Fix Security and Reliability issues on SonarQube (#1623)

* fix sonarqube issues

Author: ethanzhouyc

docs/api.md

@@ -19046,6 +19046,7 @@ back into a JS integer.
     * [~disable(testName)](#module_JS API_ random utilities..disable)
     * [~collectJsonData(jsonFile)](#module_JS API_ random utilities..collectJsonData)
     * [~patternFormat(pattern, data)](#module_JS API_ random utilities..patternFormat)
+    * [~toErrorObject(err, message)](#module_JS API_ random utilities..toErrorObject) ⇒ <code>Error</code>
 
 <a name="module_JS API_ random utilities..checksum"></a>
 
@@ -19331,6 +19332,19 @@ For example, if pattern is "{a}" and data.a is 1, then this prints out "1".
 | pattern | <code>\*</code> | 
 | data | <code>\*</code> | 
 
+<a name="module_JS API_ random utilities..toErrorObject"></a>
+
+### JS API: random utilities~toErrorObject(err, message) ⇒ <code>Error</code>
+Wraps a non-error object into an Error object.
+If message is provided, it will be used as the error message.
+
+**Kind**: inner method of [<code>JS API: random utilities</code>](#module_JS API_ random utilities)  
+
+| Param | Type | Default |
+| --- | --- | --- |
+| err | <code>\*</code> |  | 
+| message | <code>\*</code> | <code></code> | 
+
 <a name="module_REST API_ various zcl utilities"></a>
 
 ## REST API: various zcl utilities

sonar-project.properties

@@ -17,3 +17,6 @@ sonar.javascript.lcov.reportPaths=jest-coverage/lcov.info,cypress-coverage/lcov.
 sonar.host.url=https://sonarqube.silabs.net
 sonar.token=put your token here which can be created from the above url
 # sonar.plsql.jdbc.url=test/.zap/test-server.sqlite
+
+# To create a different branch or upload results to it, replace 'master' with your branch name.
+sonar.branch.name=master

src-electron/db/db-api.js

@@ -49,7 +49,7 @@ function executeBeginTransaction(db, resolve, reject) {
   db.run('BEGIN TRANSACTION', [], function (err) {
     if (err) {
       env.logError('Failed to BEGIN TRANSACTION')
-      reject(err)
+      reject(util.toErrorObject(err))
     } else {
       env.logSql('Executed BEGIN TRANSACTION')
       resolve()
@@ -69,7 +69,11 @@ function delayBeginTransaction(db, resolve, reject) {
     if (inTransaction) {
       cnt++
       if (cnt > 100) {
-        reject('Waited for 10s for transaction to relinquish, but it did not.')
+        reject(
+          util.toErrorObject(
+            'Waited for 10s for transaction to relinquish, but it did not.'
+          )
+        )
       }
     } else {
       clearInterval(interval)
@@ -117,7 +121,7 @@ async function dbCommit(db) {
     db.run('COMMIT', [], function (err) {
       if (err) {
         env.logError('Failed to COMMIT')
-        reject(err)
+        reject(util.toErrorObject(err))
       } else {
         env.logSql('Executed COMMIT')
         inTransaction = false
@@ -149,7 +153,7 @@ async function dbRollback(db) {
     db.run('ROLLBACK', [], function (err) {
       if (err) {
         env.logError('Failed to ROLLBACK')
-        reject(err)
+        reject(util.toErrorObject(err))
       } else {
         env.logSql('Executed ROLLBACK')
         inTransaction = false
@@ -173,7 +177,7 @@ async function dbRemove(db, query, args) {
     db.run(query, args, function (err) {
       if (err) {
         env.logError(`Failed remove: ${query}: ${args}`)
-        reject(err)
+        reject(util.toErrorObject(err))
       } else {
         env.logSql('Executed remove', query, args)
         resolve(this.changes)
@@ -196,7 +200,7 @@ async function dbUpdate(db, query, args) {
     db.run(query, args, function (err) {
       if (err) {
         env.logError(`Failed update: ${query}: ${args}`)
-        reject(err)
+        reject(util.toErrorObject(err))
       } else {
         env.logSql('Executed update', query, args)
         resolve(this.changes)
@@ -219,7 +223,7 @@ async function dbInsert(db, query, args) {
     db.run(query, args, function (err) {
       if (err) {
         env.logError(`Failed insert: ${query}: ${args} : ${err}`)
-        reject(err)
+        reject(util.toErrorObject(err))
       } else {
         env.logSql('Executed insert', query, args)
         resolve(this.lastID)
@@ -242,7 +246,7 @@ async function dbAll(db, query, args) {
     db.all(query, args, (err, rows) => {
       if (err) {
         env.logError(`Failed all: ${query}: ${args} : ${err}`)
-        reject(err)
+        reject(util.toErrorObject(err))
       } else {
         env.logSql('Executed all', query, args)
         resolve(rows)
@@ -265,7 +269,7 @@ async function dbGet(db, query, args, reportError = true) {
     db.get(query, args, (err, row) => {
       if (err) {
         if (reportError) env.logError(`Failed get: ${query}: ${args} : ${err}`)
-        reject(err)
+        reject(util.toErrorObject(err))
       } else {
         env.logSql('Executed get', query, args)
         resolve(row)
@@ -287,19 +291,19 @@ async function dbMultiSelect(db, sql, arrayOfArrays) {
     env.logSql('Preparing select', sql, arrayOfArrays.length)
     let rows = []
     let statement = db.prepare(sql, function (err) {
-      if (err) reject(err)
+      if (err) reject(util.toErrorObject(err))
       for (const singleArray of arrayOfArrays) {
         statement.get(singleArray, (err2, row) => {
           if (err2) {
-            reject(err2)
+            reject(util.toErrorObject(err2))
           } else {
             rows.push(row)
           }
         })
       }
       statement.finalize((err3) => {
         if (err3) {
-          reject(err3)
+          reject(util.toErrorObject(err3))
         } else {
           resolve(rows)
         }
@@ -323,25 +327,32 @@ async function dbMultiInsert(db, sql, arrayOfArrays) {
     env.logSql('Preparing insert', sql, arrayOfArrays.length)
     let lastIds = []
     let statement = db.prepare(sql, function (err) {
-      if (err)
-        reject('Error while preparing sql statement: ' + sql + ', ' + err)
+      if (err) {
+        let errMessage =
+          'Error while preparing sql statement: ' + sql + ', ' + err
+        reject(util.toErrorObject(err, errMessage))
+      }
       for (const singleArray of arrayOfArrays) {
         statement.run(singleArray, (err2) => {
-          if (err2)
-            reject(
+          if (err2) {
+            let err2Message =
               'Error while running sql statement: ' +
-                sql +
-                ', values: ' +
-                singleArray +
-                ', ' +
-                err2
-            )
+              sql +
+              ', values: ' +
+              singleArray +
+              ', ' +
+              err2
+            reject(util.toErrorObject(err2, err2Message))
+          }
           lastIds.push(this.lastID)
         })
       }
       statement.finalize((err3) => {
-        if (err3)
-          reject('Error while finalizing sql statement: ' + sql + ', ' + err3)
+        if (err3) {
+          let err3Message =
+            'Error while finalizing sql statement: ' + sql + ', ' + err3
+          reject(util.toErrorObject(err3, err3Message))
+        }
         resolve(lastIds)
       })
     })
@@ -362,7 +373,7 @@ async function closeDatabase(database) {
   return new Promise((resolve, reject) => {
     env.logSql('About to close database.')
     database.close((err) => {
-      if (err) return reject(err)
+      if (err) return reject(util.toErrorObject(err))
       env.logSql('Database is closed.')
       resolve()
     })
@@ -395,7 +406,7 @@ async function initRamDatabase() {
   return new Promise((resolve, reject) => {
     let db = new sqlite.Database(':memory:', (err) => {
       if (err) {
-        reject(err)
+        reject(util.toErrorObject(err))
       } else {
         env.logSql(`Connected to the RAM database.`)
         resolve(db)
@@ -416,7 +427,7 @@ async function initDatabase(sqlitePath) {
   return new Promise((resolve, reject) => {
     let db = new sqlite.Database(sqlitePath, (err) => {
       if (err) {
-        reject(err)
+        reject(util.toErrorObject(err))
       } else {
         env.logSql(`Connected to the database at: ${sqlitePath}`)
         resolve(db)
@@ -531,7 +542,7 @@ async function performSchemaLoad(db, schemaContent) {
         if (err) {
           env.logError('Failed to populate schema')
           env.logError(err)
-          reject(err)
+          reject(util.toErrorObject(err))
         }
         resolve()
       })

src-electron/db/query-config.js

@@ -230,7 +230,7 @@ async function insertOrUpdateAttributeState(
       )
     // only set featureMap bit to 1 for mandatory features
     let featureMapBitsToBeEnabled = featuresOnEndpointTypeAndCluster
-      .filter((f) => f.conformance == dbEnum.conformance.mandatory)
+      .filter((f) => f.conformance == dbEnum.conformanceTag.mandatory)
       .map((f) => f.featureBit)
     featureMapBitsToBeEnabled.forEach(
       (featureBit) =>

src-electron/db/query-loader.js

@@ -796,7 +796,10 @@ async function insertClusterExtensions(db, packageId, knownPackages, data) {
   let pAttribute = insertAttributes(db, packageId, attributes)
   let pEvent = insertEvents(db, packageId, events)
   return Promise.all([pCommand, pAttribute, pEvent]).catch((err) => {
-    if (err.includes('SQLITE_CONSTRAINT') && err.includes('UNIQUE')) {
+    if (
+      err.message.includes('SQLITE_CONSTRAINT') &&
+      err.message.includes('UNIQUE')
+    ) {
       env.logDebug(
         `CRC match for file with package id ${packageId}, skipping parsing.`
       )

src-electron/generator/generation-engine.js

@@ -952,7 +952,9 @@ async function generateGenerationContent(genResult, timing = {}) {
     timing: timing,
     stats: {}
   }
-  for (const f of Object.keys(genResult.content).sort()) {
+  for (const f of Object.keys(genResult.content).sort((a, b) =>
+    a.localeCompare(b)
+  )) {
     out.content.push(f)
   }
   return Promise.resolve(JSON.stringify(out, null, 2))

src-electron/generator/matter/app/zap-templates/common/ClusterTestGeneration.js

@@ -617,7 +617,10 @@ function assertCommandOrAttributeOrEvent(context) {
       filterName = context.event;
       items = getEvents(context, clusterName);
     } else {
-      printErrorAndExit(context, 'Unsupported command type: ', context);
+      printErrorAndExit(
+        context,
+        `Unsupported command type: ${JSON.stringify(context)}`
+      );
     }
 
     return items.then((items) => {

src-electron/generator/matter/app/zap-templates/templates/app/helper.js

@@ -207,7 +207,9 @@ function chip_endpoint_generated_commands_list(options) {
       }
     });
 
-    generatedCommands = [...new Set(generatedCommands)].sort();
+    generatedCommands = [...new Set(generatedCommands)].sort((a, b) =>
+      a.localeCompare(b)
+    );
 
     if (acceptedCommands.length > 0 || generatedCommands.length > 0) {
       ret.push({ text: `  /* ${c.comment} */\\` });

src-electron/generator/matter/controller/java/templates/helper.js

@@ -121,10 +121,7 @@ function asJniBasicType(type, useBoxedTypes) {
     return zclHelper.asUnderlyingZclType
       .call(this, type, options)
       .then((zclType) => {
-        return convertBasicCTypeToJniType(
-          ChipTypesHelper.asBasicType(zclType),
-          false
-        );
+        return convertBasicCTypeToJniType(ChipTypesHelper.asBasicType(zclType));
       });
   }
 

src-electron/generator/matter/darwin/Framework/CHIP/templates/helper.js

@@ -766,8 +766,7 @@ async function availabilityHelper(clusterName, language, options) {
     const provisionalRelease = findProvisionalRelease(
       this.global,
       clusterName,
-      options,
-      'provisional'
+      options
     );
     if (!provisionalRelease) {
       console.log(
@@ -1007,7 +1006,7 @@ function findReleaseForPathOrAncestorAndSection(
   const data = fetchAvailabilityData(global);
   let path = makeAvailabilityPath(cluster, options);
 
-  while (path !== undefined) {
+  while (path != undefined) {
     let foundRelease = findReleaseForPath(data, [section, ...path], options);
     if (foundRelease !== undefined) {
       return { release: foundRelease, path: path };
@@ -1134,7 +1133,7 @@ function isProvisional(cluster, options) {
     return false;
   }
 
-  while (path !== undefined) {
+  while (path != undefined) {
     let comparisonStatus = compareIntroductionToReferenceRelease(
       this.global,
       path,