Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Wiki Markup
{iframe:src=http://update.sonarsource.org/plugins/java-confluence.html|width=700|height=550500|frameborder=0}
Your browser does not support iframes.
{iframe}

...

Warning
titleUpgrade to 2.4

You CANNOT upgrade automatically to 2.4

Version 2.4 moves Java from being an "ecosystem" of multiple plugins to a single, stand-

along

alone plugin that encompasses most of the functionality formerly contained in the ecosystem. Specifically, 

  • Squid, Surefire and Jacoco have been rolled into the Java plugin.
  • FindBugs has been split off into an independent, optional plugin. To continue using it, upgrade it to version 2.4.

Unfortunately, SonarQube's update center cannot handle the switch gracefully. You may use the update center to download the new version of the plugin. However, you must manually remove the Surefire, JaCoCo, and Squid for Java plugins from$SONARQUBE_HOME/extensions/plugins.

  • FindBugs has been split off into an independent, optional plugin. To continue using it, upgrade it to version 2.4.
  •  

     

    Tip
    titleLive example

    If you want to see a live example of the capabilities of the Java Ecosystem, you can have a look at SonarQube on SonarQube.

    ...

    By default the Java plugin is provided with SonarQube. You can update it from the Update Center or download the latest release from this page header. Don't forget to check the upgrade notes.

    Usage

    Warning
    titleJava bytecode is required

    Analysing a Java project without providing the Java bytecode of the source files and of all the project dependencies (jar files) is possible but will lead to highly decrease the number of issues found by the analyzer (false-negatives). Moreover the detection of cycles between packages and the display of the DSM will be automatically deactivated. As soon as a class required to efficiently do an analysis is missing a warning like the following one is logged :

    [WARN] [08:40:21.769] Class 'XXXXXX' is not accessible through the ClassLoader.

    ...

    Note that you must provide both source code and compiled byte code if the Quality Profile in use contains either SonarQube-native rules, or FindBugs rules.

    To provide compiled bytecode and dependencies to the analysis, prior to version 2.5 please refer to the Analysis Parameters Page and use sonar.binaries and sonar.libraries properties. 

    From version 2.5, if you are not using maven, use the two following properties : 

    KeyDescription
    sonar.java.binariesComma-separated paths to directories containing the compiled bytecode files corresponding to your source files

    sonar.java.libraries

    Comma-separated paths to files with third-party libraries (JAR or Zip files).
    Wildcards can be used :

    sonar.java.libraries=path/to/specific/library/myLibrary.jar,path/to/library/*.jar,directory/**/*.jar

     

    Sample projects for each analyzer are available on GitHub that can be browsed or downloaded: /projects/languages/java

    ...

    Upgrade Notes

    Version 2.4

    • Version 2.4 moves Java from being an "ecosystem" of multiple plugins to a single, stand-along plugin that encompasses most of the functionality formerly contained in the ecosystem. Unfortunately, SonarQube's update center cannot handle the switch gracefully. You may use the update center to download the new version of the plugin. However, you must manually remove the Surefire, JaCoCo, and Squid for Java plugins from $SONARQUBE_HOME/extensions/plugins.
    • FindBugs has been split off into an independent, optional plugin. To continue using it, upgrade to version 2.4.

    ...