From 4dd887ab16305cfb2973cc50632cfbe64db5140a Mon Sep 17 00:00:00 2001 From: Tomasz Wojtun Date: Thu, 21 Oct 2021 16:14:11 +0200 Subject: [PATCH 1/9] set version to 2.2.0-SNAPSHOT --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index e493bbd..dc6b642 100644 --- a/pom.xml +++ b/pom.xml @@ -6,7 +6,7 @@ com.stepstone.sonar.plugin sonar-coldfusion-plugin sonar-plugin - 2.1.1 + 2.2.0-SNAPSHOT SonarQube Coldfusion Plugin Enables scanning of ColdFusion source files From 77c585e6d2427a5f5a1d28f21712e8a5c62121e1 Mon Sep 17 00:00:00 2001 From: Tomasz Wojtun Date: Thu, 21 Oct 2021 16:25:46 +0200 Subject: [PATCH 2/9] remove travis and jenkins --- .travis.yml | 22 ---------------------- Jenkinsfile | 25 ------------------------- 2 files changed, 47 deletions(-) delete mode 100644 .travis.yml delete mode 100644 Jenkinsfile diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index 20e5388..0000000 --- a/.travis.yml +++ /dev/null @@ -1,22 +0,0 @@ -language: java -sudo: false -install: true - -addons: - sonarcloud: - organization: "stepstone-tech" - token: - secure: "GgDqkyEwntyerYDdwoTWkJCTDgpeM7ovBbZEwwFpcluTflN1LzKgpjJYkWbyCaMQRSBSxGpiyOpQUN2XKuKtdo/zr/qVowDKRxzf8YiLhaq6mi4/cRHFe1X1mpu8CebIh5pkbUBOsiU4CAwXv5lqdj8AQJHABEWIBZEdFaoCo4CbHeD07bFBwmynOF/yDhpsj6fDJ29qOIMuzlBLCLxzB7bgUvQcCUuNK0ariMB1mxL18USnPNZs1tF8oCVf6LQDz2ctR0nJg9ABhpOFUUPtG56iAKRWq0+GnIcyDvu1hr7kLJUS7RVdlpnjJd1HWVEqq0WL8ACuVJnCsBRHhZJMt9gdm8OZIIR9HNiAbyfhWEFQHZ04sDysgZd0D3G74Zt5KLmS10Zrhn8DCwksFe5E8W0bE4jHGGsPtkWR0/Ra9jR5qGowiQBkmKwhLo7VH1zO+i6mk+uw1gB/qas3Jv81OPNQ9msAc9U5I747QONnYwKdNi85H0tZmkRrrRPV6UYepFF9CUz/O1852bhp8NyT/DB7I0f6raTiG+vT55ACS1VCKa7mlnLPOzAVzhODYYFCNxz09cm9Zhzji5iXm/SIw86lfjOoXWjq9PUr6y6xJB60r6vo/OyG7B2uJsGA4kXiTZ85TPfWRrWYb870ZUxjAIWscCbNL5Brqu2Cz1UqSLw=" -git: - depth: false - -jdk: - - openjdkjdk8 - -script: - - mvn clean test package sonar:sonar -Psonar - -cache: - directories: - - '$HOME/.m2/repository' - - '$HOME/.sonar/cache' diff --git a/Jenkinsfile b/Jenkinsfile deleted file mode 100644 index c37d6ec..0000000 --- a/Jenkinsfile +++ /dev/null @@ -1,25 +0,0 @@ -pipeline { - agent { - label 'master' - } - stages { - stage('Clean') { - steps { - echo 'Clean target.' - sh 'mvn clean' - } - } - stage('Build') { - steps { - echo 'Package plugin' - sh 'mvn package' - } - } - stage('Release') { - steps { - echo 'Release plugin to GitHub' - sh 'mvn de.jutzig:github-release-plugin:1.3.0:release' - } - } - } -} From 233102ad934c632ff4189caec9e4f8c4e0b6d5bb Mon Sep 17 00:00:00 2001 From: Tomasz Wojtun Date: Thu, 21 Oct 2021 16:26:23 +0200 Subject: [PATCH 3/9] upgrade github ci to java 11 and add sonarqube scanner --- .github/workflows/ci.yml | 32 +++++++++++++++++++++++--------- 1 file changed, 23 insertions(+), 9 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 2007c9a..ff1e686 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -5,22 +5,36 @@ name: CI on: push: - branches: [ master, sonar-9 ] + branches: [ master, sonar-9, sonar-9.0 ] pull_request: - branches: [ master ] + types: [opened, synchronize, reopened] jobs: build: runs-on: ubuntu-latest - steps: - uses: actions/checkout@v2 - - name: Set up JDK 8 + with: + fetch-depth: 0 + - name: Set up JDK 11 uses: actions/setup-java@v2 with: - java-version: '8' - distribution: 'adopt' - cache: maven - - name: Build with Maven - run: mvn -B package --file pom.xml + java-version: '11' + - name: Cache SonarCloud packages + uses: actions/cache@v1 + with: + path: ~/.sonar/cache + key: ${{ runner.os }}-sonar + restore-keys: ${{ runner.os }}-sonar + - name: Cache Maven packages + uses: actions/cache@v1 + with: + path: ~/.m2 + key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} + restore-keys: ${{ runner.os }}-m2 + - name: Build and analyze + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + run: mvn -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Psonar From a094fb7523478054877c9c21e17d1c53e04beefd Mon Sep 17 00:00:00 2001 From: Tomasz Wojtun Date: Thu, 21 Oct 2021 16:26:46 +0200 Subject: [PATCH 4/9] bump dependencies --- pom.xml | 35 +++++++++++++++++++++++++---------- 1 file changed, 25 insertions(+), 10 deletions(-) diff --git a/pom.xml b/pom.xml index dc6b642..948cb50 100644 --- a/pom.xml +++ b/pom.xml @@ -37,17 +37,18 @@ UTF-8 - 1.8 - 1.8 - 7.6 + 11 + 11 + 9.0.0.45539 1.5.0 + 1.16.0.719 junit junit - 4.13.1 + 4.13.2 test @@ -60,14 +61,14 @@ org.assertj assertj-core - 3.11.1 + 3.21.0 test org.sonarsource.sslr-squid-bridge sslr-squid-bridge - 2.7.0.377 + 2.7.1.392 sonar-plugin-api @@ -75,6 +76,13 @@ + + + org.sonarsource.analyzer-commons + sonar-analyzer-commons + ${sonar-analyzer-commons.version} + + org.sonarsource.sonarqube @@ -82,6 +90,13 @@ ${sonar.version} provided + + + org.sonarsource.sonarqube + sonar-plugin-api-impl + ${sonar.version} + test + @@ -89,7 +104,7 @@ org.sonarsource.sonar-packaging-maven-plugin sonar-packaging-maven-plugin - 1.18.0.372 + 1.20.0.405 true com.stepstone.sonar.plugin.coldfusion.ColdFusionPlugin @@ -127,7 +142,7 @@ de.jutzig github-release-plugin - 1.3.0 + 1.4.0 Sonarqube Coldfusion Plugin release ${project.version} @@ -158,12 +173,12 @@ org.sonarsource.scanner.maven sonar-maven-plugin - 3.6.0.1398 + 3.9.0.2155 org.jacoco jacoco-maven-plugin - 0.8.3 + 0.8.7 From 145e95b0aae3fb359d7657b18bd11e1ef8a5dee3 Mon Sep 17 00:00:00 2001 From: Tomasz Wojtun Date: Thu, 21 Oct 2021 16:30:50 +0200 Subject: [PATCH 5/9] support for version 9.0 --- .../plugin/coldfusion/ColdFusionPlugin.java | 4 +- .../plugin/coldfusion/ColdFusionSensor.java | 1 - .../cflint/CFLintConfigExporter.java | 11 +- .../profile/ColdFusionProfileExporter.java | 9 - .../profile/ColdFusionSonarWayProfile.java | 34 ++ .../ColdFusionSonarWayProfileImporter.java | 43 --- .../rules/ColdFusionSonarRulesDefinition.java | 1 - .../sonar/plugin/coldfusion/profile.json | 94 +++++ .../sonar/plugin/coldfusion/profile.xml | 359 ------------------ .../coldfusion/ColdfusionPluginTest.java | 8 +- .../coldfusion/ColdfusionSensorTest.java | 5 +- 11 files changed, 140 insertions(+), 429 deletions(-) create mode 100644 src/main/java/com/stepstone/sonar/plugin/coldfusion/profile/ColdFusionSonarWayProfile.java delete mode 100644 src/main/java/com/stepstone/sonar/plugin/coldfusion/profile/ColdFusionSonarWayProfileImporter.java create mode 100644 src/main/resources/com/stepstone/sonar/plugin/coldfusion/profile.json delete mode 100644 src/main/resources/com/stepstone/sonar/plugin/coldfusion/profile.xml diff --git a/src/main/java/com/stepstone/sonar/plugin/coldfusion/ColdFusionPlugin.java b/src/main/java/com/stepstone/sonar/plugin/coldfusion/ColdFusionPlugin.java index b587c02..f9cd74e 100644 --- a/src/main/java/com/stepstone/sonar/plugin/coldfusion/ColdFusionPlugin.java +++ b/src/main/java/com/stepstone/sonar/plugin/coldfusion/ColdFusionPlugin.java @@ -17,7 +17,7 @@ package com.stepstone.sonar.plugin.coldfusion; import com.stepstone.sonar.plugin.coldfusion.profile.ColdFusionProfileExporter; -import com.stepstone.sonar.plugin.coldfusion.profile.ColdFusionSonarWayProfileImporter; +import com.stepstone.sonar.plugin.coldfusion.profile.ColdFusionSonarWayProfile; import com.stepstone.sonar.plugin.coldfusion.rules.ColdFusionSonarRulesDefinition; import org.sonar.api.Plugin; @@ -71,7 +71,7 @@ public void define(Context context) { ColdFusion.class, ColdFusionSensor.class, ColdFusionSonarRulesDefinition.class, - ColdFusionSonarWayProfileImporter.class, + ColdFusionSonarWayProfile.class, ColdFusionProfileExporter.class ); diff --git a/src/main/java/com/stepstone/sonar/plugin/coldfusion/ColdFusionSensor.java b/src/main/java/com/stepstone/sonar/plugin/coldfusion/ColdFusionSensor.java index fc3089d..1bf144c 100644 --- a/src/main/java/com/stepstone/sonar/plugin/coldfusion/ColdFusionSensor.java +++ b/src/main/java/com/stepstone/sonar/plugin/coldfusion/ColdFusionSensor.java @@ -38,7 +38,6 @@ import java.nio.file.Files; import java.util.ArrayList; import java.util.List; -import java.util.Collection; import java.util.concurrent.Callable; import java.util.concurrent.ExecutorService; import java.util.concurrent.Executors; diff --git a/src/main/java/com/stepstone/sonar/plugin/coldfusion/cflint/CFLintConfigExporter.java b/src/main/java/com/stepstone/sonar/plugin/coldfusion/cflint/CFLintConfigExporter.java index 1928ef6..4aa29cf 100644 --- a/src/main/java/com/stepstone/sonar/plugin/coldfusion/cflint/CFLintConfigExporter.java +++ b/src/main/java/com/stepstone/sonar/plugin/coldfusion/cflint/CFLintConfigExporter.java @@ -16,8 +16,7 @@ package com.stepstone.sonar.plugin.coldfusion.cflint; -import com.stepstone.sonar.plugin.coldfusion.ColdFusionPlugin; -import org.sonar.api.batch.rule.ActiveRule; +import org.sonar.api.rules.ActiveRule; import javax.xml.stream.XMLOutputFactory; import javax.xml.stream.XMLStreamException; @@ -31,15 +30,9 @@ public class CFLintConfigExporter { private final Collection ruleProfiles; - private final String repositoryKey; public CFLintConfigExporter(Collection ruleProfile) { - this(ruleProfile, ColdFusionPlugin.REPOSITORY_KEY); - } - - public CFLintConfigExporter(Collection ruleProfile, String repositoryKey) { this.ruleProfiles = ruleProfile; - this.repositoryKey = repositoryKey; } public void save(File configFile) throws IOException, XMLStreamException { @@ -59,7 +52,7 @@ public void save(Writer writer) throws IOException, XMLStreamException { for (ActiveRule activeRule : ruleProfiles) { xtw.writeStartElement("includes"); - xtw.writeAttribute("code", activeRule.ruleKey().toString()); + xtw.writeAttribute("code", activeRule.getRule().ruleKey().toString()); xtw.writeEndElement(); } diff --git a/src/main/java/com/stepstone/sonar/plugin/coldfusion/profile/ColdFusionProfileExporter.java b/src/main/java/com/stepstone/sonar/plugin/coldfusion/profile/ColdFusionProfileExporter.java index 8f293ed..3dabd1a 100644 --- a/src/main/java/com/stepstone/sonar/plugin/coldfusion/profile/ColdFusionProfileExporter.java +++ b/src/main/java/com/stepstone/sonar/plugin/coldfusion/profile/ColdFusionProfileExporter.java @@ -43,13 +43,4 @@ public void exportProfile(RulesProfile ruleProfile, Writer writer) { } } - public void exportProfile(ActiveRules activeRules, Writer writer) { - try { - new CFLintConfigExporter(activeRules.findByRepository(ColdFusionPlugin.REPOSITORY_KEY)).save(writer); - } catch (IOException | XMLStreamException e) { - Throwables.propagate(e); - } - - } - } diff --git a/src/main/java/com/stepstone/sonar/plugin/coldfusion/profile/ColdFusionSonarWayProfile.java b/src/main/java/com/stepstone/sonar/plugin/coldfusion/profile/ColdFusionSonarWayProfile.java new file mode 100644 index 0000000..e0c534e --- /dev/null +++ b/src/main/java/com/stepstone/sonar/plugin/coldfusion/profile/ColdFusionSonarWayProfile.java @@ -0,0 +1,34 @@ +/* +Copyright 2016 StepStone GmbH + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package com.stepstone.sonar.plugin.coldfusion.profile; + +import com.stepstone.sonar.plugin.coldfusion.ColdFusionPlugin; +import org.sonar.api.server.profile.BuiltInQualityProfilesDefinition; +import org.sonarsource.analyzer.commons.BuiltInQualityProfileJsonLoader; + +public class ColdFusionSonarWayProfile implements BuiltInQualityProfilesDefinition { + + private static final String PROFILE_NAME = "Sonar way"; + private static final String DEFAULT_PROFILE_PATH = "com/stepstone/sonar/plugin/coldfusion/profile.json"; + + @Override + public void define(Context context) { + NewBuiltInQualityProfile profile = context.createBuiltInQualityProfile(PROFILE_NAME, ColdFusionPlugin.LANGUAGE_KEY); + BuiltInQualityProfileJsonLoader.load(profile, ColdFusionPlugin.REPOSITORY_KEY, DEFAULT_PROFILE_PATH); + profile.done(); + } +} diff --git a/src/main/java/com/stepstone/sonar/plugin/coldfusion/profile/ColdFusionSonarWayProfileImporter.java b/src/main/java/com/stepstone/sonar/plugin/coldfusion/profile/ColdFusionSonarWayProfileImporter.java deleted file mode 100644 index f5f76f6..0000000 --- a/src/main/java/com/stepstone/sonar/plugin/coldfusion/profile/ColdFusionSonarWayProfileImporter.java +++ /dev/null @@ -1,43 +0,0 @@ -/* -Copyright 2016 StepStone GmbH - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package com.stepstone.sonar.plugin.coldfusion.profile; - -import com.google.common.base.Charsets; - -import org.sonar.api.profiles.ProfileDefinition; -import org.sonar.api.profiles.RulesProfile; -import org.sonar.api.profiles.XMLProfileParser; -import org.sonar.api.utils.ValidationMessages; - -import java.io.InputStreamReader; - -public class ColdFusionSonarWayProfileImporter extends ProfileDefinition { - - private static final String DEFAULT_PROFILE_PATH = "/com/stepstone/sonar/plugin/coldfusion/profile.xml"; - - private final XMLProfileParser xmlParser; - - public ColdFusionSonarWayProfileImporter(XMLProfileParser xmlParser) { - this.xmlParser = xmlParser; - } - - @Override - public RulesProfile createProfile(ValidationMessages validation) { - return xmlParser.parse(new InputStreamReader(getClass().getResourceAsStream(DEFAULT_PROFILE_PATH), Charsets.UTF_8), validation); - } - -} diff --git a/src/main/java/com/stepstone/sonar/plugin/coldfusion/rules/ColdFusionSonarRulesDefinition.java b/src/main/java/com/stepstone/sonar/plugin/coldfusion/rules/ColdFusionSonarRulesDefinition.java index 77ce668..0b25f3f 100644 --- a/src/main/java/com/stepstone/sonar/plugin/coldfusion/rules/ColdFusionSonarRulesDefinition.java +++ b/src/main/java/com/stepstone/sonar/plugin/coldfusion/rules/ColdFusionSonarRulesDefinition.java @@ -44,7 +44,6 @@ public void define(Context context) { .setName(ColdFusionPlugin.REPOSITORY_NAME); rulesLoader.load(repository, new InputStreamReader(getClass().getResourceAsStream(DEFAULT_RULES_FILE), UTF_8)); - //SqaleXmlLoader.load(repository, DEFAULT_SQUALE_FILE); repository.done(); } diff --git a/src/main/resources/com/stepstone/sonar/plugin/coldfusion/profile.json b/src/main/resources/com/stepstone/sonar/plugin/coldfusion/profile.json new file mode 100644 index 0000000..d1093b3 --- /dev/null +++ b/src/main/resources/com/stepstone/sonar/plugin/coldfusion/profile.json @@ -0,0 +1,94 @@ +{ + "name": "Sonar way", + "ruleKeys": [ + "ARG_DEFAULT_MISSING", + "ARG_VAR_CONFLICT", + "ARG_VAR_MIXED", + "NO_DEFAULT_INSIDE_SWITCH", + "GLOBAL_VAR", + "NESTED_CFOUTPUT", + "OUTPUT_ATTR", + "QUERYPARAM_REQ", + "CFQUERYPARAM_REQ", + "QUERYNEW_DATATYPE", + "MISSING_VAR", + "AVOID_USING_CFDUMP_TAG", + "AVOID_USING_CFEXECUTE_TAG", + "AVOID_USING_ISDATE", + "AVOID_USING_CFABORT_TAG", + "AVOID_USING_ABORT", + "AVOID_USING_CFINSERT_TAG", + "AVOID_USING_CFMODULE_TAG", + "AVOID_USING_CFUPDATE_TAG", + "AVOID_USING_CFINCLUDE_TAG", + "COMPONENT_HINT_MISSING", + "FUNCTION_HINT_MISSING", + "ARG_HINT_MISSING", + "ARG_HINT_MISSING_SCRIPT", + "ARG_TYPE_MISSING", + "ARG_TYPE_ANY", + "EXCESSIVE_FUNCTION_LENGTH", + "EXCESSIVE_COMPONENT_LENGTH", + "FUNCTION_TYPE_MISSING", + "FUNCTION_TYPE_ANY", + "EXCESSIVE_ARGUMENTS", + "EXCESSIVE_FUNCTIONS", + "FUNCTION_TOO_COMPLEX", + "AVOID_USING_WRITEDUMP", + "AVOID_USING_STRUCTNEW", + "AVOID_USING_ISDEBUGMODE", + "AVOID_USING_ARRAYNEW", + "COMPLEX_BOOLEAN_CHECK", + "EXPLICIT_BOOLEAN_CHECK", + "VAR_INVALID_NAME", + "VAR_ALLCAPS_NAME", + "SCOPE_ALLCAPS_NAME", + "VAR_TOO_SHORT", + "VAR_TOO_LONG", + "VAR_TOO_WORDY", + "VAR_IS_TEMPORARY", + "VAR_HAS_PREFIX_OR_POSTFIX", + "ARGUMENT_MISSING_NAME", + "ARGUMENT_INVALID_NAME", + "ARGUMENT_ALLCAPS_NAME", + "ARGUMENT_TOO_SHORT", + "ARGUMENT_TOO_LONG", + "ARGUMENT_TOO_WORDY", + "ARGUMENT_IS_TEMPORARY", + "ARGUMENT_HAS_PREFIX_OR_POSTFIX", + "METHOD_INVALID_NAME", + "METHOD_ALLCAPS_NAME", + "METHOD_TOO_SHORT", + "METHOD_TOO_LONG", + "METHOD_TOO_WORDY", + "METHOD_IS_TEMPORARY", + "METHOD_HAS_PREFIX_OR_POSTFIX", + "COMPONENT_INVALID_NAME", + "COMPONENT_ALLCAPS_NAME", + "COMPONENT_TOO_SHORT", + "COMPONENT_TOO_LONG", + "COMPONENT_TOO_WORDY", + "COMPONENT_IS_TEMPORARY", + "COMPONENT_HAS_PREFIX_OR_POSTFIX", + "FILE_SHOULD_START_WITH_LOWERCASE", + "AVOID_USING_CREATEOBJECT", + "AVOID_USING_DEBUG_ATTR", + "AVOID_USING_CFSETTING_DEBUG", + "UNUSED_LOCAL_VARIABLE", + "UNUSED_METHOD_ARGUMENT", + "COMPARE_INSTEAD_OF_ASSIGN", + "PARSE_ERROR", + "MISSING_SEMI", + "UNQUOTED_STRUCT_KEY", + "SQL_SELECT_STAR", + "NEVER_USE_QUERY_IN_CFM", + "USE_DISPLAY_NAME", + "LOCAL_LITERAL_VALUE_USED_TOO_OFTEN", + "GLOBAL_LITERAL_VALUE_USED_TOO_OFTEN", + "PACKAGE_CASE_MISMATCH", + "PARSE_NOTHING", + "PLUGIN_ERROR", + "AVOID_EMPTY_FILES" + ] +} + diff --git a/src/main/resources/com/stepstone/sonar/plugin/coldfusion/profile.xml b/src/main/resources/com/stepstone/sonar/plugin/coldfusion/profile.xml deleted file mode 100644 index 8507896..0000000 --- a/src/main/resources/com/stepstone/sonar/plugin/coldfusion/profile.xml +++ /dev/null @@ -1,359 +0,0 @@ - - - cf - Sonar way - - - coldfusionsquid - ARG_DEFAULT_MISSING - - - coldfusionsquid - ARG_VAR_CONFLICT - - - coldfusionsquid - ARG_VAR_MIXED - - - coldfusionsquid - NO_DEFAULT_INSIDE_SWITCH - - - coldfusionsquid - GLOBAL_VAR - - - coldfusionsquid - NESTED_CFOUTPUT - - - coldfusionsquid - OUTPUT_ATTR - - - coldfusionsquid - QUERYPARAM_REQ - - - coldfusionsquid - CFQUERYPARAM_REQ - - - coldfusionsquid - QUERYNEW_DATATYPE - - - coldfusionsquid - MISSING_VAR - - - coldfusionsquid - AVOID_USING_CFDUMP_TAG - - - coldfusionsquid - AVOID_USING_CFEXECUTE_TAG - - - coldfusionsquid - AVOID_USING_ISDATE - - - coldfusionsquid - AVOID_USING_CFABORT_TAG - - - coldfusionsquid - AVOID_USING_ABORT - - - coldfusionsquid - AVOID_USING_CFINSERT_TAG - - - coldfusionsquid - AVOID_USING_CFMODULE_TAG - - - coldfusionsquid - AVOID_USING_CFUPDATE_TAG - - - coldfusionsquid - AVOID_USING_CFINCLUDE_TAG - - - coldfusionsquid - COMPONENT_HINT_MISSING - - - coldfusionsquid - FUNCTION_HINT_MISSING - - - coldfusionsquid - ARG_HINT_MISSING - - - coldfusionsquid - ARG_HINT_MISSING_SCRIPT - - - coldfusionsquid - ARG_TYPE_MISSING - - - coldfusionsquid - ARG_TYPE_ANY - - - coldfusionsquid - EXCESSIVE_FUNCTION_LENGTH - - - coldfusionsquid - EXCESSIVE_COMPONENT_LENGTH - - - coldfusionsquid - FUNCTION_TYPE_MISSING - - - coldfusionsquid - FUNCTION_TYPE_ANY - - - coldfusionsquid - EXCESSIVE_ARGUMENTS - - - coldfusionsquid - EXCESSIVE_FUNCTIONS - - - coldfusionsquid - FUNCTION_TOO_COMPLEX - - - coldfusionsquid - AVOID_USING_WRITEDUMP - - - coldfusionsquid - AVOID_USING_STRUCTNEW - - - coldfusionsquid - AVOID_USING_ISDEBUGMODE - - - coldfusionsquid - AVOID_USING_ARRAYNEW - - - coldfusionsquid - COMPLEX_BOOLEAN_CHECK - - - coldfusionsquid - EXPLICIT_BOOLEAN_CHECK - - - coldfusionsquid - VAR_INVALID_NAME - - - coldfusionsquid - VAR_ALLCAPS_NAME - - - coldfusionsquid - SCOPE_ALLCAPS_NAME - - - coldfusionsquid - VAR_TOO_SHORT - - - coldfusionsquid - VAR_TOO_LONG - - - coldfusionsquid - VAR_TOO_WORDY - - - coldfusionsquid - VAR_IS_TEMPORARY - - - coldfusionsquid - VAR_HAS_PREFIX_OR_POSTFIX - - - coldfusionsquid - ARGUMENT_MISSING_NAME - - - coldfusionsquid - ARGUMENT_INVALID_NAME - - - coldfusionsquid - ARGUMENT_ALLCAPS_NAME - - - coldfusionsquid - ARGUMENT_TOO_SHORT - - - coldfusionsquid - ARGUMENT_TOO_LONG - - - coldfusionsquid - ARGUMENT_TOO_WORDY - - - coldfusionsquid - ARGUMENT_IS_TEMPORARY - - - coldfusionsquid - ARGUMENT_HAS_PREFIX_OR_POSTFIX - - - coldfusionsquid - METHOD_INVALID_NAME - - - coldfusionsquid - METHOD_ALLCAPS_NAME - - - coldfusionsquid - METHOD_TOO_SHORT - - - coldfusionsquid - METHOD_TOO_LONG - - - coldfusionsquid - METHOD_TOO_WORDY - - - coldfusionsquid - METHOD_IS_TEMPORARY - - - coldfusionsquid - METHOD_HAS_PREFIX_OR_POSTFIX - - - coldfusionsquid - COMPONENT_INVALID_NAME - - - coldfusionsquid - COMPONENT_ALLCAPS_NAME - - - coldfusionsquid - COMPONENT_TOO_SHORT - - - coldfusionsquid - COMPONENT_TOO_LONG - - - coldfusionsquid - COMPONENT_TOO_WORDY - - - coldfusionsquid - COMPONENT_IS_TEMPORARY - - - coldfusionsquid - COMPONENT_HAS_PREFIX_OR_POSTFIX - - - coldfusionsquid - FILE_SHOULD_START_WITH_LOWERCASE - - - coldfusionsquid - AVOID_USING_CREATEOBJECT - - - coldfusionsquid - AVOID_USING_DEBUG_ATTR - - - coldfusionsquid - AVOID_USING_CFSETTING_DEBUG - - - coldfusionsquid - UNUSED_LOCAL_VARIABLE - - - coldfusionsquid - UNUSED_METHOD_ARGUMENT - - - coldfusionsquid - COMPARE_INSTEAD_OF_ASSIGN - - - coldfusionsquid - PARSE_ERROR - - - coldfusionsquid - MISSING_SEMI - - - coldfusionsquid - UNQUOTED_STRUCT_KEY - - - coldfusionsquid - SQL_SELECT_STAR - - - coldfusionsquid - NEVER_USE_QUERY_IN_CFM - - - coldfusionsquid - USE_DISPLAY_NAME - - - coldfusionsquid - LOCAL_LITERAL_VALUE_USED_TOO_OFTEN - - - coldfusionsquid - GLOBAL_LITERAL_VALUE_USED_TOO_OFTEN - - - coldfusionsquid - PACKAGE_CASE_MISMATCH - - - coldfusionsquid - PARSE_NOTHING - - - coldfusionsquid - PLUGIN_ERROR - - - coldfusionsquid - AVOID_EMPTY_FILES - - - diff --git a/src/test/java/com/stepstone/sonar/plugin/coldfusion/ColdfusionPluginTest.java b/src/test/java/com/stepstone/sonar/plugin/coldfusion/ColdfusionPluginTest.java index e804970..601cb31 100644 --- a/src/test/java/com/stepstone/sonar/plugin/coldfusion/ColdfusionPluginTest.java +++ b/src/test/java/com/stepstone/sonar/plugin/coldfusion/ColdfusionPluginTest.java @@ -3,20 +3,22 @@ import org.junit.Assert; import org.junit.Test; import org.sonar.api.Plugin; +import org.sonar.api.SonarEdition; import org.sonar.api.SonarQubeSide; import org.sonar.api.SonarRuntime; -import org.sonar.api.internal.SonarRuntimeImpl; import org.sonar.api.utils.Version; +import org.sonar.api.internal.SonarRuntimeImpl; + public class ColdfusionPluginTest { - private static final Version VERSION_7_6 = Version.create(7, 6); + private static final Version VERSION_9_0 = Version.create(9, 0); @Test public void testExtensions() { ColdFusionPlugin plugin = new ColdFusionPlugin(); - SonarRuntime runtime = SonarRuntimeImpl.forSonarQube(VERSION_7_6, SonarQubeSide.SERVER); + SonarRuntime runtime = SonarRuntimeImpl.forSonarQube(VERSION_9_0, SonarQubeSide.SERVER, SonarEdition.COMMUNITY); Plugin.Context context = new Plugin.Context(runtime); plugin.define(context); diff --git a/src/test/java/com/stepstone/sonar/plugin/coldfusion/ColdfusionSensorTest.java b/src/test/java/com/stepstone/sonar/plugin/coldfusion/ColdfusionSensorTest.java index 9faf0fa..05d2bbe 100644 --- a/src/test/java/com/stepstone/sonar/plugin/coldfusion/ColdfusionSensorTest.java +++ b/src/test/java/com/stepstone/sonar/plugin/coldfusion/ColdfusionSensorTest.java @@ -4,6 +4,7 @@ import org.junit.Rule; import org.junit.Test; import org.junit.rules.TemporaryFolder; +import org.sonar.api.SonarEdition; import org.sonar.api.SonarQubeSide; import org.sonar.api.batch.fs.InputFile; import org.sonar.api.batch.fs.internal.DefaultFileSystem; @@ -12,7 +13,7 @@ import org.sonar.api.batch.sensor.internal.SensorContextTester; import org.sonar.api.batch.sensor.measure.Measure; import org.sonar.api.internal.SonarRuntimeImpl; -import org.sonar.api.internal.apachecommons.codec.Charsets; +import org.sonar.api.internal.apachecommons.io.Charsets; import org.sonar.api.measures.CoreMetrics; import org.sonar.api.batch.rule.ActiveRules; import org.sonar.api.batch.rule.internal.ActiveRulesBuilder; @@ -39,7 +40,7 @@ public void testBasicCFMAnalysis() { fileSystem.setWorkDir(tmpFolder.getRoot().toPath()); context.setFileSystem(fileSystem); - context.setRuntime(SonarRuntimeImpl.forSonarQube(Version.create(7, 6), SonarQubeSide.SCANNER)); + context.setRuntime(SonarRuntimeImpl.forSonarQube(Version.create(9, 0), SonarQubeSide.SCANNER, SonarEdition.COMMUNITY)); context.settings().appendProperty("sonar.projectBaseDir", baseDir.getPath()); addFilesToFs(); From cdd12ee0264dd6c05280c727c772f93961848048 Mon Sep 17 00:00:00 2001 From: Tomasz Wojtun Date: Thu, 21 Oct 2021 16:34:14 +0200 Subject: [PATCH 6/9] fix github actions --- .github/workflows/ci.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ff1e686..4b04459 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -20,6 +20,7 @@ jobs: - name: Set up JDK 11 uses: actions/setup-java@v2 with: + distribution: 'adopt' java-version: '11' - name: Cache SonarCloud packages uses: actions/cache@v1 From d29eb596658ff634bd8a752d84c9976ff7a4b785 Mon Sep 17 00:00:00 2001 From: Tomasz Wojtun Date: Thu, 21 Oct 2021 16:45:30 +0200 Subject: [PATCH 7/9] exclude cflint.jar from jacoco report --- pom.xml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/pom.xml b/pom.xml index 948cb50..02c19d6 100644 --- a/pom.xml +++ b/pom.xml @@ -197,6 +197,11 @@ report + + + META-INF/runner/cflint.jar + + From d6bc5eca9b6b36075e55338f9b69a796f3279a5a Mon Sep 17 00:00:00 2001 From: Tomasz Wojtun Date: Thu, 21 Oct 2021 18:11:14 +0200 Subject: [PATCH 8/9] fix exporting cflint-config.xml --- pom.xml | 8 ++++---- .../sonar/plugin/coldfusion/ColdFusionSensor.java | 6 +++++- .../coldfusion/cflint/CFLintConfigExporter.java | 13 +++++-------- .../profile/ColdFusionProfileExporter.java | 8 ++++++-- 4 files changed, 20 insertions(+), 15 deletions(-) diff --git a/pom.xml b/pom.xml index 02c19d6..813e1b6 100644 --- a/pom.xml +++ b/pom.xml @@ -175,10 +175,10 @@ sonar-maven-plugin 3.9.0.2155 - - org.jacoco - jacoco-maven-plugin - 0.8.7 + + org.jacoco + jacoco-maven-plugin + 0.8.7 diff --git a/src/main/java/com/stepstone/sonar/plugin/coldfusion/ColdFusionSensor.java b/src/main/java/com/stepstone/sonar/plugin/coldfusion/ColdFusionSensor.java index 1bf144c..5ff79b0 100644 --- a/src/main/java/com/stepstone/sonar/plugin/coldfusion/ColdFusionSensor.java +++ b/src/main/java/com/stepstone/sonar/plugin/coldfusion/ColdFusionSensor.java @@ -37,6 +37,7 @@ import java.io.InputStreamReader; import java.nio.file.Files; import java.util.ArrayList; +import java.util.Collection; import java.util.List; import java.util.concurrent.Callable; import java.util.concurrent.ExecutorService; @@ -44,6 +45,7 @@ import java.util.concurrent.TimeUnit; import java.util.regex.Matcher; import java.util.regex.Pattern; +import java.util.stream.Collectors; public class ColdFusionSensor implements Sensor { @@ -89,7 +91,9 @@ private void analyze(SensorContext context) throws IOException, XMLStreamExcepti private File generateCflintConfig() throws IOException, XMLStreamException { final File configFile = new File(fs.workDir(), "cflint-config.xml"); - new CFLintConfigExporter(ruleProfile.findByRepository(ColdFusionPlugin.REPOSITORY_KEY)).save(configFile); + Collection ruleKeys = ruleProfile.findByRepository(ColdFusionPlugin.REPOSITORY_KEY) + .stream().map(rule -> rule.ruleKey().toString()).collect(Collectors.toList()); + new CFLintConfigExporter(ruleKeys).save(configFile); return configFile; } diff --git a/src/main/java/com/stepstone/sonar/plugin/coldfusion/cflint/CFLintConfigExporter.java b/src/main/java/com/stepstone/sonar/plugin/coldfusion/cflint/CFLintConfigExporter.java index 4aa29cf..bd9036f 100644 --- a/src/main/java/com/stepstone/sonar/plugin/coldfusion/cflint/CFLintConfigExporter.java +++ b/src/main/java/com/stepstone/sonar/plugin/coldfusion/cflint/CFLintConfigExporter.java @@ -16,8 +16,6 @@ package com.stepstone.sonar.plugin.coldfusion.cflint; -import org.sonar.api.rules.ActiveRule; - import javax.xml.stream.XMLOutputFactory; import javax.xml.stream.XMLStreamException; import javax.xml.stream.XMLStreamWriter; @@ -29,10 +27,9 @@ public class CFLintConfigExporter { - private final Collection ruleProfiles; - - public CFLintConfigExporter(Collection ruleProfile) { - this.ruleProfiles = ruleProfile; + private final Collection ruleKeys; + public CFLintConfigExporter(Collection ruleKeys) { + this.ruleKeys = ruleKeys; } public void save(File configFile) throws IOException, XMLStreamException { @@ -50,9 +47,9 @@ public void save(Writer writer) throws IOException, XMLStreamException { xtw.writeStartDocument(); xtw.writeStartElement("config"); - for (ActiveRule activeRule : ruleProfiles) { + for (String ruleKey: ruleKeys) { xtw.writeStartElement("includes"); - xtw.writeAttribute("code", activeRule.getRule().ruleKey().toString()); + xtw.writeAttribute("code", ruleKey); xtw.writeEndElement(); } diff --git a/src/main/java/com/stepstone/sonar/plugin/coldfusion/profile/ColdFusionProfileExporter.java b/src/main/java/com/stepstone/sonar/plugin/coldfusion/profile/ColdFusionProfileExporter.java index 3dabd1a..6d82701 100644 --- a/src/main/java/com/stepstone/sonar/plugin/coldfusion/profile/ColdFusionProfileExporter.java +++ b/src/main/java/com/stepstone/sonar/plugin/coldfusion/profile/ColdFusionProfileExporter.java @@ -20,12 +20,13 @@ import com.stepstone.sonar.plugin.coldfusion.ColdFusionPlugin; import com.stepstone.sonar.plugin.coldfusion.cflint.CFLintConfigExporter; import org.sonar.api.profiles.ProfileExporter; -import org.sonar.api.batch.rule.ActiveRules; import org.sonar.api.profiles.RulesProfile; import javax.xml.stream.XMLStreamException; import java.io.IOException; import java.io.Writer; +import java.util.Collection; +import java.util.stream.Collectors; public class ColdFusionProfileExporter extends ProfileExporter { @@ -37,7 +38,10 @@ public ColdFusionProfileExporter() { @Override public void exportProfile(RulesProfile ruleProfile, Writer writer) { try { - new CFLintConfigExporter(ruleProfile.getActiveRulesByRepository(ColdFusionPlugin.REPOSITORY_KEY)).save(writer); + Collection ruleKeys = ruleProfile.getActiveRulesByRepository(ColdFusionPlugin.REPOSITORY_KEY) + .stream().map(rule -> rule.getRule().ruleKey().rule()) + .collect(Collectors.toList()); + new CFLintConfigExporter(ruleKeys).save(writer); } catch (IOException | XMLStreamException e) { Throwables.propagate(e); } From ab272829d1330f3c58d58047f9d6a2204cde48c4 Mon Sep 17 00:00:00 2001 From: Tomasz Wojtun Date: Thu, 21 Oct 2021 18:20:22 +0200 Subject: [PATCH 9/9] prepare version 2.2.0 --- README.md | 3 ++- pom.xml | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index b05fbd2..e56566f 100644 --- a/README.md +++ b/README.md @@ -13,7 +13,8 @@ A [SonarQube plugin](http://www.sonarqube.org/) for analyzing ColdFusion code, b SonarQube Version | Plugin Version ------------------|--------------- -7.6 - 8.9 | 2.2.1 +9.0 - 9.1 | 2.2.0 +7.6 - 8.9 | 2.1.1 5.6 - 7.5 | 1.5.0 ## Running diff --git a/pom.xml b/pom.xml index 813e1b6..5fab0f0 100644 --- a/pom.xml +++ b/pom.xml @@ -6,7 +6,7 @@ com.stepstone.sonar.plugin sonar-coldfusion-plugin sonar-plugin - 2.2.0-SNAPSHOT + 2.2.0 SonarQube Coldfusion Plugin Enables scanning of ColdFusion source files