Skip to content

☕ SonarJava : Java static analyzer for SonarQube & SonarLint

License

Notifications You must be signed in to change notification settings

secusbot/sonar-java

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

SonarJava Build Status Quality Gate Coverage

SonarJava is a code analyzer for Java projects. Information about the SonarJava features is available here.

Build status (all branches)

Build Status

Features

Useful links

Have question or feedback?

To provide feedback (request a feature, report a bug etc.) use the SonarQube Google Group. Please do not forget to specify the language (Java!), plugin version and SonarQube version. If you have a question on how to use plugin (and the docs don't help you) direct it to Stack Overflow tagged both sonarqube and java.

Contributing

Topic in SonarQube Google Group

To request a new feature, please create a new thread in SonarQube Google Group. Even if you plan to implement it yourself and submit it back to the community, please start a new thread first to be sure that we can use it.

Pull Request (PR)

To submit a contribution, create a pull request for this repository. Please make sure that you follow our code style and all tests are passing (Travis build is created for each PR).

Custom Rules

If you have an idea for a rule but you are not sure that everyone needs it you can implement a custom rule available only for you.

Testing

To run tests locally follow these instructions.

Build the Project and Run Unit Tests

To build the plugin and run its unit tests, execute this command from the project's root directory:

mvn clean package

Note: You need to run the package goal because the jacoco-previous module will shade JaCoCo to support two binary format of JaCoCo. This shading mechanism is bound to maven package phase and is required for other modules to compile.

Integration Tests

To run integration tests, you will need to create a properties file like the one shown below, and set the url pointing to its location in an environment variable named ORCHESTRATOR_CONFIG_URL.

# version of SonarQube Server
sonar.runtimeVersion=5.6

orchestrator.updateCenterUrl=http://update.sonarsource.org/update-center-dev.properties

# Location of Maven local repository is not automatically guessed. It can also be set with the env variable MAVEN_LOCAL_REPOSITORY.
maven.localRepository=/home/myName/.m2/repository

With for instance the ORCHESTRATOR_CONFIG_URL variable being set as:

export ORCHESTRATOR_CONFIG_URL=file:///home/user/workspace/orchestrator.properties

Before running the ITs, be sure your MAVEN_HOME environment variable is set.

Plugin Test

The "Plugin Test" is an integration test suite which verifies plugin features such as metric calculation, coverage etc. To launch it:

mvn clean install -Pit-plugin

Ruling Test

The "Ruling Test" are an integration test suite which launches the analysis of a large code base, saves the issues created by the plugin in report files, and then compares those results to the set of expected issues (stored as JSON files).

To run the test, first make sure the submodules are checked out:

git submodule init 
git submodule update

Launch ruling test:

cd its/ruling
mvn clean install -DskipTests=false

This test gives you the opportunity to examine the issues created by each rule and make sure they're what you expect. Any implemented rule is highly likely to raise issues on the multiple projects we use as ruling code base.

  • For newly implemented rule, it means that a first build will most probably fail, caused by differences between expected results (without any values for the new rule) and the new results. You can inspect these new issues by searching for files named after your rule (squid-SXXXX.json) in the following folder:

      /path/to/project/sonar-java/its/ruling/target/actual/...
    
  • For existing rules which are modified, you may expect some differences between "actual" (from new analysis) and expected results. Review carefully the changes which are shown and update the expected resources accordingly.

All the json files contain a list of lines, indexed by file, expliciting where the issues raised by a specific rule are located. If/When everything looks good to you, you can copy the file with the actual issues located at:

its/ruling/target/actual/

Into the directory with the expected issues:

its/ruling/src/test/resources/

For example using the command:

cp its/ruling/target/actual/* its/ruling/src/test/resources/

License

Copyright 2012-2018 SonarSource.

Licensed under the GNU Lesser General Public License, Version 3.0

About

☕ SonarJava : Java static analyzer for SonarQube & SonarLint

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • Java 94.1%
  • HTML 5.8%
  • Other 0.1%