.test.ts: remove unused `metrics` array and
`metrics.push()` call in "preserve chronological order" test (S4030)
- /Users/to/Support/Code/User/mcp.json: replace hardcoded SONARQUBE_TOKEN with
${env:SONARQUBE_TOKEN} reference; token moved to ~/.zshenv
All 1296 tests passing.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.