I'm using SonarQube (v8.9) at work with SonarScanner (v4.2).
I've created two memory leaks, one in Javascript and one in Python. They couldn't be detected from SonarScanner.
These are the snippets:
JS:
beforeMount () {
Window.test = {
name: 'home',
node: document.getElementById('home')
}
}
Python:
import requests
import gc
def call():
response = requests.get('https://google.com')
print("Status code", response.status_code)
return
def main():
print("No.of tracked objects before calling get method")
print(len( gc.get_objects() ) )
call()
print("No.of tracked objects after calling get method")
print(len( gc.get_objects() ) )
if __name__ == "__main__":
main()
The questions are:
- Can SonarQube/SonarScanner detect memory leaks?
- Can a static analyzer detect memory leaks? (Neither Bandit nor Semgrep could detect these)
- Do you have examples of snippets of code that create memory leaks that I can use to test?
Thanks