Thanks for your reply @Scott,
This is indeed a hot topic here at SonarSource at the moment, and we are definitely working hard on the subject in order to improve things and help reporting of issues!
For your information, version 4.10 of the SonarJava analyzer (
currently in RC1) considerably improved flow messages for Symbolic-execution-based rules (but obviously only targets Java language), while SonarQube 6.4 (
currently in RC2) is offering a completely redesigned User Interface to ease navigation and help understanding of these flow messages.
For analyzers targeting other languages, such as SonarJavascript, adding flow messages is still work in progress, and will progressively be improved.
Cheers,
Michael