@@ -43,11 +43,8 @@ import org.sonar.xoo.rule.ChecksSensor; | |||
import org.sonar.xoo.rule.CreateIssueByInternalKeySensor; | |||
import org.sonar.xoo.rule.CustomMessageSensor; | |||
import org.sonar.xoo.rule.HasTagSensor; | |||
import org.sonar.xoo.rule.MultilineHotspotSensor; | |||
import org.sonar.xoo.rule.hotspot.HotspotWithSingleContextSensor; | |||
import org.sonar.xoo.rule.hotspot.HotspotWithoutContextSensor; | |||
import org.sonar.xoo.rule.hotspot.HotspotWithContextsSensor; | |||
import org.sonar.xoo.rule.MarkAsUnchangedSensor; | |||
import org.sonar.xoo.rule.MultilineHotspotSensor; | |||
import org.sonar.xoo.rule.MultilineIssuesSensor; | |||
import org.sonar.xoo.rule.NoSonarSensor; | |||
import org.sonar.xoo.rule.OneBlockerIssuePerFileSensor; | |||
@@ -82,6 +79,11 @@ import org.sonar.xoo.rule.XooFakeImporter; | |||
import org.sonar.xoo.rule.XooFakeImporterWithMessages; | |||
import org.sonar.xoo.rule.XooRulesDefinition; | |||
import org.sonar.xoo.rule.XooSonarWayProfile; | |||
import org.sonar.xoo.rule.hotspot.HotspotWithContextsSensor; | |||
import org.sonar.xoo.rule.hotspot.HotspotWithSingleContextSensor; | |||
import org.sonar.xoo.rule.hotspot.HotspotWithoutContextSensor; | |||
import org.sonar.xoo.rule.variant.HotspotWithCodeVariantsSensor; | |||
import org.sonar.xoo.rule.variant.IssueWithCodeVariantsSensor; | |||
import org.sonar.xoo.scm.XooBlameCommand; | |||
import org.sonar.xoo.scm.XooIgnoreCommand; | |||
import org.sonar.xoo.scm.XooScmProvider; | |||
@@ -176,6 +178,7 @@ public class XooPlugin implements Plugin { | |||
HotspotWithoutContextSensor.class, | |||
HotspotWithContextsSensor.class, | |||
HotspotWithSingleContextSensor.class, | |||
HotspotWithCodeVariantsSensor.class, | |||
// Coverage | |||
UtCoverageSensor.class, | |||
@@ -191,7 +194,8 @@ public class XooPlugin implements Plugin { | |||
XooPostJob.class, | |||
XooIssueFilter.class, | |||
XooIgnoreCommand.class, | |||
SignificantCodeSensor.class); | |||
SignificantCodeSensor.class, | |||
IssueWithCodeVariantsSensor.class); | |||
if (context.getRuntime().getProduct() != SonarProduct.SONARLINT) { | |||
context.addExtension(MeasureSensor.class); |
@@ -31,9 +31,11 @@ import org.sonar.api.utils.Version; | |||
import org.sonar.xoo.Xoo; | |||
import org.sonar.xoo.Xoo2; | |||
import org.sonar.xoo.checks.Check; | |||
import org.sonar.xoo.rule.variant.HotspotWithCodeVariantsSensor; | |||
import org.sonar.xoo.rule.hotspot.HotspotWithContextsSensor; | |||
import org.sonar.xoo.rule.hotspot.HotspotWithSingleContextSensor; | |||
import org.sonar.xoo.rule.hotspot.HotspotWithoutContextSensor; | |||
import org.sonar.xoo.rule.variant.IssueWithCodeVariantsSensor; | |||
import static org.sonar.api.server.rule.RuleDescriptionSection.RuleDescriptionSectionKeys.ASSESS_THE_PROBLEM_SECTION_KEY; | |||
import static org.sonar.api.server.rule.RuleDescriptionSection.RuleDescriptionSectionKeys.HOW_TO_FIX_SECTION_KEY; | |||
@@ -231,6 +233,9 @@ public class XooRulesDefinition implements RulesDefinition { | |||
hotspot | |||
.setDebtRemediationFunction(hotspot.debtRemediationFunctions().constantPerIssue("2min")); | |||
NewRule variants = repo.createRule(IssueWithCodeVariantsSensor.RULE_KEY).setName("Find issues with code variants"); | |||
addAllDescriptionSections(variants, "Search for a given variant in Xoo files"); | |||
if (version != null && version.isGreaterThanOrEqual(Version.create(9, 3))) { | |||
hotspot | |||
.addOwaspTop10(OwaspTop10.A1, OwaspTop10.A3) | |||
@@ -278,6 +283,12 @@ public class XooRulesDefinition implements RulesDefinition { | |||
.addDescriptionSection(howToFixSectionWithContext("single_context")); | |||
addDescriptionSectionsWithoutContexts(hotspotWithSingleContext, "Search for Security Hotspots with single context in Xoo files"); | |||
NewRule hotspotWithCodeVariants = repo.createRule(HotspotWithCodeVariantsSensor.RULE_KEY) | |||
.setName("Find security hotspots with code variants") | |||
.setType(RuleType.SECURITY_HOTSPOT) | |||
.setActivatedByDefault(false); | |||
addAllDescriptionSections(hotspotWithCodeVariants, "Search for a given variant in Xoo files"); | |||
repo.done(); | |||
} | |||
@@ -0,0 +1,82 @@ | |||
/* | |||
* SonarQube | |||
* Copyright (C) 2009-2023 SonarSource SA | |||
* mailto:info AT sonarsource DOT com | |||
* | |||
* This program is free software; you can redistribute it and/or | |||
* modify it under the terms of the GNU Lesser General Public | |||
* License as published by the Free Software Foundation; either | |||
* version 3 of the License, or (at your option) any later version. | |||
* | |||
* This program is distributed in the hope that it will be useful, | |||
* but WITHOUT ANY WARRANTY; without even the implied warranty of | |||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |||
* Lesser General Public License for more details. | |||
* | |||
* You should have received a copy of the GNU Lesser General Public License | |||
* along with this program; if not, write to the Free Software Foundation, | |||
* Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. | |||
*/ | |||
package org.sonar.xoo.rule.variant; | |||
import java.io.IOException; | |||
import java.util.Arrays; | |||
import java.util.List; | |||
import java.util.Optional; | |||
import java.util.stream.Collectors; | |||
import org.sonar.api.batch.fs.FileSystem; | |||
import org.sonar.api.batch.fs.InputFile; | |||
import org.sonar.api.batch.rule.ActiveRules; | |||
import org.sonar.api.batch.sensor.SensorContext; | |||
import org.sonar.api.batch.sensor.issue.NewIssue; | |||
import org.sonar.api.config.Configuration; | |||
import org.sonar.api.rule.RuleKey; | |||
import org.sonar.xoo.rule.AbstractXooRuleSensor; | |||
/** | |||
* Raise issue for multiple code variants. | |||
* Use the property "sonar.variants" to define the variants. | |||
* If variant names are found on the file content, an issue is raised with all the corresponding variants. | |||
* Extend this abstract class to define the rule key. | |||
*/ | |||
public abstract class CodeVariantSensor extends AbstractXooRuleSensor { | |||
private static final String VARIANTS_PROPERTY = "sonar.variants"; | |||
private final Configuration settings; | |||
public CodeVariantSensor(Configuration settings, FileSystem fs, ActiveRules activeRules) { | |||
super(fs, activeRules); | |||
this.settings = settings; | |||
} | |||
@Override | |||
protected void processFile(InputFile inputFile, SensorContext context, RuleKey ruleKey, String languageKey) { | |||
Optional<String> variantsValue = settings.get(VARIANTS_PROPERTY); | |||
if (variantsValue.isEmpty()) { | |||
return; | |||
} | |||
List<String> variants = Arrays.asList(variantsValue.get().split(",")); | |||
try { | |||
String contents = inputFile.contents(); | |||
List<String> identifiedVariants = variants.stream() | |||
.filter(contents::contains) | |||
.collect(Collectors.toList()); | |||
if (!identifiedVariants.isEmpty()) { | |||
NewIssue newIssue = context.newIssue() | |||
.forRule(ruleKey) | |||
.setCodeVariants(identifiedVariants); | |||
newIssue.at(newIssue.newLocation() | |||
.on(inputFile) | |||
.message("This is generated for variants")) | |||
.save(); | |||
} | |||
} catch (IOException e) { | |||
throw new IllegalStateException("Fail to get content of file " + inputFile, e); | |||
} | |||
} | |||
} |
@@ -0,0 +1,41 @@ | |||
/* | |||
* SonarQube | |||
* Copyright (C) 2009-2023 SonarSource SA | |||
* mailto:info AT sonarsource DOT com | |||
* | |||
* This program is free software; you can redistribute it and/or | |||
* modify it under the terms of the GNU Lesser General Public | |||
* License as published by the Free Software Foundation; either | |||
* version 3 of the License, or (at your option) any later version. | |||
* | |||
* This program is distributed in the hope that it will be useful, | |||
* but WITHOUT ANY WARRANTY; without even the implied warranty of | |||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |||
* Lesser General Public License for more details. | |||
* | |||
* You should have received a copy of the GNU Lesser General Public License | |||
* along with this program; if not, write to the Free Software Foundation, | |||
* Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. | |||
*/ | |||
package org.sonar.xoo.rule.variant; | |||
import org.sonar.api.batch.fs.FileSystem; | |||
import org.sonar.api.batch.rule.ActiveRules; | |||
import org.sonar.api.config.Configuration; | |||
/** | |||
* Raises security hotspots with code variants. | |||
*/ | |||
public class HotspotWithCodeVariantsSensor extends CodeVariantSensor { | |||
public static final String RULE_KEY = "HotspotWithCodeVariants"; | |||
public HotspotWithCodeVariantsSensor(Configuration settings, FileSystem fs, ActiveRules activeRules) { | |||
super(settings, fs, activeRules); | |||
} | |||
@Override | |||
protected String getRuleKey() { | |||
return RULE_KEY; | |||
} | |||
} |
@@ -0,0 +1,41 @@ | |||
/* | |||
* SonarQube | |||
* Copyright (C) 2009-2023 SonarSource SA | |||
* mailto:info AT sonarsource DOT com | |||
* | |||
* This program is free software; you can redistribute it and/or | |||
* modify it under the terms of the GNU Lesser General Public | |||
* License as published by the Free Software Foundation; either | |||
* version 3 of the License, or (at your option) any later version. | |||
* | |||
* This program is distributed in the hope that it will be useful, | |||
* but WITHOUT ANY WARRANTY; without even the implied warranty of | |||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |||
* Lesser General Public License for more details. | |||
* | |||
* You should have received a copy of the GNU Lesser General Public License | |||
* along with this program; if not, write to the Free Software Foundation, | |||
* Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. | |||
*/ | |||
package org.sonar.xoo.rule.variant; | |||
import org.sonar.api.batch.fs.FileSystem; | |||
import org.sonar.api.batch.rule.ActiveRules; | |||
import org.sonar.api.config.Configuration; | |||
/** | |||
* Raises issues with code variants. | |||
*/ | |||
public class IssueWithCodeVariantsSensor extends CodeVariantSensor { | |||
public static final String RULE_KEY = "IssueWithCodeVariants"; | |||
public IssueWithCodeVariantsSensor(Configuration settings, FileSystem fs, ActiveRules activeRules) { | |||
super(settings, fs, activeRules); | |||
} | |||
@Override | |||
protected String getRuleKey() { | |||
return RULE_KEY; | |||
} | |||
} |
@@ -119,7 +119,7 @@ public class XooRulesDefinitionTest { | |||
assertThat(repo).isNotNull(); | |||
assertThat(repo.name()).isEqualTo("Xoo"); | |||
assertThat(repo.language()).isEqualTo("xoo"); | |||
assertThat(repo.rules()).hasSize(26); | |||
assertThat(repo.rules()).hasSize(28); | |||
return repo; | |||
} | |||
} |