Merge branch 'master' into issue-4242

its/ruling/src/test/expected/jsts/desktop/typescript-S6811.json

@@ -0,0 +1,5 @@
+{
+"desktop:app/src/ui/changes/changes-list.tsx": [
+851
+]
+}

its/ruling/src/test/expected/jsts/file-for-rules/javascript-S1451.json

@@ -179,6 +179,9 @@
 "file-for-rules:S6766.js": [
 0
 ],
+"file-for-rules:S6793.js": [
+0
+],
 "file-for-rules:S6807.js": [
 0
 ],

its/ruling/src/test/expected/jsts/file-for-rules/javascript-S3798.json

@@ -56,6 +56,9 @@
 "file-for-rules:S6766.js": [
 2
 ],
+"file-for-rules:S6793.js": [
+2
+],
 "file-for-rules:S6807.js": [
 2
 ],

its/ruling/src/test/expected/jsts/file-for-rules/javascript-S6793.json

@@ -0,0 +1,5 @@
+{
+"file-for-rules:S6793.js": [
+4
+]
+}

its/sources/jsts/custom/S6793.js

@@ -0,0 +1,6 @@
+import React from 'react';
+function MyComponent(){
+  return (
+    <div aria-hidden="ok">Hello Foo Bar baz</div>
+  );
+}

sonar-plugin/javascript-checks/src/main/java/org/sonar/javascript/checks/AriaProptypesCheck.java

@@ -0,0 +1,36 @@
+/**
+ * SonarQube JavaScript Plugin
+ * Copyright (C) 2011-2023 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+package org.sonar.javascript.checks;
+
+import org.sonar.check.Rule;
+import org.sonar.plugins.javascript.api.EslintBasedCheck;
+import org.sonar.plugins.javascript.api.JavaScriptRule;
+import org.sonar.plugins.javascript.api.TypeScriptRule;
+
+@TypeScriptRule
+@JavaScriptRule
+@Rule(key = "S6793")
+public class AriaProptypesCheck implements EslintBasedCheck {
+
+  @Override
+  public String eslintKey() {
+    return "aria-proptypes";
+  }
+}

sonar-plugin/javascript-checks/src/main/java/org/sonar/javascript/checks/CheckList.java

@@ -65,6 +65,7 @@ public static List<Class<? extends JavaScriptCheck>> getAllChecks() {
       ArgumentTypesCheck.class,
       ArgumentsCallerCalleeUsageCheck.class,
       ArgumentsUsageCheck.class,
+      AriaProptypesCheck.class,
       ArithmeticOperationReturningNanCheck.class,
       ArrayCallbackWithoutReturnCheck.class,
       ArrayConstructorsCheck.class,
@@ -373,6 +374,7 @@ public static List<Class<? extends JavaScriptCheck>> getAllChecks() {
       ReturnInSetterCheck.class,
       ReturnOfBooleanExpressionCheck.class,
       RoleHasRequiredAriaPropsCheck.class,
+      RoleSupportsAriaPropsCheck.class,
       RulesOfHooksCheck.class,
       SameLineConditionalCheck.class,
       SelfAssignmentCheck.class,

sonar-plugin/javascript-checks/src/main/java/org/sonar/javascript/checks/RoleSupportsAriaPropsCheck.java

@@ -0,0 +1,36 @@
+/**
+ * SonarQube JavaScript Plugin
+ * Copyright (C) 2011-2023 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+package org.sonar.javascript.checks;
+
+import org.sonar.check.Rule;
+import org.sonar.plugins.javascript.api.EslintBasedCheck;
+import org.sonar.plugins.javascript.api.JavaScriptRule;
+import org.sonar.plugins.javascript.api.TypeScriptRule;
+
+@TypeScriptRule
+@JavaScriptRule
+@Rule(key = "S6811")
+public class RoleSupportsAriaPropsCheck implements EslintBasedCheck {
+
+  @Override
+  public String eslintKey() {
+    return "role-supports-aria-props";
+  }
+}

sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6793.html

@@ -0,0 +1,30 @@
+<h2>Why is this an issue?</h2>
+<p>ARIA (Accessible Rich Internet Applications) attributes are used to enhance the accessibility of web content and web applications. These attributes
+provide additional information about an element’s role, state, properties, and values to assistive technologies like screen readers.</p>
+<p>Each role in ARIA has a set of required attributes that must be included for the role to be properly understood by assistive technologies. These
+attributes are known as "required aria-* properties".</p>
+<p>For example, if an element has a role of "checkbox", it must also include the aria-checked property. This property indicates whether the checkbox
+is checked (true), unchecked (false), or in a mixed state (mixed).</p>
+<p>This rules checks that each element with a defined ARIA role also has all required attributes.</p>
+<h2>How to fix it in JSX</h2>
+<p>Check that each element with a defined ARIA role also has all required attributes.</p>
+<pre data-diff-id="1" data-diff-type="noncompliant">
+&lt;div role="checkbox"&gt;Unchecked&lt;/div&gt; {/* Noncompliant: aria-checked is missing */}
+</pre>
+<p>To fix the code add missing aria-* attributes.</p>
+<pre data-diff-id="1" data-diff-type="compliant">
+&lt;div role="checkbox" aria-checked={isChecked}&gt;Unchecked&lt;/div&gt;
+</pre>
+<h2>Resources</h2>
+<h3>Documentation</h3>
+<ul>
+  <li> <a href="https://developer.mozilla.org/en-US/docs/Web/Accessibility/ARIA/ARIA_Techniques">MDN - Using ARIA: Roles, states, and properties</a>
+  </li>
+  <li> <a href="https://developer.mozilla.org/en-US/docs/Web/Accessibility/ARIA/Roles">MDN - ARIA roles (Reference)</a> </li>
+  <li> <a href="https://developer.mozilla.org/en-US/docs/Web/Accessibility/ARIA/Attributes">MDN - ARIA states and properties (Reference)</a> </li>
+</ul>
+<h3>Standards</h3>
+<ul>
+  <li> <a href="https://www.w3.org/TR/wai-aria-1.2/">W3C - Accessible Rich Internet Applications (WAI-ARIA) 1.2</a> </li>
+</ul>
+

sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6793.json

@@ -0,0 +1,30 @@
+{
+  "title": "ARIA properties in DOM elements should have valid values",
+  "type": "CODE_SMELL",
+  "status": "ready",
+  "remediation": {
+    "func": "Constant\/Issue",
+    "constantCost": "5min"
+  },
+  "tags": [
+    "react",
+    "a11y"
+  ],
+  "defaultSeverity": "Major",
+  "ruleSpecification": "RSPEC-6793",
+  "sqKey": "S6793",
+  "scope": "All",
+  "defaultQualityProfiles": ["Sonar way"],
+  "quickfix": "infeasible",
+  "code": {
+    "impacts": {
+      "MAINTAINABILITY": "LOW",
+      "RELIABILITY": "MEDIUM"
+    },
+    "attribute": "LOGICAL"
+  },
+  "compatibleLanguages": [
+    "JAVASCRIPT",
+    "TYPESCRIPT"
+  ]
+}

sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6811.html

@@ -0,0 +1,31 @@
+<h2>Why is this an issue?</h2>
+<p>ARIA properties, also known as "aria-* properties", are special attributes used in HTML to enhance the accessibility of web elements. They provide
+additional semantics to help assistive technologies, like screen readers, interpret the element.</p>
+<p>Roles, on the other hand, define what an element is or does in the context of a web page. Some elements have explicit roles, which are directly
+defined by the developer. For example, a div element might be given a role of "button". Other elements have implicit roles, which are inferred based
+on the type of the element. For example, an anchor tag &lt;a href="#" /&gt; has an implicit role of "link".</p>
+<p>This rule ensures that the ARIA properties used on an element are ones that are supported by the role of that element. For instance, the ARIA
+property <code>aria-required</code> is not supported by the role <code>link</code>. Therefore, using <code>aria-required</code> on an anchor tag would
+violate this rule.</p>
+<h2>How to fix it in JSX</h2>
+<p>Check the spelling of the aria-* attributes and verify that they are actually supported by the element role.</p>
+<pre data-diff-id="1" data-diff-type="noncompliant">
+&lt;div role="checkbox" aria-chekd={isChecked}&gt;Unchecked&lt;/div&gt; {/* Noncompliant: aria-chekd is not supported */}
+</pre>
+<p>To fix the code remove non-compatible attributes or replace them with the correct ones.</p>
+<pre data-diff-id="1" data-diff-type="compliant">
+&lt;div role="checkbox" aria-checked={isChecked}&gt;Unchecked&lt;/div&gt;
+</pre>
+<h2>Resources</h2>
+<h3>Documentation</h3>
+<ul>
+  <li> <a href="https://developer.mozilla.org/en-US/docs/Web/Accessibility/ARIA/ARIA_Techniques">MDN - Using ARIA: Roles, states, and properties</a>
+  </li>
+  <li> <a href="https://developer.mozilla.org/en-US/docs/Web/Accessibility/ARIA/Attributes">MDN - ARIA states and properties (Reference)</a> </li>
+  <li> <a href="https://developer.mozilla.org/en-US/docs/Web/Accessibility/ARIA/Roles">MDN - ARIA roles (Reference)</a> </li>
+</ul>
+<h3>Standards</h3>
+<ul>
+  <li> <a href="https://www.w3.org/TR/wai-aria-1.2/">W3C - Accessible Rich Internet Applications (WAI-ARIA) 1.2</a> </li>
+</ul>
+

sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/S6811.json

@@ -0,0 +1,29 @@
+{
+  "title": "DOM elements with ARIA role should only have supported properties",
+  "type": "CODE_SMELL",
+  "status": "ready",
+  "remediation": {
+    "func": "Constant\/Issue",
+    "constantCost": "5min"
+  },
+  "tags": [
+    "a11y",
+    "react"
+  ],
+  "defaultSeverity": "Major",
+  "ruleSpecification": "RSPEC-6811",
+  "sqKey": "S6811",
+  "scope": "All",
+  "quickfix": "infeasible",
+  "code": {
+    "impacts": {
+      "MAINTAINABILITY": "LOW",
+      "RELIABILITY": "LOW"
+    },
+    "attribute": "CONVENTIONAL"
+  },
+ "compatibleLanguages": [
+   "JAVASCRIPT",
+   "TYPESCRIPT"
+ ]
+}

sonar-plugin/javascript-checks/src/main/resources/org/sonar/l10n/javascript/rules/javascript/Sonar_way_profile.json

@@ -291,7 +291,9 @@
     "S6772",
     "S6774",
     "S6775",
+    "S6793",
     "S6807",
+    "S6811",
     "S6819"
   ]
 }