import org.sonar.xoo.rule.OneIssuePerDirectorySensor;
import org.sonar.xoo.rule.OneIssuePerFileSensor;
import org.sonar.xoo.rule.OneIssuePerLineSensor;
-import org.sonar.xoo.rule.OneIssuePerModuleSensor;
+import org.sonar.xoo.rule.OneIssuePerProjectSensor;
import org.sonar.xoo.rule.OneIssuePerTestFileSensor;
import org.sonar.xoo.rule.OneIssuePerUnknownFileSensor;
import org.sonar.xoo.rule.OnePredefinedAndAdHocRuleExternalIssuePerLineSensor;
import org.sonar.xoo.rule.OnePredefinedRuleExternalIssuePerLineSensor;
import org.sonar.xoo.rule.OneQuickFixPerLineSensor;
-import org.sonar.xoo.rule.OneVulnerabilityIssuePerModuleSensor;
+import org.sonar.xoo.rule.OneVulnerabilityIssuePerProjectSensor;
import org.sonar.xoo.rule.RandomAccessSensor;
import org.sonar.xoo.rule.SaveDataTwiceSensor;
import org.sonar.xoo.rule.Xoo2BasicProfile;
OneBugIssuePerTestLineSensor.class,
OneCodeSmellIssuePerTestLineSensor.class,
OneIssuePerDirectorySensor.class,
- OneIssuePerModuleSensor.class,
+ OneIssuePerProjectSensor.class,
OneIssueOnDirPerFileSensor.class,
OneIssuePerUnknownFileSensor.class,
OneQuickFixPerLineSensor.class,
OneBugIssuePerLineSensor.class,
OneCodeSmellIssuePerLineSensor.class,
- OneVulnerabilityIssuePerModuleSensor.class,
+ OneVulnerabilityIssuePerProjectSensor.class,
DeprecatedGlobalSensor.class,
GlobalProjectSensor.class,
+++ /dev/null
-/*
- * SonarQube
- * Copyright (C) 2009-2023 SonarSource SA
- * mailto:info AT sonarsource DOT com
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 3 of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
- */
-package org.sonar.xoo.rule;
-
-import org.sonar.api.batch.sensor.Sensor;
-import org.sonar.api.batch.sensor.SensorContext;
-import org.sonar.api.batch.sensor.SensorDescriptor;
-import org.sonar.api.batch.sensor.issue.NewIssue;
-import org.sonar.api.rule.RuleKey;
-import org.sonar.xoo.Xoo;
-
-public class OneIssuePerModuleSensor implements Sensor {
-
- public static final String RULE_KEY = "OneIssuePerModule";
-
- @Override
- public void describe(SensorDescriptor descriptor) {
- descriptor
- .name("One Issue Per Module")
- .onlyOnLanguages(Xoo.KEY)
- .createIssuesForRuleRepositories(XooRulesDefinition.XOO_REPOSITORY);
- }
-
- @Override
- public void execute(SensorContext context) {
- analyse(context, Xoo.KEY, XooRulesDefinition.XOO_REPOSITORY);
- }
-
- private void analyse(SensorContext context, String language, String repo) {
- RuleKey ruleKey = RuleKey.of(repo, RULE_KEY);
- NewIssue newIssue = context.newIssue();
- newIssue
- .forRule(ruleKey)
- .at(newIssue.newLocation()
- .on(context.module())
- .message("This issue is generated on each module"))
- .save();
- }
-
-}
--- /dev/null
+/*
+ * SonarQube
+ * Copyright (C) 2009-2023 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+package org.sonar.xoo.rule;
+
+import org.sonar.api.batch.sensor.Sensor;
+import org.sonar.api.batch.sensor.SensorContext;
+import org.sonar.api.batch.sensor.SensorDescriptor;
+import org.sonar.api.batch.sensor.issue.NewIssue;
+import org.sonar.api.rule.RuleKey;
+import org.sonar.xoo.Xoo;
+
+public class OneIssuePerProjectSensor implements Sensor {
+
+ public static final String RULE_KEY = "OneIssuePerProject";
+
+ @Override
+ public void describe(SensorDescriptor descriptor) {
+ descriptor
+ .name("One Issue Per Project")
+ .onlyOnLanguages(Xoo.KEY)
+ .createIssuesForRuleRepositories(XooRulesDefinition.XOO_REPOSITORY);
+ }
+
+ @Override
+ public void execute(SensorContext context) {
+ analyse(context, Xoo.KEY, XooRulesDefinition.XOO_REPOSITORY);
+ }
+
+ private void analyse(SensorContext context, String language, String repo) {
+ RuleKey ruleKey = RuleKey.of(repo, RULE_KEY);
+ NewIssue newIssue = context.newIssue();
+ newIssue
+ .forRule(ruleKey)
+ .at(newIssue.newLocation()
+ .on(context.module())
+ .message("This issue is generated on each project"))
+ .save();
+ }
+
+}
+++ /dev/null
-/*
- * SonarQube
- * Copyright (C) 2009-2023 SonarSource SA
- * mailto:info AT sonarsource DOT com
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 3 of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
- */
-package org.sonar.xoo.rule;
-
-import org.sonar.api.batch.sensor.Sensor;
-import org.sonar.api.batch.sensor.SensorContext;
-import org.sonar.api.batch.sensor.SensorDescriptor;
-import org.sonar.api.batch.sensor.issue.NewIssue;
-import org.sonar.api.rule.RuleKey;
-import org.sonar.xoo.Xoo;
-
-public class OneVulnerabilityIssuePerModuleSensor implements Sensor {
-
- public static final String RULE_KEY = "OneVulnerabilityIssuePerModule";
-
- @Override
- public void describe(SensorDescriptor descriptor) {
- descriptor
- .name("One Issue Per Module")
- .onlyOnLanguages(Xoo.KEY)
- .createIssuesForRuleRepositories(XooRulesDefinition.XOO_REPOSITORY);
- }
-
- @Override
- public void execute(SensorContext context) {
- analyse(context, XooRulesDefinition.XOO_REPOSITORY);
- }
-
- private void analyse(SensorContext context, String repo) {
- RuleKey ruleKey = RuleKey.of(repo, RULE_KEY);
- NewIssue newIssue = context.newIssue();
- newIssue
- .forRule(ruleKey)
- .at(newIssue.newLocation()
- .on(context.module())
- .message("This issue is generated on each module"))
- .save();
- }
-
-}
--- /dev/null
+/*
+ * SonarQube
+ * Copyright (C) 2009-2023 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+package org.sonar.xoo.rule;
+
+import org.sonar.api.batch.sensor.Sensor;
+import org.sonar.api.batch.sensor.SensorContext;
+import org.sonar.api.batch.sensor.SensorDescriptor;
+import org.sonar.api.batch.sensor.issue.NewIssue;
+import org.sonar.api.rule.RuleKey;
+import org.sonar.xoo.Xoo;
+
+public class OneVulnerabilityIssuePerProjectSensor implements Sensor {
+
+ public static final String RULE_KEY = "OneVulnerabilityIssuePerProject";
+
+ @Override
+ public void describe(SensorDescriptor descriptor) {
+ descriptor
+ .name("One Issue Per Project")
+ .onlyOnLanguages(Xoo.KEY)
+ .createIssuesForRuleRepositories(XooRulesDefinition.XOO_REPOSITORY);
+ }
+
+ @Override
+ public void execute(SensorContext context) {
+ analyse(context, XooRulesDefinition.XOO_REPOSITORY);
+ }
+
+ private void analyse(SensorContext context, String repo) {
+ RuleKey ruleKey = RuleKey.of(repo, RULE_KEY);
+ NewIssue newIssue = context.newIssue();
+ newIssue
+ .forRule(ruleKey)
+ .at(newIssue.newLocation()
+ .on(context.module())
+ .message("This issue is generated on each project"))
+ .save();
+ }
+
+}
oneDayDebtPerFile.setDebtRemediationFunction(oneDayDebtPerFile.debtRemediationFunctions().linear("1d"));
addAllDescriptionSections(oneDayDebtPerFile, "Generate an issue on each file with a debt of one day");
- NewRule oneIssuePerModule = repo.createRule(OneIssuePerModuleSensor.RULE_KEY).setName("One Issue Per Module");
- oneIssuePerModule
+ NewRule oneIssuePerProject = repo.createRule(OneIssuePerProjectSensor.RULE_KEY).setName("One Issue Per Project");
+ oneIssuePerProject
.addDefaultImpact(SoftwareQuality.MAINTAINABILITY, Severity.MEDIUM)
- .setDebtRemediationFunction(oneIssuePerModule.debtRemediationFunctions().linearWithOffset("25min", "1h"))
- .setGapDescription("A certified architect will need roughly half an hour to start working on removal of modules, " +
- "then it's about one hour per module.");
- addAllDescriptionSections(oneIssuePerModule, "Generate an issue on each module");
+ .setDebtRemediationFunction(oneIssuePerProject.debtRemediationFunctions().linearWithOffset("25min", "1h"))
+ .setGapDescription("A certified architect will need roughly half an hour to start working on removal of projects, " +
+ "then it's about one hour per project.");
+ addAllDescriptionSections(oneIssuePerProject, "Generate an issue on each project");
NewRule oneBlockerIssuePerFile = repo.createRule(OneBlockerIssuePerFileSensor.RULE_KEY).setName("One Blocker Issue Per File")
.addDefaultImpact(SoftwareQuality.MAINTAINABILITY, Severity.MEDIUM);
.setDebtRemediationFunction(oneCodeSmellIssuePerLine.debtRemediationFunctions().linear("9min"));
addAllDescriptionSections(oneCodeSmellIssuePerLine, "Generate a code smell issue on each line of a file. It requires the metric \"lines\".");
- NewRule oneVulnerabilityIssuePerModule = repo.createRule(OneVulnerabilityIssuePerModuleSensor.RULE_KEY).setName("One Vulnerability Issue Per Module")
+ NewRule oneVulnerabilityIssuePerProject = repo.createRule(OneVulnerabilityIssuePerProjectSensor.RULE_KEY).setName("One Vulnerability Issue Per Project")
.addDefaultImpact(SoftwareQuality.SECURITY, Severity.MEDIUM)
.addDefaultImpact(SoftwareQuality.MAINTAINABILITY, Severity.HIGH)
.setCleanCodeAttribute(CleanCodeAttribute.TRUSTWORTHY)
.setType(RuleType.VULNERABILITY);
- addAllDescriptionSections(oneVulnerabilityIssuePerModule, "Generate an issue on each module");
+ addAllDescriptionSections(oneVulnerabilityIssuePerProject, "Generate an issue on each project");
- oneVulnerabilityIssuePerModule
- .setDebtRemediationFunction(oneVulnerabilityIssuePerModule.debtRemediationFunctions().linearWithOffset("25min", "1h"))
- .setGapDescription("A certified architect will need roughly half an hour to start working on removal of modules, " +
- "then it's about one hour per module.");
+ oneVulnerabilityIssuePerProject
+ .setDebtRemediationFunction(oneVulnerabilityIssuePerProject.debtRemediationFunctions().linearWithOffset("25min", "1h"))
+ .setGapDescription("A certified architect will need roughly half an hour to start working on removal of project, " +
+ "then it's about one hour per project.");
NewRule templateofRule = repo
.createRule("xoo-template")
.addOwaspTop10(Y2021, OwaspTop10.A3, OwaspTop10.A2)
.addCwe(1, 89, 123, 863);
- oneVulnerabilityIssuePerModule
+ oneVulnerabilityIssuePerProject
.addOwaspTop10(Y2017, OwaspTop10.A9, OwaspTop10.A10)
.addOwaspTop10(Y2021, OwaspTop10.A6, OwaspTop10.A9)
.addCwe(250, 564, 546, 943);
.addPciDss(PciDssVersion.V4_0, "6.5a.1", "4.2c")
.addPciDss(PciDssVersion.V3_2, "6.5a.1b", "4.2b");
- oneVulnerabilityIssuePerModule
+ oneVulnerabilityIssuePerProject
.addPciDss(PciDssVersion.V4_0, "10.1")
.addPciDss(PciDssVersion.V3_2, "10.2")
.addPciDss(PciDssVersion.V4_0, "10.1a.2b")
if (version != null && version.isGreaterThanOrEqual(Version.create(9, 6))) {
hotspot
.addOwaspAsvs(OwaspAsvsVersion.V4_0, "2.8.7", "3.1.1", "4.2.2");
- oneVulnerabilityIssuePerModule
+ oneVulnerabilityIssuePerProject
.addOwaspAsvs(OwaspAsvsVersion.V4_0, "11.1.2", "14.5.1", "14.5.4");
}
public void define_xoo_vulnerability_rule() {
RulesDefinition.Repository repo = getRepository();
- RulesDefinition.Rule rule = repo.rule(OneVulnerabilityIssuePerModuleSensor.RULE_KEY);
+ RulesDefinition.Rule rule = repo.rule(OneVulnerabilityIssuePerProjectSensor.RULE_KEY);
assertThat(rule.name()).isNotEmpty();
assertThat(rule.securityStandards())
.isNotEmpty()
.registerPlugin("xoo", new XooPlugin())
.addDefaultQProfile("xoo", "Sonar Way")
.addRules(new XooRulesDefinition())
- .addActiveRule("xoo", "OneIssuePerModule", null, "One issue per module", "MINOR", "xoo", "xoo");
+ .addActiveRule("xoo", "OneIssuePerProject", null, "One issue per module", "MINOR", "xoo", "xoo");
@Test
public void scanTempProject() throws IOException {
projects / sonarqube.git / commitdiff