mirrors
/
sonarqube
mirror of https://github.com/SonarSource/sonarqube.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 237 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
31712 Commits
59 Branches
Tree: 89a3d21bc2
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '89a3d21bc2'
${ noResults }
sonarqube/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/XooRulesDefinition.java

XooRulesDefinition.java 12KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233 
  1. /*

  2.  * SonarQube

  3.  * Copyright (C) 2009-2022 SonarSource SA

  4.  * mailto:info AT sonarsource DOT com

  5.  *

  6.  * This program is free software; you can redistribute it and/or

  7.  * modify it under the terms of the GNU Lesser General Public

  8.  * License as published by the Free Software Foundation; either

  9.  * version 3 of the License, or (at your option) any later version.

  10.  *

  11.  * This program is distributed in the hope that it will be useful,

  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

  14.  * Lesser General Public License for more details.

  15.  *

  16.  * You should have received a copy of the GNU Lesser General Public License

  17.  * along with this program; if not, write to the Free Software Foundation,

  18.  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

  19.  */

  20. package org.sonar.xoo.rule;

  21. 

  22. import javax.annotation.Nullable;

  23. import org.sonar.api.SonarRuntime;

  24. import org.sonar.api.rule.RuleScope;

  25. import org.sonar.api.rules.RuleType;

  26. import org.sonar.api.server.rule.RuleParamType;

  27. import org.sonar.api.server.rule.RulesDefinition;

  28. import org.sonar.api.server.rule.RulesDefinitionAnnotationLoader;

  29. import org.sonar.api.utils.Version;

  30. import org.sonar.xoo.Xoo;

  31. import org.sonar.xoo.Xoo2;

  32. import org.sonar.xoo.checks.Check;

  33. 

  34. import static org.sonar.api.server.rule.RulesDefinition.OwaspTop10Version.*;

  35. 

  36. /**

  37.  * Define all the coding rules that are supported on the repositories named "xoo" and "xoo2"

  38.  */

  39. public class XooRulesDefinition implements RulesDefinition {

  40. 

  41.   public static final String XOO_REPOSITORY = "xoo";

  42.   public static final String XOO2_REPOSITORY = "xoo2";

  43. 

  44.   private static final String TEN_MIN = "10min";

  45. 

  46.   @Nullable

  47.   private final Version version;

  48. 

  49.   public XooRulesDefinition() {

  50.     this(null);

  51.   }

  52. 

  53.   public XooRulesDefinition(@Nullable SonarRuntime sonarRuntime) {

  54.     this.version = sonarRuntime != null ? sonarRuntime.getApiVersion() : null;

  55.   }

  56. 

  57.   @Override

  58.   public void define(Context context) {

  59.     defineRulesXoo(context);

  60.     defineRulesXoo2(context);

  61.     defineRulesXooExternal(context);

  62.   }

  63. 

  64.   private static void defineRulesXoo2(Context context) {

  65.     NewRepository repo = context.createRepository(XOO2_REPOSITORY, Xoo2.KEY).setName("Xoo2");

  66. 

  67.     NewRule hasTag = repo.createRule(HasTagSensor.RULE_KEY).setName("Has Tag")

  68.       .setHtmlDescription("Search for a given tag in Xoo files");

  69. 

  70.     NewRule oneIssuePerLine = repo.createRule(OneIssuePerLineSensor.RULE_KEY).setName("One Issue Per Line")

  71.       .setHtmlDescription("Generate an issue on each line of a file. It requires the metric \"lines\".");

  72.     oneIssuePerLine

  73.       .setDebtRemediationFunction(hasTag.debtRemediationFunctions().linear("1min"))

  74.       .setGapDescription("It takes about 1 minute to an experienced software craftsman to remove a line of code");

  75. 

  76.     repo.done();

  77.   }

  78. 

  79.   private void defineRulesXoo(Context context) {

  80.     NewRepository repo = context.createRepository(XOO_REPOSITORY, Xoo.KEY).setName("Xoo");

  81. 

  82.     new RulesDefinitionAnnotationLoader().load(repo, Check.ALL);

  83. 

  84.     NewRule hasTag = repo.createRule(HasTagSensor.RULE_KEY).setName("Has Tag")

  85.       .setActivatedByDefault(true)

  86.       .setHtmlDescription("Search for a given tag in Xoo files");

  87.     hasTag

  88.       .setDebtRemediationFunction(hasTag.debtRemediationFunctions().constantPerIssue("2min"));

  89.     hasTag.createParam("tag")

  90.       .setDefaultValue("xoo")

  91.       .setDescription("The tag to search for");

  92. 

  93.     NewRule ruleWithParameters = repo.createRule("RuleWithParameters").setName("Rule with parameters")

  94.       .setHtmlDescription("Rule containing parameter of different types : boolean, integer, etc. For information, no issue will be linked to this rule.");

  95.     ruleWithParameters.createParam("string").setType(RuleParamType.STRING);

  96.     ruleWithParameters.createParam("text").setType(RuleParamType.TEXT);

  97.     ruleWithParameters.createParam("boolean").setType(RuleParamType.BOOLEAN);

  98.     ruleWithParameters.createParam("integer").setType(RuleParamType.INTEGER);

  99.     ruleWithParameters.createParam("float").setType(RuleParamType.FLOAT);

  100. 

  101.     NewRule oneIssuePerLine = repo.createRule(OneIssuePerLineSensor.RULE_KEY).setName("One Issue Per Line")

  102.       .setHtmlDescription("Generate an issue on each line of a file. It requires the metric \"lines\".")

  103.       .setTags("line");

  104.     oneIssuePerLine

  105.       .setDebtRemediationFunction(oneIssuePerLine.debtRemediationFunctions().linear("1min"))

  106.       .setGapDescription("It takes about 1 minute to an experienced software craftsman to remove a line of code");

  107. 

  108.     NewRule oneQuickFixPerLine = repo.createRule(OneQuickFixPerLineSensor.RULE_KEY).setName("One Quick Fix Per Line")

  109.       .setHtmlDescription("Generate an issue with quick fix available on each line of a file. It requires the metric \"lines\".")

  110.       .setTags("line");

  111.     oneQuickFixPerLine

  112.       .setDebtRemediationFunction(oneQuickFixPerLine.debtRemediationFunctions().linear("1min"))

  113.       .setGapDescription("It takes about 1 minute to an experienced software craftsman to remove a line of code");

  114. 

  115.     repo.createRule(OneIssueOnDirPerFileSensor.RULE_KEY).setName("One Issue On Dir Per File")

  116.       .setHtmlDescription("Generate issues on directories");

  117. 

  118.     NewRule oneIssuePerFile = repo.createRule(OneIssuePerFileSensor.RULE_KEY).setName("One Issue Per File")

  119.       .setHtmlDescription("Generate an issue on each file");

  120.     oneIssuePerFile.setDebtRemediationFunction(oneIssuePerFile.debtRemediationFunctions().linear(TEN_MIN));

  121. 

  122.     NewRule oneIssuePerTestFile = repo.createRule(OneIssuePerTestFileSensor.RULE_KEY).setName("One Issue Per Test File")

  123.       .setScope(RuleScope.TEST)

  124.       .setHtmlDescription("Generate an issue on each test file");

  125.     oneIssuePerTestFile.setDebtRemediationFunction(oneIssuePerTestFile.debtRemediationFunctions().linear("8min"));

  126. 

  127.     NewRule oneBugIssuePerTestLine = repo.createRule(OneBugIssuePerTestLineSensor.RULE_KEY).setName("One Bug Issue Per Test Line")

  128.       .setScope(RuleScope.TEST)

  129.       .setHtmlDescription("Generate a bug issue on each line of a test file. It requires the metric \"lines\".")

  130.       .setType(RuleType.BUG);

  131.     oneBugIssuePerTestLine

  132.       .setDebtRemediationFunction(oneBugIssuePerTestLine.debtRemediationFunctions().linear("4min"));

  133. 

  134.     NewRule oneCodeSmellIssuePerTestLine = repo.createRule(OneCodeSmellIssuePerTestLineSensor.RULE_KEY).setName("One Code Smell Issue Per Test Line")

  135.       .setScope(RuleScope.TEST)

  136.       .setHtmlDescription("Generate a code smell issue on each line of a test file. It requires the metric \"lines\".")

  137.       .setType(RuleType.CODE_SMELL);

  138.     oneCodeSmellIssuePerTestLine

  139.       .setDebtRemediationFunction(oneCodeSmellIssuePerTestLine.debtRemediationFunctions().linear("3min"));

  140. 

  141.     NewRule oneIssuePerDirectory = repo.createRule(OneIssuePerDirectorySensor.RULE_KEY).setName("One Issue Per Directory")

  142.       .setHtmlDescription("Generate an issue on each non-empty directory");

  143.     oneIssuePerDirectory.setDebtRemediationFunction(oneIssuePerDirectory.debtRemediationFunctions().linear(TEN_MIN));

  144. 

  145.     NewRule oneDayDebtPerFile = repo.createRule(OneDayDebtPerFileSensor.RULE_KEY).setName("One Day Debt Per File")

  146.       .setHtmlDescription("Generate an issue on each file with a debt of one day");

  147.     oneDayDebtPerFile.setDebtRemediationFunction(oneDayDebtPerFile.debtRemediationFunctions().linear("1d"));

  148. 

  149.     NewRule oneIssuePerModule = repo.createRule(OneIssuePerModuleSensor.RULE_KEY).setName("One Issue Per Module")

  150.       .setHtmlDescription("Generate an issue on each module");

  151.     oneIssuePerModule

  152.       .setDebtRemediationFunction(oneIssuePerModule.debtRemediationFunctions().linearWithOffset("25min", "1h"))

  153.       .setGapDescription("A certified architect will need roughly half an hour to start working on removal of modules, " +

  154.         "then it's about one hour per module.");

  155. 

  156.     repo.createRule(OneBlockerIssuePerFileSensor.RULE_KEY).setName("One Blocker Issue Per File")

  157.       .setHtmlDescription("Generate a blocker issue on each file, whatever the severity declared in the Quality profile");

  158. 

  159.     repo.createRule(CustomMessageSensor.RULE_KEY).setName("Issue With Custom Message")

  160.       .setHtmlDescription("Generate an issue on each file with a custom message");

  161. 

  162.     repo.createRule(RandomAccessSensor.RULE_KEY).setName("One Issue Per File with Random Access")

  163.       .setHtmlDescription("This issue is generated on each file");

  164. 

  165.     repo.createRule(MultilineIssuesSensor.RULE_KEY).setName("Creates issues with ranges/multiple locations")

  166.       .setHtmlDescription("Issue with range and multiple locations");

  167. 

  168.     repo.createRule(OneIssuePerUnknownFileSensor.RULE_KEY).setName("Creates issues on each file with extension 'unknown'")

  169.       .setHtmlDescription("This issue is generated on each file with extenstion 'unknown'");

  170. 

  171.     NewRule oneBugIssuePerLine = repo.createRule(OneBugIssuePerLineSensor.RULE_KEY).setName("One Bug Issue Per Line")

  172.       .setHtmlDescription("Generate a bug issue on each line of a file. It requires the metric \"lines\".")

  173.       .setType(RuleType.BUG);

  174.     oneBugIssuePerLine

  175.       .setDebtRemediationFunction(oneBugIssuePerLine.debtRemediationFunctions().linear("5min"));

  176. 

  177.     NewRule oneCodeSmellIssuePerLine = repo.createRule(OneCodeSmellIssuePerLineSensor.RULE_KEY).setName("One Code Smell Issue Per Line")

  178.       .setHtmlDescription("Generate a code smell issue on each line of a file. It requires the metric \"lines\".")

  179.       .setType(RuleType.CODE_SMELL);

  180.     oneCodeSmellIssuePerLine

  181.       .setDebtRemediationFunction(oneBugIssuePerLine.debtRemediationFunctions().linear("9min"));

  182. 

  183.     NewRule oneVulnerabilityIssuePerModule = repo.createRule(OneVulnerabilityIssuePerModuleSensor.RULE_KEY).setName("One Vulnerability Issue Per Module")

  184.       .setHtmlDescription("Generate an issue on each module")

  185.       .setType(RuleType.VULNERABILITY);

  186.     oneVulnerabilityIssuePerModule

  187.       .setDebtRemediationFunction(oneVulnerabilityIssuePerModule.debtRemediationFunctions().linearWithOffset("25min", "1h"))

  188.       .setGapDescription("A certified architect will need roughly half an hour to start working on removal of modules, " +

  189.         "then it's about one hour per module.");

  190. 

  191.     repo

  192.       .createRule("xoo-template")

  193.       .setTemplate(true)

  194.       .setName("Template of rule")

  195.       .setHtmlDescription("Template to be overridden by custom rules");

  196. 

  197.     NewRule hotspot = repo.createRule(HotspotSensor.RULE_KEY)

  198.       .setName("Find security hotspots")

  199.       .setType(RuleType.SECURITY_HOTSPOT)

  200.       .setActivatedByDefault(false)

  201.       .setHtmlDescription("Search for Security Hotspots in Xoo files");

  202.     hotspot

  203.       .setDebtRemediationFunction(hotspot.debtRemediationFunctions().constantPerIssue("2min"));

  204. 

  205.     if (version != null && version.isGreaterThanOrEqual(Version.create(9, 3))) {

  206.       hotspot

  207.         .addOwaspTop10(OwaspTop10.A1, OwaspTop10.A3)

  208.         .addOwaspTop10(Y2021, OwaspTop10.A3, OwaspTop10.A2)

  209.         .addCwe(1, 89, 123, 863);

  210. 

  211.       oneVulnerabilityIssuePerModule

  212.         .addOwaspTop10(Y2017, OwaspTop10.A9, OwaspTop10.A10)

  213.         .addOwaspTop10(Y2021, OwaspTop10.A6, OwaspTop10.A9)

  214.         .addCwe(250, 564, 546, 943);

  215.     }

  216. 

  217.     repo.done();

  218.   }

  219. 

  220.   private static void defineRulesXooExternal(Context context) {

  221.     NewRepository repo = context.createExternalRepository(OneExternalIssuePerLineSensor.ENGINE_ID, Xoo.KEY).setName(OneExternalIssuePerLineSensor.ENGINE_ID);

  222. 

  223.     repo.createRule(OnePredefinedRuleExternalIssuePerLineSensor.RULE_ID)

  224.       .setSeverity(OnePredefinedRuleExternalIssuePerLineSensor.SEVERITY)

  225.       .setType(OnePredefinedRuleExternalIssuePerLineSensor.TYPE)

  226.       .setScope(RuleScope.ALL)

  227.       .setHtmlDescription("Generates one external issue in each line")

  228.       .setName("One external issue per line");

  229. 

  230.     repo.done();

  231.   }

  232. 

  233. }