UI5 Linter doesn't mark getSecurityToken as deprectaed

[pubmikeb]

Expected Behavior

getSecurityToken() of sap.ui.model.odata.v2.ODataModel should be marked as deprecated.

Current Behavior

UI5 Linter doesn't mark getSecurityToken() as deprecated.

Steps to Reproduce the Issue

1. Use in your code bade getSecurityToken()
2. Run UI5 Linter: ui5lint

Context

• UI5 linter version: 1.8.0
• Node.js version: 20.18.1
• npm version: 10.8.2
• OS/Platform: SAP BAS
• Other information regarding your environment (optional): SAP BAS

[codeworrior]

Can you please share at least a few lines of code around the getSecurityToken call? I doubt that the call by itself is the issue. The linter's capability to detect a certain method call as deprecated highly depends on TypeScript's capability to infer the type of the callee.
Most likely, this is caused by the context, therefore I'm asking...

[pubmikeb]

@codeworrior, thanks for your extremely prompt response!

The way I call getSecurityToken() is pretty standard:

sap.ui.define([
	"./BaseController",
	"sap/ui/model/odata/v2/ODataModel"
], function (BaseController, ODataModel) {
	"use strict";

	return BaseController.extend("org.company.app.controller.Main", {
		onInit: function() {
			const securityToken = ODataModel.getSecurityToken();
		}
	});
});

What's interesting, when I add a call of another deprecated module, e.g. sap/ui/core/util/ExportTypeCSV, UI5 Linter perfectly identifies usage of deprecated component/API.

[codeworrior]

Ehm, if I'm not mistaken, getSecurityToken is an instance method. Did you mean (new ODataModel()).getSecurityToken().

[pubmikeb]

You're right, ODataModel.getSecurityToken() is the wrong way to call getSecurityToken(), when I replaced it with (new ODataModel()).getSecurityToken(), UI5 Linter was capable of identifying the problem.

However, in the original codebase, we have something like this.getOwnerComponent().getModel().getSecurityToken() and this call isn't detected as well. I'll check what exactly do I get when calling this.getOwnerComponent().getModel().

BTW, I assumed, that UI5 Linter just parses usage of a module's methods and checks it against the list of deprecated APIs.

[codeworrior]

BTW, I assumed, that UI5 Linter just parses usage of a module's methods and checks it against the list of deprecated APIs.

Understandable, but we have methods like v4.ODataModel#getProperty which are deprecated, but other getProperty methods are not (and many similar cases with other common method names). That's why the linter relies on type inference.

Methods with a quite generic return type like getModel() or byId() obviously cause issues with this approach. For those method we plan to enhance the inferred type information with addtl. info derived from the manifest.json (types of models) and XML views (types of controls per ID). But that's not implemented yet.

[pubmikeb]

Methods with a quite generic return type like getModel() or byId() obviously cause issues with this approach.

Perhaps, the proper JSDoc signatures can serve as a workaround, until the described functionality is implemented or until the codebase is migrated to TypeScript,

[codeworrior]

Sorry, I have to correct myself. @matz3 reminded me that for Controller#byId, we already merge knowledge from the XMLViews into the signature of the controller's byId call. Just for getModel it's still missing.

[pubmikeb]

Just for getModel it's still missing.

Great, then less job to be done!

[flovogt]

Thanks a lot @pubmikeb for reporting this missing feature. We will implement this in backlog item CPOUI5FOUNDATION-1014 (SAP-internal).