Question

我想用Java编写自己的Sonar规则。我们要求在SonarQube中添加一些安全规则。在尝试之前，我必须先尝试编写基本规则。要做到这一点，我遵循以下链接： https://github.com/SonarSource/sonar-java/tree/master/java-checks/src

我尝试添加声纳示例中提到的示例规则，这对我来说很合适。

现在我尝试在github中添加已有的规则通过在同一文件夹中创建新的java文件。

我在这里补充说， https://github.com/SonarSource/sonar-java/blob/master/java-checks/src/main/java/org/sonar/java/checks/DuplicateConditionIfElseIfCheck.java 我的主文件夹中的代码。我也在测试文件夹中添加了相应的java文件。

但是当我使用 - ＆gt;编译时出现以下错误： mvn编译

C:\Sonar\sonar-examples-master\plugins\java-custom-rules>mvn compile
[INFO] Scanning for projects...
[INFO]
[INFO] ------------------------------------------------------------------------
[INFO] Building Java Custom Rules 1.0-SNAPSHOT
[INFO] ------------------------------------------------------------------------
[INFO]
[INFO] --- sonar-packaging-maven-plugin:1.12.1:check-dependencies (default-check
-dependencies) @ java-custom-rules ---
[INFO]
[INFO] --- maven-resources-plugin:2.7:resources (default-resources) @ java-custo
m-rules ---
[WARNING] Using platform encoding (Cp1252 actually) to copy filtered resources,
i.e. build is platform dependent!
[INFO] skip non existing resourceDirectory C:\Sonar\sonar-examples-master\plugin
s\java-custom-rules\src\main\resources
[INFO]
[INFO] --- maven-compiler-plugin:3.1:compile (default-compile) @ java-custom-rul
es ---
[INFO] Changes detected - recompiling the module!
[WARNING] File encoding has not been set, using platform encoding Cp1252, i.e. b
uild is platform dependent!
[INFO] Compiling 9 source files to C:\Sonar\sonar-examples-master\plugins\java-c
ustom-rules\target\classes
[INFO] -------------------------------------------------------------
[WARNING] COMPILATION WARNING :
[INFO] -------------------------------------------------------------
[WARNING] /C:/Sonar/sonar-examples-master/plugins/java-custom-rules/src/main/jav
a/org/sonar/samples/java/MyJavaFileCheckRegistrar.java: C:\Sonar\sonar-examples-
master\plugins\java-custom-rules\src\main\java\org\sonar\samples\java\MyJavaFile
CheckRegistrar.java uses unchecked or unsafe operations.
[WARNING] /C:/Sonar/sonar-examples-master/plugins/java-custom-rules/src/main/jav
a/org/sonar/samples/java/MyJavaFileCheckRegistrar.java: Recompile with -Xlint:un
checked for details.
[INFO] 2 warnings
[INFO] -------------------------------------------------------------
[INFO] -------------------------------------------------------------
[ERROR] COMPILATION ERROR :
[INFO] -------------------------------------------------------------
[ERROR] /C:/Sonar/sonar-examples-master/plugins/java-custom-rules/src/main/java/
org/sonar/samples/java/DuplicateConditionIfElseIfCheck.java:[50,54] cannot find
symbol
  symbol:   class Location
  location: interface org.sonar.plugins.java.api.JavaFileScannerContext
[INFO] 1 error
[INFO] -------------------------------------------------------------
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 13.667 s
[INFO] Finished at: 2015-10-06T09:55:20+03:00
[INFO] Final Memory: 15M/37M
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-compiler-plugin:3.
1:compile (default-compile) on project java-custom-rules: Compilation failure
[ERROR] /C:/Sonar/sonar-examples-master/plugins/java-custom-rules/src/main/java/
org/sonar/samples/java/DuplicateConditionIfElseIfCheck.java:[50,54] cannot find
symbol
[ERROR] symbol:   class Location
[ERROR] location: interface org.sonar.plugins.java.api.JavaFileScannerContext

我是否需要添加任何其他jar文件？请帮我。

提前致谢， Shruthi

Answer 1

我发现在扩展现有插件（如java-plugin）时，未包含原始插件的类路径。为了包含该类路径，您必须在sonar-packaging-maven-plugin的配置上设置basePlugin，如下所示：

String
StringBuilder
StringBuffer
Exception in thread "main" java.lang.ClassCastException: java.lang.Class cannot be cast to java.lang.reflect.ParameterizedType
    at org.command4j.core.commands.utils.Home.getTypeParameterClass(Home.java:13)
    at org.command4j.core.commands.utils.Home.mainKO(Home.java:46)
    at org.command4j.core.commands.utils.Home.main(Home.java:26)

您可以查看我的SonarQube插件 https://github.com/SPeeSimon/SonarQube-plugins

Answer 2

请检查.m2回购中的这些依赖项。以下是来自pom.xml

<dependency>
      <groupId>org.codehaus.sonar</groupId>
      <artifactId>sonar-java-api</artifactId>
      <scope>provided</scope>
    </dependency>
    <dependency>
      <groupId>org.codehaus.sonar</groupId>
      <artifactId>sonar-plugin-api</artifactId>
      <scope>provided</scope>
    </dependency>
    <dependency>
      <groupId>com.google.collections</groupId>
      <artifactId>google-collections</artifactId>
      <version>1.0</version>
      <scope>provided</scope>
    </dependency>

用Java编写声纳规则

2 个答案: