Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
NameJava Ecosystem
Latest version2.2.13 ( 19 may 26 june 2014 )
Requires SonarQube version4.2 or higher ( check version compatibility )
DownloadJavaEcosystem-2.23.1.zip
LicenseGNU LGPL 3
DevelopersSonarSource
Issue trackerhttp://jira.codehaus.org/browse/SONARJAVA
Sourceshttps://github.com/SonarSource/sonar-java
Tip
titleLive example

If you want to see a live example of the capabilities of the Java Ecosystem, you can have a look at SonarQube on SonarQube.

Warning
titleJava bytecode is required

Analysing a Java project without providing the Java bytecode of the source files and of all the project dependencies (jar files) is possible but will lead to highly decrease the number of issues found by the analyzer (false-negatives). Moreover the detection of cycles between packages and the display of the DSM will be automatically deactivated. As soon as a class required to efficiently do an analysis is missing a warning like the following one is logged :

[WARN] [08:40:21.769] Class 'XXXXXX' is not accessible through the ClassLoader.

 

Description / Features

The Java Ecosystem is a set of plugins used to monitor the quality of Java within SonarQube.

On top of the coding rules provided by the SonarQube engine, you can activate rules from CheckstyleFindBugsPMDClirr, and fb-contrib. However, we highly recommend that you limit your Quality Profiles to from the SonarQube engine because we believe they are faster, more accurate (fewer false positives and false negatives), and more usable (they have better descriptions, etc). Read this blog post for more details.

If your Quality Profile contains rules from the SonarQube engine or FindBugs rules, then byte code will be required by the analysis. This Java Ecosystem is able to analyse any kind of java source files whatever is the version of Java they comply to.

Installation

By default the Java Ecosystem is provided with SonarQube. You can update it from the Update Center or download the latest release from this page header. Don't forget to check the upgrade notes.

Usage

Run a SonarQube Analysis

...

Note that you must provide both source code and compiled byte code if the Quality Profile in use contains either SonarQube-native rules, or FindBugs rules.

Sample projects for each analyzer are available on GitHub that can be browsed or downloaded: /projects/languages/java

...

Upgrade Notes

Version 2.2

...