Live example If you want to see a live example of the capabilities of the Java Ecosystem, you can have a look at Sonar on Sonar.

Description / Features

The Java Ecosystem is a set of Sonar plugins used to monitor the quality of Java projects within Sonar.

It is compatible with the Sonar Eclipse plugin to track violations while coding. It is also compatible with the Issues Report plugin to run pre-commit local analysis.

Installation

The Java Ecosystem is a set of plugins:

• Mandatory plugins:
  
  • Java [sonar-java-plugin]: to parse Java code source, compute metrics, etc.
  • Squid [sonar-squid-java-plugin]: to compute additional metrics, check code against rules provided by the Sonar engine
     
• Optional plugins adding features from external tools:
  
  • Checkstyle [sonar-checkstyle-plugin]: to check code against rules provided by Checkstyle
  • FindBugs [sonar-findbugs-plugin]: to check code against rules provided by FindBugs
  • PMD [sonar-pmd-plugin]: to check code against rules provided by PMD
  • Surefire [sonar-surefire-plugin]: to execute unit tests with Surefire
  • Cobertura [sonar-cobertura-plugin]: to get code coverage with Cobertura 
  • JaCoCo [sonar-jacoco-plugin]: to get code coverage with JaCoCo

Note that by default the Java Ecosystem is provided with Sonar.

You can update it from the Update Center (since Sonar 3.5) or download the latest release from this page header.

Usage

Run a Sonar Analysis

To launch a Sonar analysis of your Java project, it is recommended to use the following analyzers:

• Maven for Maven projects
• Ant for Ant projects
• Sonar Runner otherwise

Sample projects for each analyzer are available on GitHub that can be browsed or downloaded: /projects/languages/java

Notes:

• The source directory should be set to the directory containing the top parent package. For example, if your directory structure is 'src/main/java/com/mycompany/...', the source directory must be set to 'src/main/java'.
• The source directory tree has to match the package declaration. For example, the following class:

must be located in the following directory: [mySourceDirectory]/com/mycompany/mypackage/MyClass.java. Otherwise you would get such an error while running your analysis:

Tests and Code Coverage

The default code coverage engine for unit tests can be set in Settings > Configuration > General Settings > Java > Code coverage plugin property.

By default the code coverage engine is JaCoCo but Cobertura, Emma or Clover can also be used.

To deal with unit tests and code coverage for Java project in Sonar, see Code Coverage by Unit Tests for Java Project tutorial.

To deal with integration tests and code coverage for Java project in Sonar, see Code Coverage by Integration Tests for Java Project tutorial.

Advanced Settings

Documentation on advanced parameters is available on the Analysis Parameters page.

Advanced parameters specific to Java are:

FAQ

See Java Ecosystem FAQ.

Metrics

See Metrics documentation page.

Android

A sample project with code coverage computed with Emma is available on GitHub that can be browsed or downloaded: /projects/android

Extending Coding Rules using XPath

New coding rules can be added using XPath. See the related documentation.

To navigate the AST, download the SSLR Java Toolkit.

Change Log

Version 1.3 (unreleased) (43 issues)
Type	Key	Summary	Priority	Status
	SONARJAVA-165	"Undocumented API" detects private attributes as public		Resolved
	SONARJAVA-85	Provide contextual information when an ASM Exception is thrown while analysing a java class and don't stop the analysis		Closed
	SONARJAVA-81	CallToDeprecatedMethod: Improve the violation message		Closed
	SONARJAVA-105	The cardinality of JaCoCo properties "includes", "excludes" and "exclclassloader" should be multiple		Closed
	SONARJAVA-131	Rename the property key 'sonar.surefire.reportsPath' into 'sonar.junit.reportsPath'		Closed
	SONARJAVA-125	Rule S00112: Generic exceptions Error, RuntimeException, Throwable and Exception should never be thrown		Closed
	SONARJAVA-29	"Avoid Throwing Raw Exception Types" Rule not able to detect "throw new Exception" in all cases		Closed
	SONARJAVA-135	The rule "Unused private method" generates some false-positives in case of method overloading		Closed
	SONARJAVA-118	Rule S00100: Method names should comply with a naming convention		Closed
	SONARJAVA-119	Rule S00101: Class names should comply with a naming convention		Closed
	SONARJAVA-121	Rule S00104: Files should not have too many lines of code		Closed
	SONARJAVA-138	Rule S00113: Files should contain an empty new line at the end		Closed
	SONARJAVA-127	Rule S00107: Methods should not have too many parameters		Closed
	SONARJAVA-122	Rule S00105: Tabulation characters should not be used		Closed
	SONARJAVA-141	Deprecate PMD XPath rule in favor of Sonar XPath rule		Closed
	SONARJAVA-140	Mark Checkstyle CyclomaticComplexityCheck and PMD CyclomaticComplexity rules as deprecated in favor of our own rule		Closed
	SONARJAVA-143	Rule S00114: Interface names should comply with a naming convention		Closed
	SONARJAVA-142	Remove "Sun checks" profile		Closed
	SONARJAVA-146	Rule S00117: Local variable names should comply with a naming convention		Closed
	SONARJAVA-149	Rule S00120: Package names should comply with a naming convention		Closed
	SONARJAVA-152	Deprecate PMD rule AvoidDollarSigns in favor of S00114 - S00117		Closed
	SONARJAVA-161	XPath rule should not lead to NPE, when parse error happens		Closed
	SONARJAVA-150	Rule S00121: if/else/for/while/do statements should always use curly braces		Closed
	SONARJAVA-148	Rule S00119: Parameter type names should comply with a naming convention		Closed
	SONARJAVA-120	Rule S00103: Lines of code should not be too long		Closed
	SONARJAVA-145	Rule S00116: Field names should comply with a naming convention		Closed
	SONARJAVA-151	Rule S00122: Statements should be on separate lines		Closed
	SONARJAVA-144	Rule S00115: Constant names should comply with a naming convention		Closed
	SONARJAVA-166	Reorganize the properties of every Java plugin using sub-categories		Closed
	SONARJAVA-133	Compute the new metric "complexity in methods"		Closed
	SONARJAVA-164	The Sonar JaCoCo plugin takes into account only the first binary directories if several ones are provided		Closed
	SONARJAVA-154	Use the new Sonar API to highlight any symbol use or declaration in java source code		Closed
	SONARJAVA-153	Use the Sonar Syntax Highlighting API to colorize java source code		Closed
	SONARJAVA-19	@SuppressWarnings("all") no longer works in Sonar 3.3+		Resolved
	SONARJAVA-139	Update the SQALE mapping for new rules		Closed
	SONARJAVA-147	Rule S00118: Abstract class names should comply with a naming convention		Reopened
	SONARJAVA-169	Upgrade to SSLR 1.19.1 and sslr-squid-bridge 2.3		Resolved
	SONARJAVA-128	Rule S00108: Nested blocks of code should not be left empty		Resolved
	SONARJAVA-104	Improve the documentation explaining how to define some JaCoCo exclusion/inclusion patterns		Closed
	SONARJAVA-116	Make the Checkstyle filter property configurable at project level		Closed
	SONARJAVA-124	When the Sonar CheckstyleAuditListener receives an exception event, the java source file path must be logged along with error message		Closed
	SONARJAVA-158	Parser: usage of TypeArgument should be forbidden in some places		Closed
	SONARJAVA-159	Parser: usage of BasicType should be forbidden in ResourceSpecification		Closed

Version 1.2 (16 issues)
Type	Key	Summary	Priority
	SONARJAVA-111	Support multiple binary directories in Findbugs
	SONARJAVA-109	Do not apply exclusions to configuration of Cobertura intrumentation
	SONARJAVA-108	Remove configuration of file exclusions in Findbugs
	SONARJAVA-82	Constructor for a class named get* will cause java-squid to fail sonar analyze
	SONARJAVA-95	Provide TestNG Listener to record coverage per test
	SONARJAVA-94	Provide JUnit Listener to record coverage per test
	SONARJAVA-103	Add "Failed Tests" and "Skipped Tests" rules from Common Rules
	SONARJAVA-99	Upgrade to SSLR 1.18
	SONARJAVA-96	Upgrade to JaCoCo 0.6.2
	SONARJAVA-36	CheckstyleProfileImporter should support inheritance of properties
	SONARJAVA-90	The Findbugs plugin sometimes logs some violations with line number less than 1
	SONARJAVA-83	PMD plugin does not accept source level of "7" (vs 1.7)
	SONARJAVA-51	Files not ending with '.java' or '.jav' should not be taken into account
	SONARJAVA-93	Remove the sonar.skipDesign property from the web interface
	SONARJAVA-92	Author links are incorrect in Update Center for all plugins
	SONARJAVA-21	When a timeout exception occurs while executing Findbugs, the timeout threshold value should be logged

Version 1.1 (15 issues)
Type	Key	Summary	Priority
	SONARJAVA-18	Grab violations directly from findbugs without xml-report generation
	SONARJAVA-80	L10n files are not in the correct folder
	SONARJAVA-20	Upgrade to SSLR 1.16 and switch to lexerless parser
	SONARJAVA-3	The literal "42L" should be lexed as a LONG_LITERAL instead of a INTEGER_LITERAL
	SONARJAVA-2	The literal "42.0" should be lexed as a DOUBLE_LITERAL instead of a FLOATING_LITERAL
	SONARJAVA-1	OutOfMemoryError when attempting to lex an unterminated single quote
	SONARJAVA-14	findbugs-result.xml contains invalid character entity
	SONARJAVA-15	When using the property 'sonar.findbugs.excludesFilters' an INFO log should be generated to clearly show that the external Findbugs filter is taken into account
	SONARJAVA-39	New property 'sonar.java.coveragePlugin'
	SONARJAVA-4	Upgrade to Checkstyle 5.6
	SONARJAVA-5	Rule: Generic Java rule to define some homemade checks with an XPath expression
	SONARJAVA-17	When the last line of a source code file is a blank line, this line is not counted in the "lines" measure
	SONARJAVA-44	The IT and Overall code coverage should not be computed when the code coverage by unit tests is not computed with jacoco
	SONARJAVA-22	The two properties of the Checkstyle rule 'RegexpHeaderCheck' should be TEXT
	SONARJAVA-84	Typo in the Checkstyle rule "ReturnCount"