Full documentation for SonarQube has moved to a new location: http://docs.sonarqube.org/display/SONAR

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Adding XPath rules directly in through the Sonar SonarQubeTM web interface.
  2. Extending an existing Sonar SonarQubeTM plugin. For example Checkstyle and PMD plugins accept definition of custom checks.
  3. Embedding and executing a code analyzer. For example the Checkstyle plugin configures and executes the library Checkstyle.

To implement a new coding rule, we recommend to start with XPath at it is the most simple way. If it cannot be achieved with XPath rules (either because the language plugin does not support XPath yet or because the rule is highly complex and cannot be defined with an XPath expression), then write your own Sonar SonarQubeTM plugin.

Anchor
extendingRulesXPath
extendingRulesXPath

Adding New Rules Using XPath Expressions

Sonar SonarQubeTM provides a quick and easy way to add new coding rules directly via the web interface for certain languages (C/C++, C#, Cobol, Flex, JavaScript, PL/I, PL/SQL, Python and VB.NET).

...

While parsing the source code, Sonar SonarQubeTM builds an Abstract Syntax Tree (AST).

An SSLR Toolkit is provided by each language supporting XPath to get a representation of this AST. Here's the AST for our JavaScript sample:

Image RemovedImage Added

The XPath language provides a way to write coding rules by navigating this AST.

...

  1. Login as an administrator
  2. Go to Configuration > Quality Profile
  3. Select one of the quality profiles whose language you want to add a new rule
  4. Look for the XPath rule template:
    Image RemovedImage Added
  5. Copy this template to create a new rule:
    Image RemovedImage Added
  6. Write your XPath rule (it should comply to XPath 1.0):
    Image RemovedImage Added

    Here are two examples of JavaScript XPath rules:

    Do not use document.write

    Code Block
    languagenone
    //callExpression/memberExpression[count(*) = 3 and primaryExpression[@tokenValue = "document"] and identifierName[@tokenValue = "write"]]


    Always use curly braces for if/else statements:

    Code Block
    languagenone
    //ifStatement/statement[not(block)] 

     

     

  7. Once written, activate those rules and run a Sonar an analysis.
     
  8. Issues on those XPath rules are now logged:
    Image RemovedImage Added

Extending

...

SonarQubeTM Plugins

The following languages can be extended with new rules:

...

The XML file is available in the plugin classloader and looks like :

Code Block
xml
xml
 <rules> 
  <!-- the format used before sonar 2.3 is still supported : attributes key and priority on the node <rule>
-->
  <rule>
    <!-- unique key within this repository -->
    <key>com.puppycrawl.tools.checkstyle.checks.header.HeaderCheck</key>
    <name>Header</name>
    <!-- default priority when the rule is activated (optional, default value is MAJOR). Values are INFO, MINOR,
         MAJOR, CRITICAL, BLOCKER -->
    <priority>MAJOR</priority>

    <!-- this key is used later by the sensor to configure the code analyzer --> 
    <configKey>Checker/Header</configKey>
   
    <!--
available ISO categories : Reliability, Portability, Maintainability, Efficiency, Usability -->
    <category name="Usability"/>

    <!--
    This node is optional: default value is SINGLE.
    MULTIPLE: the rule can be activated many times with different parameters and priority.
    SINGLE: the rule can be activated once
    --> 
    <cardinality>SINGLE</cardinality>

    <description><![CDATA[Checks that ...]]></description>
    <param>
      <key>header</key>
      <description><![CDATA[the required header specified inline. Individual header lines must be separated by the string "\n" (even on platforms with a different line separator)]]></description>
    </param>
    <param>
      <key>ignore</key>
      <description>...</description>
      <defaultValue>false</defaultValue>
    </param>
  </rule>
</rules>

...