This case should be perfectly handled by SonarJava. Lombok annotations are taken into account at least since version 3.14 (SONARJAVA-1642). The issues you are getting are resulting from a misconfiguration of your Java project. No need to write any custom rules to handle this, this is natively supported by the analyzer. SonarJava reads bytecode to … Read more
The call to us.toString() is redundant, toString() method will be called regardless the configured log level. You should pass only us as an argument to info without an if statement. logger.info(“Log this: {}”, us);
I had success with a multimodule android project. Since the complete build files take too much space I show the relevant parts here only. In the parent project’s build.gradle I set: buildscript { … dependencies { classpath ‘com.android.tools.build:gradle:1.5.0’ … } plugins { id “org.sonarqube” version “1.1” } In the app project (and any other children) … Read more
If you use SonarScanner CLI with Docker, you may have this error because the SonarScanner container can not access to the Sonar UI container. Note that you will have the same error with a simple curl from another container: docker run –rm byrnedo/alpine-curl 127.0.0.1:9000 % Total % Received % Xferd Average Speed Time Time Time … Read more
You’re running your Maven steps in the wrong order: clean – delete all previous build output sonar:sonar – run analysis (which requires build output) deploy – build &etc… Try this instead: mvn clean deploy sonar:sonar Now if you’re about to object that you don’t want to actually “deploy” the jar until/unless the changed code passes … Read more
Sonar exclusions (like other sonar properties) have to be added to the <properties> section of the POM file. Like so (example from excluding jOOQ autogenerated code from current project): <properties> <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> <sonar.host.url>http://www.example.com/</sonar.host.url> <sonar.jdbc.url>jdbc:postgresql://www.example.com/sonar</sonar.jdbc.url> <sonar.jdbc.driver>org.postgresql.Driver</sonar.jdbc.driver> <sonar.jdbc.username>sonar</sonar.jdbc.username> <sonar.jdbc.password>sonar</sonar.jdbc.password> <sonar.exclusions>org/binarytherapy/generated/**/*, **/GuiceBindComposer.java</sonar.exclusions> <sonar.dynamic>reuseReports</sonar.dynamic> </properties>
It’s complaining that the array you’re storing is the same array that is held by the caller. That is, if the caller subsequently modifies this array, the array stored in the object (and hence the object itself) will change. The solution is to make a copy within the object when it gets passed. This is … Read more
Here is an updated answer as of August 2014 for some that are aimed or work well with Scala. Personally I think the JVM or Java ones end up with far too many false positives, or have inspections that are aimed mostly at Java specific classes. For example, since in Scala we don’t tend to … Read more
The reason is that the Sonar Maven Plugin is hosted at the Codehaus Mojo project and benefits from the groupId “org.codehaus.mojo”. This allows to use the shortcut “sonar:sonar” instead of “org.codehaus.mojo:sonar-maven-plugin::sonar” (see the section “Configuring Maven to Search for Plugins” of the Maven documentation)
Integer.valueOf implements a cache for the values -128 to +127. See the last paragraph of the Java Language Specification, section 5.1.7, which explains the requirements for boxing (usually implemented in terms of the .valueOf methods). http://docs.oracle.com/javase/specs/jls/se7/html/jls-5.html#jls-5.1.7