diff options
Diffstat (limited to 'plugins/sonar-xoo-plugin/src')
7 files changed, 103 insertions, 8 deletions
diff --git a/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/XooPlugin.java b/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/XooPlugin.java index b4aad85bdb0..652d17d78bb 100644 --- a/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/XooPlugin.java +++ b/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/XooPlugin.java @@ -33,6 +33,7 @@ import org.sonar.xoo.extensions.XooIssueFilter; import org.sonar.xoo.extensions.XooPostJob; import org.sonar.xoo.extensions.XooProjectBuilder; import org.sonar.xoo.global.DeprecatedGlobalSensor; +import org.sonar.xoo.global.ErrorThrowingSensor; import org.sonar.xoo.global.GlobalProjectSensor; import org.sonar.xoo.lang.CpdTokenizerSensor; import org.sonar.xoo.lang.LineMeasureSensor; @@ -185,6 +186,7 @@ public class XooPlugin implements Plugin { SensorMetrics.class, DeprecatedGlobalSensor.class, GlobalProjectSensor.class, + ErrorThrowingSensor.class, HotspotWithoutContextSensor.class, HotspotWithContextsSensor.class, diff --git a/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/architecture/ArchitectureSensor.java b/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/architecture/ArchitectureSensor.java index e3e75a9932f..237f8fa71ba 100644 --- a/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/architecture/ArchitectureSensor.java +++ b/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/architecture/ArchitectureSensor.java @@ -36,7 +36,7 @@ public class ArchitectureSensor implements ProjectSensor { @Override public void execute(SensorContext context) { - final String mimeType = "application/file_graph+json;version=1.0"; + final String mimeType = "application/graph+json;version=2.0.0"; long count = StreamSupport.stream( context.fileSystem().inputFiles( @@ -44,16 +44,23 @@ public class ArchitectureSensor implements ProjectSensor { .count(); context.addAnalysisData( - "architecture.file_graph.java", + "architecture.graph." + Xoo.KEY + ".file_graph", mimeType, - new ByteArrayInputStream(("{graph:\"data\", \"classCount\":" + count + "}") + new ByteArrayInputStream(("{\"graph\":\"files\", \"fileCount\":" + count + "}") .getBytes(StandardCharsets.UTF_8)) ); context.addAnalysisData( - "architecture.file_graph." + Xoo.KEY, + "architecture.graph." + Xoo.KEY + ".file_graph.module_persp", mimeType, - new ByteArrayInputStream(("{graph:\"data\", \"fileCount\":" + count + "}") + new ByteArrayInputStream(("{\"graph\":\"modules\", \"fileCount\":" + count + "}") + .getBytes(StandardCharsets.UTF_8)) + ); + + context.addAnalysisData( + "architecture.graph." + Xoo.KEY + ".namespace", + mimeType, + new ByteArrayInputStream(("{\"graph\":\"namespace\", \"fileCount\":" + count + "}") .getBytes(StandardCharsets.UTF_8)) ); } diff --git a/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/global/ErrorThrowingSensor.java b/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/global/ErrorThrowingSensor.java new file mode 100644 index 00000000000..dde8dd69453 --- /dev/null +++ b/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/global/ErrorThrowingSensor.java @@ -0,0 +1,71 @@ +/* + * SonarQube + * Copyright (C) 2009-2025 SonarSource SA + * mailto:info AT sonarsource DOT com + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 3 of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this program; if not, write to the Free Software Foundation, + * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + */ +package org.sonar.xoo.global; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.sonar.api.batch.sensor.Sensor; +import org.sonar.api.batch.sensor.SensorContext; +import org.sonar.api.batch.sensor.SensorDescriptor; + +/** + * Sensor that throws a {@link java.lang.Error} during execution. + */ +public class ErrorThrowingSensor implements Sensor { + + private static final Logger LOG = LoggerFactory.getLogger(ErrorThrowingSensor.class); + + public static final String ENABLE_PROP = "sonar.scanner.errorSensor"; + + @Override + public void describe(SensorDescriptor descriptor) { + descriptor + .name("Error Throwing Sensor") + .onlyWhenConfiguration(c -> c.hasKey(ENABLE_PROP)); + } + + @Override + public void execute(SensorContext context) { + LOG.info("Running Error Throwing sensor"); + runNonDaemonThread(); + throw new XooError("This is thrown by the ErrorThrowing Sensor, it's its job to throw it!"); + } + + private static void runNonDaemonThread() { + Thread nonDaemonThread = new Thread(() -> { + while (true) { + try { + Thread.sleep(1000); + } catch (InterruptedException e) { + Thread.currentThread().interrupt(); + break; + } + } + }); + LOG.info("Starting non-daemon Thread"); + nonDaemonThread.start(); + } + + static class XooError extends Error { + public XooError(String message) { + super(message); + } + } +} diff --git a/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/OneIssuePerFileSensor.java b/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/OneIssuePerFileSensor.java index 135a1a0a4ab..ef1955d37d9 100644 --- a/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/OneIssuePerFileSensor.java +++ b/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/OneIssuePerFileSensor.java @@ -23,6 +23,7 @@ import org.sonar.api.batch.fs.FileSystem; import org.sonar.api.batch.fs.InputFile; import org.sonar.api.batch.rule.ActiveRules; import org.sonar.api.batch.sensor.SensorContext; +import org.sonar.api.batch.sensor.SensorDescriptor; import org.sonar.api.batch.sensor.issue.NewIssue; import org.sonar.api.config.Configuration; import org.sonar.api.rule.RuleKey; @@ -32,6 +33,7 @@ public class OneIssuePerFileSensor extends AbstractXooRuleSensor { public static final String RULE_KEY = "OneIssuePerFile"; private static final String EFFORT_TO_FIX_PROPERTY = "sonar.oneIssuePerFile.effortToFix"; + private static final String ENABLE_HIDDEN_FILE_PROCESSING = "sonar.oneIssuePerFile.enableHiddenFileProcessing"; private final Configuration settings; @@ -41,11 +43,20 @@ public class OneIssuePerFileSensor extends AbstractXooRuleSensor { } @Override + public void describe(SensorDescriptor descriptor) { + super.describe(descriptor); + if (settings.getBoolean(ENABLE_HIDDEN_FILE_PROCESSING).orElse(false)) { + descriptor.processesHiddenFiles(); + } + } + + @Override protected String getRuleKey() { return RULE_KEY; } - @Override protected void processFile(InputFile inputFile, SensorContext context, RuleKey ruleKey, String languageKey) { + @Override + protected void processFile(InputFile inputFile, SensorContext context, RuleKey ruleKey, String languageKey) { NewIssue newIssue = context.newIssue() .forRule(ruleKey) .gap(settings.getDouble(EFFORT_TO_FIX_PROPERTY).orElse(0.0)); diff --git a/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/XooRulesDefinition.java b/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/XooRulesDefinition.java index db8d42d0d28..6a414972d5b 100644 --- a/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/XooRulesDefinition.java +++ b/plugins/sonar-xoo-plugin/src/main/java/org/sonar/xoo/rule/XooRulesDefinition.java @@ -48,6 +48,7 @@ import static org.sonar.api.server.rule.RuleDescriptionSection.RuleDescriptionSe import static org.sonar.api.server.rule.RuleDescriptionSection.RuleDescriptionSectionKeys.INTRODUCTION_SECTION_KEY; import static org.sonar.api.server.rule.RuleDescriptionSection.RuleDescriptionSectionKeys.RESOURCES_SECTION_KEY; import static org.sonar.api.server.rule.RuleDescriptionSection.RuleDescriptionSectionKeys.ROOT_CAUSE_SECTION_KEY; +import static org.sonar.api.server.rule.RulesDefinition.OwaspMobileTop10Version.Y2024; import static org.sonar.api.server.rule.RulesDefinition.OwaspTop10Version.Y2017; import static org.sonar.api.server.rule.RulesDefinition.OwaspTop10Version.Y2021; @@ -293,11 +294,13 @@ public class XooRulesDefinition implements RulesDefinition { hotspot .addOwaspTop10(OwaspTop10.A1, OwaspTop10.A3) .addOwaspTop10(Y2021, OwaspTop10.A3, OwaspTop10.A2) + .addOwaspMobileTop10(Y2024, OwaspMobileTop10.M4, OwaspMobileTop10.M8) .addCwe(1, 89, 123, 863); oneVulnerabilityIssuePerProject .addOwaspTop10(Y2017, OwaspTop10.A9, OwaspTop10.A10) .addOwaspTop10(Y2021, OwaspTop10.A6, OwaspTop10.A9) + .addOwaspMobileTop10(Y2024, OwaspMobileTop10.M3, OwaspMobileTop10.M5) .addCwe(89, 250, 311, 546, 564, 943); } diff --git a/plugins/sonar-xoo-plugin/src/test/java/org/sonar/xoo/architecture/ArchitectureSensorTest.java b/plugins/sonar-xoo-plugin/src/test/java/org/sonar/xoo/architecture/ArchitectureSensorTest.java index d1bac6b14b6..d43ac0ff165 100644 --- a/plugins/sonar-xoo-plugin/src/test/java/org/sonar/xoo/architecture/ArchitectureSensorTest.java +++ b/plugins/sonar-xoo-plugin/src/test/java/org/sonar/xoo/architecture/ArchitectureSensorTest.java @@ -76,7 +76,7 @@ public class ArchitectureSensorTest { // then ArgumentCaptor<InputStream> inputStreamCaptor = ArgumentCaptor.forClass(InputStream.class); - verify(context).addAnalysisData(eq("architecture.file_graph.xoo"), contains("application/file_graph+json"), inputStreamCaptor.capture()); + verify(context).addAnalysisData(eq("architecture.graph.xoo.file_graph"), contains("application/graph+json"), inputStreamCaptor.capture()); try { String capturedData = new String(inputStreamCaptor.getValue().readAllBytes(), StandardCharsets.UTF_8); assertThat(capturedData).contains("\"fileCount\":" + nbFileSensor); diff --git a/plugins/sonar-xoo-plugin/src/test/java/org/sonar/xoo/rule/XooRulesDefinitionTest.java b/plugins/sonar-xoo-plugin/src/test/java/org/sonar/xoo/rule/XooRulesDefinitionTest.java index d9a418c69ac..a801fb85ddd 100644 --- a/plugins/sonar-xoo-plugin/src/test/java/org/sonar/xoo/rule/XooRulesDefinitionTest.java +++ b/plugins/sonar-xoo-plugin/src/test/java/org/sonar/xoo/rule/XooRulesDefinitionTest.java @@ -70,6 +70,7 @@ public class XooRulesDefinitionTest { assertThat(rule.securityStandards()) .isNotEmpty() .containsExactlyInAnyOrder("cwe:1", "cwe:89", "cwe:123", "cwe:863", "owaspTop10:a1", "owaspTop10:a3", + "owaspMobileTop10-2024:m4", "owaspMobileTop10-2024:m8", "owaspTop10-2021:a3", "owaspTop10-2021:a2", "owaspAsvs-4.0:2.8.7", "owaspAsvs-4.0:3.1.1", "owaspAsvs-4.0:4.2.2", "pciDss-3.2:4.2", "pciDss-3.2:4.2b", "pciDss-3.2:6.5.1", "pciDss-3.2:6.5a.1b", "pciDss-4.0:4.1", "pciDss-4.0:4.2c", "pciDss-4.0:6.5.1", "pciDss-4.0:6.5a.1", @@ -98,7 +99,7 @@ public class XooRulesDefinitionTest { assertThat(rule.securityStandards()) .isNotEmpty() .containsExactlyInAnyOrder("cwe:89", "cwe:250", "cwe:311", "cwe:546", "cwe:564", "cwe:943", "owaspTop10-2021:a6", "owaspTop10-2021:a9", - "owaspTop10:a10", "owaspTop10:a9", + "owaspTop10:a10", "owaspTop10:a9", "owaspMobileTop10-2024:m3", "owaspMobileTop10-2024:m5", "owaspAsvs-4.0:11.1.2", "owaspAsvs-4.0:14.5.1", "owaspAsvs-4.0:14.5.4", "pciDss-3.2:10.1a.2c", "pciDss-3.2:10.2", "pciDss-4.0:10.1", "pciDss-4.0:10.1a.2b", "stig-ASD_V5R3:V-222596", "stig-ASD_V5R3:V-222608", "stig-ASD_V5R3:V-222653"); |