Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 32 Next »

Table of Contents

There are three ways to extend coding rules:

  1. Adding XPath rules directly in the Sonar web interface.
  2. Extending an existing Sonar plugin. For example Checkstyle and PMD plugins accept definition of custom checks.
  3. Embedding and executing a code analyzer. For example the Checkstyle plugin configures and executes the library Checkstyle. 

Solution #1: Adding XPath Rules


While parsing the source code, an Abstract Syntax Tree (AST) is built. A SSDK is provided by each language supporting XPath to get a representation of the AST for a given piece of code.

Let's take the following JavaScript example:


Using the JavaScript SSDK, here's the corresponding AST:


From this AST, you can now write coding rules using the XPath language. 

To do so, login as an administrator, go to Configuration > Quality Profile and go to one of the quality profiles of the language you want to add a new rule.

Select the XPath rule:

Click on Copy rule:

Here's a few examples of JavaScript XPath rules:

  • Function must start with an uppercase letter: TODO
  • Do not use document.write: TODO
  • Always use curly braces for if/else statements: TODO

Activate those rules on one of your quality profiles and run a Sonar analysis.

Violations on those XPath rules are now logged:

Language Plugins Supporting XPath

Through SSLR:

  • Cobol
  • JavaScript
  • Flex
  • PL/SQL
Eventually, every language based on SSLR will support XPath.
Through external tools:
  • Java through PMD

Solution #2: Extending Sonar Plugins

The following languages can be extended with new rules:

Solution #3: Executing a Code Analyzer

A code analyzer plugin executes the following steps:

  1. Register definitions of coding rules, when the server is started.
  2. Optionally define some templates of quality profiles, when the server is started.
  3. Analyze source code and inject results in database 

1. Registering coding rules

This step relates to the extension point org.sonar.api.rules.RuleRepository. A RuleRepository defines a set of coding rules. It usually loads data from a XML file:

The XML file is available in the plugin classloader and looks like :

2. Defining quality profiles

This step relates to the extension point org.sonar.api.profiles.ProfileDefinition. Profiles provided by plugins are registered at server startup  and can't be edited by users:

3. Analyzing source code

This step relates to the extension point org.sonar.api.batch.Sensor.

  • No labels