Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


  1. Adding XPath rules directly through the SonarQubeTM web SonarQubeweb interface.
  2. Extending an existing SonarQube TM plugin. For example Checkstyle and PMD plugins accept definition of custom checks.
  3. Embedding and executing a code analyzer. For example the Checkstyle plugin configures and executes the library Checkstyle.

To implement a new coding rule, we recommend to start with XPath at it is the most simple way. If it cannot be achieved with XPath rules (either because the language plugin does not support XPath yet or because the rule is highly complex and cannot be defined with an XPath expression), then write your own SonarQubeTM pluginSonarQubeplugin.


Adding New Rules Using XPath Expressions

SonarQube TM provides a quick and easy way to add new coding rules directly via the web interface for certain languages (C/C++, C#, Cobol, Flex, JavaScript, PL/I, PL/SQL, Python and VB.NET).


While parsing the source code, SonarQubeTM builds SonarQubebuilds an Abstract Syntax Tree (AST).


  1. Login as an administrator
  2. Go to Configuration > Quality Profile
  3. Select one of the quality profiles whose language you want to add a new rule
  4. Look for the XPath rule template:
  5. Copy this template to create a new rule:
  6. Write your XPath rule (it should comply to XPath 1.0):

    Here are two examples of JavaScript XPath rules:

    Do not use document.write

    Code Block
    //callExpression/memberExpression[count(*) = 3 and primaryExpression[@tokenValue = "document"] and identifierName[@tokenValue = "write"]]

    Always use curly braces for if/else statements:

    Code Block



  7. Once written, activate those rules and run an analysis.
  8. Issues on those XPath rules are now logged:

Extending SonarQube



The following languages can be extended with new rules: