import org.sonar.api.rules.RuleType;
import org.sonar.ce.task.projectanalysis.component.Component;
import org.sonar.core.issue.DefaultIssue;
-import org.sonar.ce.task.projectanalysis.component.Component;
import org.sonar.ce.task.projectanalysis.measure.Measure;
import org.sonar.ce.task.projectanalysis.measure.MeasureRepository;
import org.sonar.ce.task.projectanalysis.metric.Metric;
.put(RuleType.CODE_SMELL, CoreMetrics.CODE_SMELLS_KEY)
.put(RuleType.BUG, CoreMetrics.BUGS_KEY)
.put(RuleType.VULNERABILITY, CoreMetrics.VULNERABILITIES_KEY)
- .put(RuleType.SECURITY_HOTSPOT, CoreMetrics.SECURITY_HOTSPOTS_KEY)
.build();
private static final Map<RuleType, String> TYPE_TO_NEW_METRIC_KEY = ImmutableMap.<RuleType, String>builder()
.put(RuleType.CODE_SMELL, CoreMetrics.NEW_CODE_SMELLS_KEY)
.put(RuleType.BUG, CoreMetrics.NEW_BUGS_KEY)
.put(RuleType.VULNERABILITY, CoreMetrics.NEW_VULNERABILITIES_KEY)
- .put(RuleType.SECURITY_HOTSPOT, CoreMetrics.NEW_SECURITY_HOTSPOTS_KEY)
.build();
private final PeriodHolder periodHolder;
// Other statuses are ignored
}
}
-
- void addNewSecurityHotspot(DefaultIssue issue) {
- if (issue.resolution() == null) {
- typeBag.add(issue.type());
- }
- }
}
/**
void addOnPeriod(DefaultIssue issue) {
if (issue.type() != RuleType.SECURITY_HOTSPOT) {
counterForPeriod.add(issue);
- } else {
- counterForPeriod.addNewSecurityHotspot(issue);
}
}
static final Metric NEW_CODE_SMELLS_METRIC = new MetricImpl(20, CoreMetrics.NEW_CODE_SMELLS_KEY, CoreMetrics.NEW_CODE_SMELLS_KEY, INT);
static final Metric NEW_BUGS_METRIC = new MetricImpl(21, CoreMetrics.NEW_BUGS_KEY, CoreMetrics.NEW_BUGS_KEY, INT);
static final Metric NEW_VULNERABILITIES_METRIC = new MetricImpl(22, CoreMetrics.NEW_VULNERABILITIES_KEY, CoreMetrics.NEW_VULNERABILITIES_KEY, INT);
- static final Metric SECURITY_HOTSPOTS_METRIC = new MetricImpl(24, CoreMetrics.SECURITY_HOTSPOTS_KEY, CoreMetrics.SECURITY_HOTSPOTS_KEY, INT);
- static final Metric NEW_SECURITY_HOTSPOTS_METRIC = new MetricImpl(25, CoreMetrics.NEW_SECURITY_HOTSPOTS_KEY, CoreMetrics.NEW_SECURITY_HOTSPOTS_KEY, INT);
@Rule
public BatchReportReaderRule reportReader = new BatchReportReaderRule();
.add(VULNERABILITIES_METRIC)
.add(NEW_CODE_SMELLS_METRIC)
.add(NEW_BUGS_METRIC)
- .add(NEW_VULNERABILITIES_METRIC)
- .add(SECURITY_HOTSPOTS_METRIC)
- .add(NEW_SECURITY_HOTSPOTS_METRIC);
+ .add(NEW_VULNERABILITIES_METRIC);
@Rule
public MeasureRepositoryRule measureRepository = MeasureRepositoryRule.create(treeRootHolder, metricRepository);
}
@Test
- public void count_hotspots() {
+ public void exclude_hotspots_from_issue_counts() {
periodsHolder.setPeriod(null);
// bottom-up traversal -> from files to project
underTest.beforeComponent(PROJECT);
underTest.afterComponent(PROJECT);
- assertThat(measureRepository.getRawMeasure(FILE1, SECURITY_HOTSPOTS_METRIC).get().getIntValue()).isEqualTo(2);
assertThat(measureRepository.getRawMeasure(FILE1, ISSUES_METRIC).get().getIntValue()).isEqualTo(2);
assertThat(measureRepository.getRawMeasure(FILE1, OPEN_ISSUES_METRIC).get().getIntValue()).isEqualTo(2);
assertThat(measureRepository.getRawMeasure(FILE1, CONFIRMED_ISSUES_METRIC).get().getIntValue()).isEqualTo(0);
- assertThat(measureRepository.getRawMeasure(FILE2, SECURITY_HOTSPOTS_METRIC).get().getIntValue()).isEqualTo(1);
assertThat(measureRepository.getRawMeasure(FILE2, ISSUES_METRIC).get().getIntValue()).isEqualTo(1);
assertThat(measureRepository.getRawMeasure(FILE2, OPEN_ISSUES_METRIC).get().getIntValue()).isEqualTo(1);
assertThat(measureRepository.getRawMeasure(FILE2, CONFIRMED_ISSUES_METRIC).get().getIntValue()).isEqualTo(0);
- assertThat(measureRepository.getRawMeasure(FILE3, SECURITY_HOTSPOTS_METRIC).get().getIntValue()).isEqualTo(0);
assertThat(measureRepository.getRawMeasure(FILE3, ISSUES_METRIC).get().getIntValue()).isEqualTo(0);
- assertThat(measureRepository.getRawMeasure(PROJECT, SECURITY_HOTSPOTS_METRIC).get().getIntValue()).isEqualTo(3);
assertThat(measureRepository.getRawMeasure(PROJECT, ISSUES_METRIC).get().getIntValue()).isEqualTo(3);
assertThat(measureRepository.getRawMeasure(PROJECT, OPEN_ISSUES_METRIC).get().getIntValue()).isEqualTo(3);
assertThat(measureRepository.getRawMeasure(PROJECT, CONFIRMED_ISSUES_METRIC).get().getIntValue()).isEqualTo(0);
}
@Test
- public void count_new_hotspots_excluded_from_other_raw_issue_counts() {
+ public void exclude_new_hotspots_from_issue_counts() {
Period period = newPeriod(1500000000000L);
periodsHolder.setPeriod(period);
assertVariation(FILE1, NEW_BLOCKER_ISSUES_METRIC, 0);
assertVariation(FILE1, NEW_MAJOR_ISSUES_METRIC, 0);
assertVariation(FILE1, NEW_VULNERABILITIES_METRIC, 0);
- assertVariation(FILE1, NEW_SECURITY_HOTSPOTS_METRIC, 3);
assertVariation(PROJECT, NEW_ISSUES_METRIC, 0);
assertVariation(PROJECT, NEW_CRITICAL_ISSUES_METRIC, 0);
assertVariation(PROJECT, NEW_BLOCKER_ISSUES_METRIC, 0);
assertVariation(PROJECT, NEW_MAJOR_ISSUES_METRIC, 0);
assertVariation(PROJECT, NEW_VULNERABILITIES_METRIC, 0);
- assertVariation(PROJECT, NEW_SECURITY_HOTSPOTS_METRIC, 3);
}
private void assertVariation(Component component, Metric metric, int expectedVariation) {
new IssueMetricFormula(CoreMetrics.VULNERABILITIES, false,
(context, issues) -> context.setValue(issues.countUnresolvedByType(RuleType.VULNERABILITY, false))),
- new IssueMetricFormula(CoreMetrics.SECURITY_HOTSPOTS, false,
- (context, issues) -> context.setValue(issues.countUnresolvedByType(RuleType.SECURITY_HOTSPOT, false))),
-
new IssueMetricFormula(CoreMetrics.VIOLATIONS, false,
(context, issues) -> context.setValue(issues.countUnresolved(false))),
new IssueMetricFormula(CoreMetrics.NEW_VULNERABILITIES, true,
(context, issues) -> context.setLeakValue(issues.countUnresolvedByType(RuleType.VULNERABILITY, true))),
- new IssueMetricFormula(CoreMetrics.NEW_SECURITY_HOTSPOTS, true,
- (context, issues) -> context.setLeakValue(issues.countUnresolvedByType(RuleType.SECURITY_HOTSPOT, true))),
-
new IssueMetricFormula(CoreMetrics.NEW_VIOLATIONS, true,
(context, issues) -> context.setLeakValue(issues.countUnresolved(true))),
data-metric={measure.metric.key}
key={measure.metric.key}>
<span className="measure-name">
- {['bugs', 'vulnerabilities', 'code_smells', 'security_hotspots'].includes(measure.metric.key) && (
+ {['bugs', 'vulnerabilities', 'code_smells'].includes(measure.metric.key) && (
<IssueTypeIcon className="little-spacer-right" query={measure.metric.key} />
)}
{getLocalizedMetricName(measure.metric)}
metric.new_reliability_remediation_effort.description=Reliability remediation effort on new code
metric.new_reliability_remediation_effort.name=Reliability Remediation Effort on New Code
metric.new_reliability_remediation_effort.extra_short_name=Remediation Effort
-metric.new_security_hotspots.description=New Security Hotspots
-metric.new_security_hotspots.name=New Security Hotspots
metric.new_security_rating.description=Security rating on new code
metric.new_security_rating.name=Security Rating on New Code
metric.new_security_rating.extra_short_name=Rating
metric.rfc.name=Response for Class
metric.rfc_distribution.description=Class distribution /RFC
metric.rfc_distribution.name=Class Distribution / RFC
-metric.security_hotspots.description=Security Hotspots
-metric.security_hotspots.name=Security Hotspots
metric.security_rating.description=Security rating
metric.security_rating.name=Security Rating
metric.security_rating.extra_short_name=Rating
.setDeleteHistoricalData(true)
.create();
- /**
- * SonarQube Quality Model
- * @since 7.3
- */
- public static final String SECURITY_HOTSPOTS_KEY = "security_hotspots";
-
- /**
- * SonarQube Quality Model
- * @since 7.3
- */
- public static final Metric<Integer> SECURITY_HOTSPOTS = new Metric.Builder(SECURITY_HOTSPOTS_KEY, "Security Hotspots", Metric.ValueType.INT)
- .setDescription("Security Hotspots")
- .setDirection(Metric.DIRECTION_WORST)
- .setQualitative(false)
- .setDomain(DOMAIN_SECURITY)
- .setBestValue(0.0)
- .setOptimizedBestValue(true)
- .create();
-
- /**
- * SonarQube Quality Model
- * @since 7.3
- */
- public static final String NEW_SECURITY_HOTSPOTS_KEY = "new_security_hotspots";
-
- /**
- * SonarQube Quality Model
- * @since 7.3
- */
- public static final Metric<Integer> NEW_SECURITY_HOTSPOTS = new Metric.Builder(NEW_SECURITY_HOTSPOTS_KEY, "New Security Hotspots", Metric.ValueType.INT)
- .setDescription("New Security Hotspots")
- .setDirection(Metric.DIRECTION_WORST)
- .setQualitative(true)
- .setDomain(DOMAIN_SECURITY)
- .setBestValue(0.0)
- .setOptimizedBestValue(true)
- .setDeleteHistoricalData(true)
- .create();
-
// --------------------------------------------------------------------------------------------------------------------
//
// DESIGN
projects / sonarqube.git / commitdiff