wttech / aem-rules-for-sonarqube Goto Github PK
View Code? Open in Web Editor NEWSonarQube plugin with set of rules detecting possible bugs and bad smells specific for AEM development.
License: Apache License 2.0
SonarQube plugin with set of rules detecting possible bugs and bad smells specific for AEM development.
License: Apache License 2.0
If you want to place comments regarding your code, make sure they don't display to end users.
<!--/* Good, this comment will not be rendered */-->
<!-- Potentially bad, plain HTML comments will be visible on the page -->
Since issue #45 , AEM-3 will complain about two interfaces that are documented to be available as OSGi services, and as such, must have a thread-safe implementation:
They can be adapted from ResourceManager for convenience, but this doesn't imply that they aren't thread-safe or that they must be adapted from a ResourceManager instance. AEM-3 shouldn't complain about them; at most, they should be covered by a different rule that suggests adapting them from ResourceManager. (Although personally I can't see any reason why adapting them is better than having them referenced directly.)
AEM-8 pertains to the use of SCR annotations. When the @Component
and @Property
annotations are used to describe a Sling Servlet, the rule recommends the use od @SlingServlet
.
In our case, the rule tells us to replace the new Declarative Services annotations with @SlingServlet
, which we don't even keep on the classpath as we've migrated from the SCR annotations.
Violating code:
package com.foo.bar.core.components.page;
import com.day.cq.commons.jcr.JcrConstants;
import com.day.cq.wcm.api.NameConstants;
import com.google.common.net.MediaType;
import java.io.IOException;
import javax.servlet.Servlet;
import org.apache.sling.api.SlingHttpServletRequest;
import org.apache.sling.api.SlingHttpServletResponse;
import org.apache.sling.api.resource.Resource;
import org.apache.sling.api.servlets.SlingAllMethodsServlet;
import org.osgi.service.component.annotations.Component;
@Component(
service = Servlet.class,
property = {
"sling.servlet.extensions=json",
"sling.servlet.selectors=details",
"sling.servlet.resourceTypes=" + NameConstants.NT_PAGE
}
)
public class PageDetailsServlet extends SlingAllMethodsServlet {
@Override
protected void doGet(SlingHttpServletRequest request, SlingHttpServletResponse response)
throws IOException {
final Resource pageContentResource = request.getResource().getChild(JcrConstants.JCR_CONTENT);
final PageModel page = ResourceUtil.adaptTo(pageContentResource, PageModel.class);
response.setContentType(MediaType.JSON_UTF_8.toString());
response.getWriter().write(JsonUtils.toJson(page));
}
}
Hey there!
The last available binary version is 0.4 from 8 months old.
Can you please release a new jar version and mark it in github releases?
None of these are thread safe and should be included in the scope of this check.
Also, how come the Servlet interface isn't used for the Servlet checks?
Hey there!
We tried using aemrules plugin (compiled from master branch) with Sonar 5.4 and java plugin 3.14 and Sonar failed on startup due to aemrules caused errors:
2016.06.02 09:58:06 ERROR web[o.a.c.c.C.[.[.[/]] Exception sending context initialized event to listener instance of class org.sonar.server.platform.PlatformServletContextListener [40/242]
java.lang.NoClassDefFoundError: org/sonar/java/checks/SubscriptionBaseVisitor
at java.lang.ClassLoader.defineClass1(Native Method) ~[na:1.7.0_75]
at java.lang.ClassLoader.defineClass(ClassLoader.java:800) ~[na:1.7.0_75]
at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:142) ~[na:1.7.0_75]
at java.net.URLClassLoader.defineClass(URLClassLoader.java:449) ~[na:1.7.0_75]
at java.net.URLClassLoader.access$100(URLClassLoader.java:71) ~[na:1.7.0_75]
at java.net.URLClassLoader$1.run(URLClassLoader.java:361) ~[na:1.7.0_75]
at java.net.URLClassLoader$1.run(URLClassLoader.java:355) ~[na:1.7.0_75]
at java.security.AccessController.doPrivileged(Native Method) ~[na:1.7.0_75]
at java.net.URLClassLoader.findClass(URLClassLoader.java:354) ~[na:1.7.0_75]
at org.sonar.classloader.ClassRealm.loadClassFromSelf(ClassRealm.java:125) ~[sonar-classloader-1.0.jar:na]
at org.sonar.classloader.ParentFirstStrategy.loadClass(ParentFirstStrategy.java:37) ~[sonar-classloader-1.0.jar:na]
at org.sonar.classloader.ClassRealm.loadClass(ClassRealm.java:87) ~[sonar-classloader-1.0.jar:na]
at org.sonar.classloader.ClassRealm.loadClass(ClassRealm.java:76) ~[sonar-classloader-1.0.jar:na]
at com.cognifide.aemrules.extensions.CheckListRegistrar.<clinit>(CheckListRegistrar.java:29) ~[na:na]
at com.cognifide.aemrules.extensions.AemRulesRulesDefinition.define(AemRulesRulesDefinition.java:12) ~[na:na]
at org.sonar.server.rule.RuleDefinitionsLoader.load(RuleDefinitionsLoader.java:54) ~[sonar-server-5.4.jar:na]
at org.sonar.server.rule.RegisterRules.start(RegisterRules.java:100) ~[sonar-server-5.4.jar:na]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.7.0_75]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) ~[na:1.7.0_75]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.7.0_75]
at java.lang.reflect.Method.invoke(Method.java:606) ~[na:1.7.0_75]
at org.picocontainer.lifecycle.ReflectionLifecycleStrategy.invokeMethod(ReflectionLifecycleStrategy.java:110) ~[picocontainer-2.15.jar:na]
at org.picocontainer.lifecycle.ReflectionLifecycleStrategy.start(ReflectionLifecycleStrategy.java:89) ~[picocontainer-2.15.jar:na]
at org.sonar.core.platform.ComponentContainer$1.start(ComponentContainer.java:312) ~[sonar-core-5.4.jar:na]
at org.picocontainer.injectors.AbstractInjectionFactory$LifecycleAdapter.start(AbstractInjectionFactory.java:84) ~[picocontainer-2.15.jar:na]
at org.picocontainer.behaviors.AbstractBehavior.start(AbstractBehavior.java:169) ~[picocontainer-2.15.jar:na]
at org.picocontainer.behaviors.Stored$RealComponentLifecycle.start(Stored.java:132) ~[picocontainer-2.15.jar:na]
at org.picocontainer.behaviors.Stored.start(Stored.java:110) ~[picocontainer-2.15.jar:na]
at org.picocontainer.DefaultPicoContainer.potentiallyStartAdapter(DefaultPicoContainer.java:1016) ~[picocontainer-2.15.jar:na]
at org.picocontainer.DefaultPicoContainer.startAdapters(DefaultPicoContainer.java:1009) ~[picocontainer-2.15.jar:na]
at org.picocontainer.DefaultPicoContainer.start(DefaultPicoContainer.java:767) ~[picocontainer-2.15.jar:na]
at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:134) ~[sonar-core-5.4.jar:na]
at org.sonar.server.platform.platformlevel.PlatformLevel.start(PlatformLevel.java:84) ~[sonar-server-5.4.jar:na]
at org.sonar.server.platform.platformlevel.PlatformLevelStartup.access$001(PlatformLevelStartup.java:44) ~[sonar-server-5.4.jar:na]
at org.sonar.server.platform.platformlevel.PlatformLevelStartup$1.doPrivileged(PlatformLevelStartup.java:80) ~[sonar-server-5.4.jar:na]
at org.sonar.server.user.DoPrivileged.execute(DoPrivileged.java:44) ~[sonar-server-5.4.jar:na]
at org.sonar.server.platform.platformlevel.PlatformLevelStartup.start(PlatformLevelStartup.java:76) ~[sonar-server-5.4.jar:na]
at org.sonar.server.platform.Platform.executeStartupTasks(Platform.java:197) ~[sonar-server-5.4.jar:na]
at org.sonar.server.platform.Platform.doStart(Platform.java:114) ~[sonar-server-5.4.jar:na]
at org.sonar.server.platform.Platform.doStart(Platform.java:99) ~[sonar-server-5.4.jar:na]
at org.sonar.server.platform.PlatformServletContextListener.contextInitialized(PlatformServletContextListener.java:44) ~[sonar-server-5.4.jar:na]
at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4812) [tomcat-embed-core-8.0.30.jar:8.0.30]
at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5255) [tomcat-embed-core-8.0.30.jar:8.0.30]
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150) [tomcat-embed-core-8.0.30.jar:8.0.30]
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1408) [tomcat-embed-core-8.0.30.jar:8.0.30]
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1398) [tomcat-embed-core-8.0.30.jar:8.0.30]
at java.util.concurrent.FutureTask.run(FutureTask.java:262) [na:1.7.0_75]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) [na:1.7.0_75]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) [na:1.7.0_75]
at java.lang.Thread.run(Thread.java:745) [na:1.7.0_75]
Caused by: java.lang.ClassNotFoundException: org.sonar.java.checks.SubscriptionBaseVisitor
at org.sonar.classloader.ParentFirstStrategy.loadClass(ParentFirstStrategy.java:39) ~[sonar-classloader-1.0.jar:na]
at org.sonar.classloader.ClassRealm.loadClass(ClassRealm.java:87) ~[sonar-classloader-1.0.jar:na]
at org.sonar.classloader.ClassRealm.loadClass(ClassRealm.java:76) ~[sonar-classloader-1.0.jar:na]
... 50 common frames omitted
2016.06.02 09:58:06 ERROR web[o.a.c.c.StandardContext] One or more listeners failed to start. Full details will be found in the appropriate container log file
2016.06.02 09:58:07 ERROR web[o.a.c.c.StandardContext] Context [] startup failed due to previous errors
HTL is pretty good at inferring the display context. Only specify the display context when it's necessary. Check the specification for a list of display contexts.
<!--/* Bad, display context is superfluous in both cases. */-->
<img alt="${model.imageAlt @ context='attribute'}" src="${model.imageUrl @ context='uri'}" />
<!--/* Good, this has the same effect as the example above */-->
<img alt="${model.imageAlt}" src="${model.imageUrl}" />
<!--/* Good, we can specify a more specific context that what would be inferred by HTL */-->
<div data-service-url="${model.url @ context='uri'}">
<!-- some HTML -->
</div>
<!--/* Acceptable, we expect to render something unusual. */-->
<div class="someWeirdComponent">
${model.script @ context='unsafe'}
</div>
When a session based object is accessed or returned within a private method that is called in constructor or afterCreated
method it is still reported as an issue.
Below is an example of valid code that is marked as non compliant. Issue is reported for getTags
method.
@SliceResource
public class Model implements InitializableModel {
@Inject
@RequestedPage
private Page page;
private List<Tag> tags;
@Override
public void afterCreated() {
this.tags = getTags(page.getContentResource());
}
private List<Tag> getTags(Resource contentResource) {
TagManager manager = contentResource.getResourceResolver().adaptTo(TagManager.class);
return Arrays.asList(manager.getTags(contentResource));
}
}
The analysis process crashes in certain situations.
Stack:
Caused by: java.lang.NullPointerException
at com.cognifide.rnd.aemrules.checks.visitors.FindRRDeclarationVisitor.isManuallyCreatedResourceResolver(FindRRDeclarationVisitor.java:48)
at com.cognifide.rnd.aemrules.checks.visitors.FindRRDeclarationVisitor.visitAssignmentExpression(FindRRDeclarationVisitor.java:38)
at org.sonar.java.model.expression.AssignmentExpressionTreeImpl.accept(AssignmentExpressionTreeImpl.java:86)
at org.sonar.plugins.java.api.tree.BaseTreeVisitor.scan(BaseTreeVisitor.java:42)
at org.sonar.plugins.java.api.tree.BaseTreeVisitor.visitExpressionStatement(BaseTreeVisitor.java:101)
at org.sonar.java.model.statement.ExpressionStatementTreeImpl.accept(ExpressionStatementTreeImpl.java:70)
at org.sonar.plugins.java.api.tree.BaseTreeVisitor.scan(BaseTreeVisitor.java:42)
at org.sonar.plugins.java.api.tree.BaseTreeVisitor.scan(BaseTreeVisitor.java:36)
at org.sonar.plugins.java.api.tree.BaseTreeVisitor.visitBlock(BaseTreeVisitor.java:85)
at org.sonar.java.model.statement.BlockTreeImpl.accept(BlockTreeImpl.java:91)
at org.sonar.plugins.java.api.tree.BaseTreeVisitor.scan(BaseTreeVisitor.java:42)
at com.cognifide.rnd.aemrules.checks.visitors.FindRRDeclarationVisitor.visitTryStatement(FindRRDeclarationVisitor.java:92)
at org.sonar.java.model.statement.TryStatementTreeImpl.accept(TryStatementTreeImpl.java:174)
at org.sonar.plugins.java.api.tree.BaseTreeVisitor.scan(BaseTreeVisitor.java:42)
at org.sonar.plugins.java.api.tree.BaseTreeVisitor.scan(BaseTreeVisitor.java:36)
at org.sonar.plugins.java.api.tree.BaseTreeVisitor.visitBlock(BaseTreeVisitor.java:85)
at org.sonar.java.model.statement.BlockTreeImpl.accept(BlockTreeImpl.java:91)
at org.sonar.plugins.java.api.tree.BaseTreeVisitor.scan(BaseTreeVisitor.java:42)
at org.sonar.plugins.java.api.tree.BaseTreeVisitor.visitMethod(BaseTreeVisitor.java:80)
at org.sonar.java.model.declaration.MethodTreeImpl.accept(MethodTreeImpl.java:193)
at com.cognifide.rnd.aemrules.checks.ResourceResolverShouldBeClosed.findResolversInMethod(ResourceResolverShouldBeClosed.java:59)
at com.cognifide.rnd.aemrules.checks.ResourceResolverShouldBeClosed.visitMethod(ResourceResolverShouldBeClosed.java:39)
at org.sonar.java.model.declaration.MethodTreeImpl.accept(MethodTreeImpl.java:193)
at org.sonar.plugins.java.api.tree.BaseTreeVisitor.scan(BaseTreeVisitor.java:42)
at org.sonar.plugins.java.api.tree.BaseTreeVisitor.scan(BaseTreeVisitor.java:36)
at org.sonar.plugins.java.api.tree.BaseTreeVisitor.visitClass(BaseTreeVisitor.java:69)
at org.sonar.java.model.declaration.ClassTreeImpl.accept(ClassTreeImpl.java:189)
at org.sonar.plugins.java.api.tree.BaseTreeVisitor.scan(BaseTreeVisitor.java:42)
at org.sonar.plugins.java.api.tree.BaseTreeVisitor.scan(BaseTreeVisitor.java:36)
at org.sonar.plugins.java.api.tree.BaseTreeVisitor.visitCompilationUnit(BaseTreeVisitor.java:55)
at org.sonar.java.model.JavaTree$CompilationUnitTreeImpl.accept(JavaTree.java:205)
at org.sonar.plugins.java.api.tree.BaseTreeVisitor.scan(BaseTreeVisitor.java:42)
at com.cognifide.rnd.aemrules.checks.ResourceResolverShouldBeClosed.scanFile(ResourceResolverShouldBeClosed.java:34)
at org.sonar.java.model.VisitorsBridge.visitFile(VisitorsBridge.java:121)
at com.sonar.sslr.impl.ast.AstWalker.walkAndVisit(AstWalker.java:67)
at org.sonar.java.ast.AstScanner.simpleScan(AstScanner.java:107)
... 71 more
Some of rules are not AEM-specific or should retire from various reasons. Prepare list and mark them as deprecated.
The file used by SessionShouldBeLoggedOutTest has a mix of compliant and non-compliant methods but only checks that at least one method is non-compliant. This can lead to false positives/negatives. It would be better to break these out into separate test files and use parameterized tests in JUnit.
AEM-7 rule produces false positive on following code:
Add new test case to cover this scenario and implement fix for that.
Kudos goes to @ganncamp
When installed along with SonarJava 5.8 (Build 15699), Sonar analysis fails. I am getting this error during analysis:
15:18:31 [ERROR] Failed to execute goal org.sonarsource.scanner.maven:sonar-maven-plugin:3.3.0.603:sonar (default-cli) on project com.###.###.###: SonarQube is unable to analyze file : '/###/###/###.java': java.lang.reflect.InvocationTargetException: com.google.common.base.Preconditions.checkNotNull(Ljava/lang/Object;Ljava/lang/String;Ljava/lang/Object;)Ljava/lang/Object; -> [Help 1]
I am getting the very same error for each Java project that is analysed using SonarQube 7.3 / SonarJava 5.8 / AEM Rules for SonarQube 0.10 (and a snapshot build of 0.11 source from 10/19/2018)
Rolling back the SonarJava plugin to a previous release (5.7) fixes the issue (tested with a snapshot build of aEM Rules for SonarQube 0.11 of 10/19/2018).
I have an issue with the plugin. Sonar starts the first time, creates database and works just fine. But the second time it doesn't start. There is not much info in log. I found a few lines with error messages.
ERROR web[o.a.c.c.C.[.[.[/]] Exception sending context initialized event to listener instance of class org.sonar.server.platform.PlatformServletContextListener
java.lang.NoClassDefFoundError: org/sonar/plugins/java/api/CheckRegistrar
ERROR web[jruby.rack] initialization failed
ERROR web[o.a.c.c.StandardContext] Error listenerStart
ERROR web[o.a.c.c.StandardContext] Context [] startup failed due to previous errors
Each AEM JavaDocs comes with page summarising all constant values:
AEM 6.0 & 6.1 probably do not provide their own one-pagers, you have to check class by class.
Also, in the project there is a Groovy script that helps to list constants.
Use existing HTML elements instead of adding extra sly tags.
<!--/* Bad - unnecessary elements*/-->
<sly data-sly-test="${model.visible}" data-sly-use="com.example.HeroModel">
<div class="myComponent">
<h1>${model.headline}</h1>
<p>${model.text}</p>
</div>
</sly>
<!--/* Good - existing markup reused */-->
<div class="myComponent"
data-sly-test="${model.visible}"
data-sly-use="com.example.HeroModel">
<h1>${model.headline}</h1>
<p>${model.text}</p>
</div>
If it's not possible to use an existing element, prefer sly tags over introducing superfluous markup that renders on the page.
<!--/* Bad - additional div rendered */-->
<div data-sly-use.model="com.example.Model" data-sly-use.templates="templates.html"></div>
<!--/* Bad - not immediately clear if the element is part of the markup or just a holder for HTL */-->
<div data-sly-use.model="com.example.Model" data-sly-use.templates="templates.html" data-sly-unwrap></div>
<!--/* Good - it's clear this element doesn't render */-->
<sly data-sly-use.model="com.example.Model" data-sly-use.templates="templates.html"></sly>
HTL Templates should be placed in separate files. This helps understand which code is meant to render a componenta and which code is reused as a template. Additionally, component-specific code can be safely removed. It should be immediately obvious whether or not some code is re-used across the codebase.
<!--/* Bad - component code also defines a template, the template should be extracted to a separate file */-->
<template data-sly-template.image="${@ source, description}">
<img src="${source}" alt="${description}" title="${description}"/>
</template>
<div class="image-component" data-sly-use.model="com.example.Image">
<sly data-sly-call="${image @ source=model.src, description=model.altText}"
</div>
Hi,
AEM-8 Prefer cleaner @SlingServlet annotation.
This rule recommends to use @SlingServlet Annotation but as per OSGI Declarative services (OSGI R6) the new way to create Servlet is:
@component(
immediate = true,
service = Servlet.class,
property = {
"sling.servlet.resourceTypes=project/components/component"
}
)
@Designate(ocd = SampleOsgiServlet.Configuration.class)
e.g: https://gist.github.com/nateyolles/e1e809485cbb0ef1e04a445ddf53a6d7
I saw couple of more blogs and posts for the same.
Can you please help me with this issue?
We've had some performance trouble in our project caused by improper use of SlingQuery.
A lot of people tend not to think about the search strategy used under the hood and whether or not a JCR query (the default strategy) is good for the job they're using the SlingQuery for.
It would be nice to have a rule suggesting explicit selection of a searchStrategy, if only to improve the awareness of what's going on under the hood when one uses a SlingQuery.
Hi!
I found that if class have multiply adaptables property, like
@model(adaptables = {Resource.class, SlingHttpServletRequest.class})
it fail check with next message:
[ERROR] Failed to execute goal org.sonarsource.scanner.maven:sonar-maven-plugin:3.0.2:sonar (default-cli) on project xxx: SonarQube is unable to analyze file : 'x:\xx\xx\Foo.java': org.sonar.java.model.expression.NewArrayTreeImpl cannot be cast to org.sonar.plugins.java.api.tree.Me
mberSelectExpressionTree -> [Help 1]
Single property, like @model(adaptables = SlingHttpServletRequest.class) works well.
Could someone check ? Thanks.
I've had a look at the code while trying to figure out how one would go about implementing a rule and I noticed we're using the phrase changeable method in context of the ModifiableValueMap
rule (AEM-17) in both the docs and the code.
I find this choice of words confusing. Judging by the context, it seems to mean a method that changes the state of an object. I have never seen the phrase changeable method used in this context. The use of the adjective seems to imply that it is the method is the subject of a change while in reality, it's the object on whose behalf the method is invoked that may or may not change.
Is there something I'm missing? I'm wondering where the phrase originated. If its use is accidental, how about referring to those methods as mutators ?
In file
AEM-Rules-for-SonarQube/src/main/java/com/cognifide/aemrules/checks/resourceresolver/close/FindRRDeclarationVisitor.java
133-135 lines are not covered with unit tests. Please add new testing case or remove this statement if not needed.
Consider following code.
ModelProvider modelProvider;
try (InjectorWithContext injector = InjectorUtil.getInjector(INJECTOR_NAME, request)) {
modelProvider = injector.getInstance(ModelProvider.class);
SomeSliceObject someSliceObject= injector.getInstance(SomeSliceObject.class);
}
someSliceObject.foo();
The reference for someSliceObject
may fail depending on whether the injector has been closed already. The output is fairly indeterministic though.
Also, I believe a similar issue may appear out of Slice world for basically resource-based objects.
If a majority of @injected fields/methods are optional, it is possible to change the default injection strategy by using adding defaultInjectionStrategy = DefaultInjectionStrategy.OPTIONAL to the @model annotation.
If defaultInjectionStrategy is defined as optional, @optional annotation on injected fields (@Inject) is no longer needed.
AEM rules should be possible to disable with the Java comment //NOSONAR
(similar to what is possible with the Java Plugin). This currently does not work.
Avoid inline CSS and JS code. One of the primary drivers behind the introduction of HTL was to avoid scriptlets and mixing code in multiple languages. Place CSS and JS in separate files.
Hi,
I installer the official LTS Sonar images at https://hub.docker.com/_/sonarqube/.
The image version:
docker images | grep sonar
sonarqube lts cd4a4caa7b28 8 days ago 744 M
The JAVA version in the image:
docker exec -it sonarqube java -version
openjdk version "1.8.0_131"
OpenJDK Runtime Environment (build 1.8.0_131-8u131-b11-1~bpo8+1-b11)
OpenJDK 64-Bit Server VM (build 25.131-b11, mixed mode)
And, when I install the plugin and restart my Sonar, I have this traces:
java.lang.NoClassDefFoundError: com/google/common/base/Functions
at com.cognifide.aemrules.extensions.RulesLoader.<clinit>(RulesLoader.java:49) ~[na:na]
at com.cognifide.aemrules.extensions.AemRulesRulesDefinition.define(AemRulesRulesDefinition.java:30) ~[na:na]
at org.sonar.server.rule.RuleDefinitionsLoader.load(RuleDefinitionsLoader.java:54) ~[sonar-server-5.6.6.jar:na]
at org.sonar.server.rule.RegisterRules.start(RegisterRules.java:97) ~[sonar-server-5.6.6.jar:na]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_131]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:1.8.0_131]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_131]
at java.lang.reflect.Method.invoke(Method.java:498) ~[na:1.8.0_131]
at org.picocontainer.lifecycle.ReflectionLifecycleStrategy.invokeMethod(ReflectionLifecycleStrategy.java:110) ~[picocontainer-2.15.jar:na]
at org.picocontainer.lifecycle.ReflectionLifecycleStrategy.start(ReflectionLifecycleStrategy.java:89) ~[picocontainer-2.15.jar:na]
at org.sonar.core.platform.ComponentContainer$1.start(ComponentContainer.java:320) ~[sonar-core-5.6.6.jar:na]
at org.picocontainer.injectors.AbstractInjectionFactory$LifecycleAdapter.start(AbstractInjectionFactory.java:84) ~[picocontainer-2.15.jar:na]
at org.picocontainer.behaviors.AbstractBehavior.start(AbstractBehavior.java:169) ~[picocontainer-2.15.jar:na]
at org.picocontainer.behaviors.Stored$RealComponentLifecycle.start(Stored.java:132) ~[picocontainer-2.15.jar:na]
at org.picocontainer.behaviors.Stored.start(Stored.java:110) ~[picocontainer-2.15.jar:na]
at org.picocontainer.DefaultPicoContainer.potentiallyStartAdapter(DefaultPicoContainer.java:1016) ~[picocontainer-2.15.jar:na]
at org.picocontainer.DefaultPicoContainer.startAdapters(DefaultPicoContainer.java:1009) ~[picocontainer-2.15.jar:na]
at org.picocontainer.DefaultPicoContainer.start(DefaultPicoContainer.java:767) ~[picocontainer-2.15.jar:na]
at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:141) ~[sonar-core-5.6.6.jar:na]
at org.sonar.server.platform.platformlevel.PlatformLevel.start(PlatformLevel.java:84) ~[sonar-server-5.6.6.jar:na]
at org.sonar.server.platform.platformlevel.PlatformLevelStartup.access$001(PlatformLevelStartup.java:45) ~[sonar-server-5.6.6.jar:na]
at org.sonar.server.platform.platformlevel.PlatformLevelStartup$1.doPrivileged(PlatformLevelStartup.java:80) ~[sonar-server-5.6.6.jar:na]
at org.sonar.server.user.DoPrivileged.execute(DoPrivileged.java:44) ~[sonar-server-5.6.6.jar:na]
at org.sonar.server.platform.platformlevel.PlatformLevelStartup.start(PlatformLevelStartup.java:77) ~[sonar-server-5.6.6.jar:na]
at org.sonar.server.platform.Platform.executeStartupTasks(Platform.java:201) ~[sonar-server-5.6.6.jar:na]
at org.sonar.server.platform.Platform.doStart(Platform.java:114) ~[sonar-server-5.6.6.jar:na]
at org.sonar.server.platform.Platform.doStart(Platform.java:99) ~[sonar-server-5.6.6.jar:na]
at org.sonar.server.platform.PlatformServletContextListener.contextInitialized(PlatformServletContextListener.java:44) ~[sonar-server-5.6.6.jar:na]
at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4812) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5255) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:147) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1408) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1398) [tomcat-embed-core-8.0.32.jar:8.0.32]
at java.util.concurrent.FutureTask.run(FutureTask.java:266) [na:1.8.0_131]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [na:1.8.0_131]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [na:1.8.0_131]
at java.lang.Thread.run(Thread.java:748) [na:1.8.0_131]
Caused by: java.lang.ClassNotFoundException: com.google.common.base.Functions
at org.sonar.classloader.ParentFirstStrategy.loadClass(ParentFirstStrategy.java:39) ~[sonar-classloader-1.0.jar:na]
at org.sonar.classloader.ClassRealm.loadClass(ClassRealm.java:87) ~[sonar-classloader-1.0.jar:na]
at org.sonar.classloader.ClassRealm.loadClass(ClassRealm.java:76) ~[sonar-classloader-1.0.jar:na]
... 37 common frames omitted
Below scenario (Circular dependency) causes stack overflow on rule AEM-9
method1() {
if(condition) {
method2()
}
}
method2() {
if(differentConfition){
method1()
}
}
Please fix rule to don't visit method invocations which were visited in while visiting current method.
Hi,
If I analyze my project with default java profile "Sonar Way" it runs fine. But If I activate AEM rules in "Sonar way + AEM" profile and analyze project against it then gives me below error ...
01:04:24 [INFO] Source paths: pom.xml, src/main/java
01:04:24 [INFO] Test paths: src/test/java
01:04:24 [INFO] Binary dirs: target/classes
01:04:24 [INFO] Source encoding: windows-1252, default locale: en_US
01:04:24 [INFO] Index files
01:04:25 [INFO] 171 files indexed
01:04:25 [INFO] Quality profile for java: Sonar way + AEM
01:04:25 [INFO] Sensor Lines Sensor
01:04:25 [INFO] Sensor Lines Sensor (done) | time=27ms
01:04:25 [INFO] Sensor JavaSquidSensor
01:04:25 [INFO] Configured Java source version (sonar.java.source): 7
01:04:25 [INFO] JavaClasspath initialization
01:04:25 [INFO] JavaClasspath initialization (done) | time=1ms
01:04:25 [INFO] JavaTestClasspath initialization
01:04:25 [INFO] JavaTestClasspath initialization (done) | time=1ms
01:04:25 [INFO] Java Main Files AST scan
01:04:25 [INFO] 165 source files to be analyzed
01:04:38 [INFO] BUILD FAILURE
01:04:38 [INFO] ------------------------------------------------------------------------
01:04:38 [INFO] Total time: 03:33 min
01:04:38 [INFO] Finished at: 2017-06-16T01:04:38-04:00
01:04:38 [INFO] Final Memory: 83M/828M
01:04:38 [INFO] ------------------------------------------------------------------------
01:04:38 [ERROR] Failed to execute goal org.sonarsource.scanner.maven:sonar-maven-plugin:3.2:sonar (default-cli) on project redesign: SonarQube is unable to analyze file : org.sonar.java.model.expression.MemberSelectExpressionTreeImpl cannot be cast to org.sonar.plugins.java.api.tree.IdentifierTree -> [Help 1]
01:04:38 org.apache.maven.lifecycle.LifecycleExecutionException: Failed to execute goal org.sonarsource.scanner.maven:sonar-maven-plugin:3.2:sonar (default-cli) on project redesign: SonarQube is unable to analyze file :
01:04:38 at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:216)
01:04:38 at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:153)
01:04:38 at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:145)
01:04:38 at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:116)
01:04:38 at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:80)
01:04:38 at org.apache.maven.lifecycle.internal.builder.singlethreaded.SingleThreadedBuilder.build(SingleThreadedBuilder.java:51)
01:04:38 at org.apache.maven.lifecycle.internal.LifecycleStarter.execute(LifecycleStarter.java:120)
01:04:38 at org.apache.maven.DefaultMaven.doExecute(DefaultMaven.java:347)
01:04:38 at org.apache.maven.DefaultMaven.execute(DefaultMaven.java:154)
01:04:38 at org.apache.maven.cli.MavenCli.execute(MavenCli.java:582)
01:04:38 at org.apache.maven.cli.MavenCli.doMain(MavenCli.java:214)
01:04:38 at org.apache.maven.cli.MavenCli.main(MavenCli.java:158)
01:04:38 at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
01:04:38 at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
01:04:38 at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
01:04:38 at java.lang.reflect.Method.invoke(Method.java:497)
01:04:38 at org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced(Launcher.java:289)
01:04:38 at org.codehaus.plexus.classworlds.launcher.Launcher.launch(Launcher.java:229)
01:04:38 at org.codehaus.plexus.classworlds.launcher.Launcher.mainWithExitCode(Launcher.java:415)
01:04:38 at org.codehaus.plexus.classworlds.launcher.Launcher.main(Launcher.java:356)
01:04:38 Caused by: org.apache.maven.plugin.MojoExecutionException: SonarQube is unable to analyze file :
01:04:38 at org.sonarsource.scanner.maven.bootstrap.ExceptionHandling.handle(ExceptionHandling.java:36)
01:04:38 at org.sonarsource.scanner.maven.bootstrap.ScannerBootstrapper.execute(ScannerBootstrapper.java:81)
01:04:38 at org.sonarsource.scanner.maven.SonarQubeMojo.execute(SonarQubeMojo.java:122)
01:04:38 at org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo(DefaultBuildPluginManager.java:132)
01:04:38 at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:208)
01:04:38 ... 19 more
01:04:38 Caused by: org.sonar.squidbridge.api.AnalysisException: SonarQube is unable to analyze file :
01:04:38 at org.sonar.java.ast.JavaAstScanner.simpleScan(JavaAstScanner.java:96)
01:04:38 at org.sonar.java.ast.JavaAstScanner.scan(JavaAstScanner.java:63)
01:04:38 at org.sonar.java.JavaSquid.scanSources(JavaSquid.java:119)
01:04:38 at org.sonar.java.JavaSquid.scan(JavaSquid.java:113)
01:04:38 at org.sonar.plugins.java.JavaSquidSensor.execute(JavaSquidSensor.java:84)
01:04:38 at org.sonar.batch.sensor.SensorWrapper.analyse(SensorWrapper.java:57)
01:04:38 at org.sonar.batch.phases.SensorsExecutor.executeSensor(SensorsExecutor.java:58)
01:04:38 at org.sonar.batch.phases.SensorsExecutor.execute(SensorsExecutor.java:50)
01:04:38 at org.sonar.batch.phases.AbstractPhaseExecutor.execute(AbstractPhaseExecutor.java:83)
01:04:38 at org.sonar.batch.scan.ModuleScanContainer.doAfterStart(ModuleScanContainer.java:192)
01:04:38 at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:142)
01:04:38 at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:127)
01:04:38 at org.sonar.batch.scan.ProjectScanContainer.scan(ProjectScanContainer.java:241)
01:04:38 at org.sonar.batch.scan.ProjectScanContainer.scanRecursively(ProjectScanContainer.java:236)
01:04:38 at org.sonar.batch.scan.ProjectScanContainer.scanRecursively(ProjectScanContainer.java:234)
01:04:38 at org.sonar.batch.scan.ProjectScanContainer.doAfterStart(ProjectScanContainer.java:226)
01:04:38 at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:142)
01:04:38 at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:127)
01:04:38 at org.sonar.batch.task.ScanTask.execute(ScanTask.java:47)
01:04:38 at org.sonar.batch.task.TaskContainer.doAfterStart(TaskContainer.java:86)
01:04:38 at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:142)
01:04:38 at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:127)
01:04:38 at org.sonar.batch.bootstrap.GlobalContainer.executeTask(GlobalContainer.java:106)
01:04:38 at org.sonar.batch.bootstrapper.Batch.executeTask(Batch.java:119)
01:04:38 at org.sonarsource.scanner.api.internal.batch.BatchIsolatedLauncher.execute(BatchIsolatedLauncher.java:62)
01:04:38 at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
01:04:38 at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
01:04:38 at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
01:04:38 at java.lang.reflect.Method.invoke(Method.java:497)
01:04:38 at org.sonarsource.scanner.api.internal.IsolatedLauncherProxy.invoke(IsolatedLauncherProxy.java:60)
01:04:38 at com.sun.proxy.$Proxy21.execute(Unknown Source)
01:04:38 at org.sonarsource.scanner.api.EmbeddedScanner.doExecute(EmbeddedScanner.java:233)
01:04:38 at org.sonarsource.scanner.api.EmbeddedScanner.runAnalysis(EmbeddedScanner.java:151)
01:04:38 at org.sonarsource.scanner.maven.bootstrap.ScannerBootstrapper.execute(ScannerBootstrapper.java:78)
01:04:38 ... 22 more
01:04:38 Caused by: java.lang.ClassCastException: org.sonar.java.model.expression.MemberSelectExpressionTreeImpl cannot be cast to org.sonar.plugins.java.api.tree.IdentifierTree
01:04:38 at com.cognifide.aemrules.checks.visitors.FindSessionDeclarationVisitor.getMethodTree(FindSessionDeclarationVisitor.java:93)
01:04:38 at com.cognifide.aemrules.checks.visitors.FindSessionDeclarationVisitor.access$500(FindSessionDeclarationVisitor.java:41)
01:04:38 at com.cognifide.aemrules.checks.visitors.FindSessionDeclarationVisitor$CheckIfSessionCreatedManually.visitAssignmentExpression(FindSessionDeclarationVisitor.java:159)
01:04:38 at org.sonar.java.model.expression.AssignmentExpressionTreeImpl.accept(AssignmentExpressionTreeImpl.java:71)
01:04:38 at org.sonar.plugins.java.api.tree.BaseTreeVisitor.scan(BaseTreeVisitor.java:43)
01:04:38 at org.sonar.plugins.java.api.tree.BaseTreeVisitor.visitExpressionStatement(BaseTreeVisitor.java:101)
01:04:38 at org.sonar.java.model.statement.ExpressionStatementTreeImpl.accept(ExpressionStatementTreeImpl.java:65)
01:04:38 at org.sonar.plugins.java.api.tree.BaseTreeVisitor.scan(BaseTreeVisitor.java:43)
01:04:38 at org.sonar.plugins.java.api.tree.BaseTreeVisitor.scan(BaseTreeVisitor.java:37)
01:04:38 at org.sonar.plugins.java.api.tree.BaseTreeVisitor.visitBlock(BaseTreeVisitor.java:85)
01:04:38 at org.sonar.java.model.statement.BlockTreeImpl.accept(BlockTreeImpl.java:77)
01:04:38 at org.sonar.plugins.java.api.tree.BaseTreeVisitor.scan(BaseTreeVisitor.java:43)
01:04:38 at org.sonar.plugins.java.api.tree.BaseTreeVisitor.visitIfStatement(BaseTreeVisitor.java:107)
01:04:38 at org.sonar.java.model.statement.IfStatementTreeImpl.accept(IfStatementTreeImpl.java:124)
01:04:38 at org.sonar.plugins.java.api.tree.BaseTreeVisitor.scan(BaseTreeVisitor.java:43)
01:04:38 at org.sonar.plugins.java.api.tree.BaseTreeVisitor.scan(BaseTreeVisitor.java:37)
01:04:38 at org.sonar.plugins.java.api.tree.BaseTreeVisitor.visitBlock(BaseTreeVisitor.java:85)
01:04:38 at org.sonar.java.model.statement.BlockTreeImpl.accept(BlockTreeImpl.java:77)
01:04:38 at org.sonar.plugins.java.api.tree.BaseTreeVisitor.scan(BaseTreeVisitor.java:43)
01:04:38 at org.sonar.plugins.java.api.tree.BaseTreeVisitor.visitMethod(BaseTreeVisitor.java:80)
01:04:38 at com.cognifide.aemrules.checks.visitors.FindSessionDeclarationVisitor$CheckIfSessionCreatedManually.visitMethod(FindSessionDeclarationVisitor.java:148)
01:04:38 at org.sonar.java.model.declaration.MethodTreeImpl.accept(MethodTreeImpl.java:218)
01:04:38 at com.cognifide.aemrules.checks.visitors.FindSessionDeclarationVisitor.isManuallyCreatedSession(FindSessionDeclarationVisitor.java:88)
01:04:38 at com.cognifide.aemrules.checks.visitors.FindSessionDeclarationVisitor.findSessionsCreatedInMethods(FindSessionDeclarationVisitor.java:73)
01:04:38 at com.cognifide.aemrules.checks.visitors.FindSessionDeclarationVisitor.visitAssignmentExpression(FindSessionDeclarationVisitor.java:65)
01:04:38 at org.sonar.java.model.expression.AssignmentExpressionTreeImpl.accept(AssignmentExpressionTreeImpl.java:71)
01:04:38 at org.sonar.plugins.java.api.tree.BaseTreeVisitor.scan(BaseTreeVisitor.java:43)
01:04:38 at org.sonar.plugins.java.api.tree.BaseTreeVisitor.visitExpressionStatement(BaseTreeVisitor.java:101)
01:04:38 at org.sonar.java.model.statement.ExpressionStatementTreeImpl.accept(ExpressionStatementTreeImpl.java:65)
01:04:38 at org.sonar.plugins.java.api.tree.BaseTreeVisitor.scan(BaseTreeVisitor.java:43)
01:04:38 at org.sonar.plugins.java.api.tree.BaseTreeVisitor.scan(BaseTreeVisitor.java:37)
01:04:38 at org.sonar.plugins.java.api.tree.BaseTreeVisitor.visitBlock(BaseTreeVisitor.java:85)
01:04:38 at org.sonar.java.model.statement.BlockTreeImpl.accept(BlockTreeImpl.java:77)
01:04:38 at org.sonar.plugins.java.api.tree.BaseTreeVisitor.scan(BaseTreeVisitor.java:43)
01:04:38 at org.sonar.plugins.java.api.tree.BaseTreeVisitor.visitIfStatement(BaseTreeVisitor.java:107)
01:04:38 at org.sonar.java.model.statement.IfStatementTreeImpl.accept(IfStatementTreeImpl.java:124)
01:04:38 at org.sonar.plugins.java.api.tree.BaseTreeVisitor.scan(BaseTreeVisitor.java:43)
01:04:38 at org.sonar.plugins.java.api.tree.BaseTreeVisitor.scan(BaseTreeVisitor.java:37)
01:04:38 at org.sonar.plugins.java.api.tree.BaseTreeVisitor.visitBlock(BaseTreeVisitor.java:85)
01:04:38 at org.sonar.java.model.statement.BlockTreeImpl.accept(BlockTreeImpl.java:77)
01:04:38 at org.sonar.plugins.java.api.tree.BaseTreeVisitor.scan(BaseTreeVisitor.java:43)
01:04:38 at com.cognifide.aemrules.checks.visitors.FindSessionDeclarationVisitor.visitTryStatement(FindSessionDeclarationVisitor.java:132)
01:04:38 at org.sonar.java.model.statement.TryStatementTreeImpl.accept(TryStatementTreeImpl.java:171)
01:04:38 at org.sonar.plugins.java.api.tree.BaseTreeVisitor.scan(BaseTreeVisitor.java:43)
01:04:38 at org.sonar.plugins.java.api.tree.BaseTreeVisitor.scan(BaseTreeVisitor.java:37)
01:04:38 at org.sonar.plugins.java.api.tree.BaseTreeVisitor.visitBlock(BaseTreeVisitor.java:85)
01:04:38 at org.sonar.java.model.statement.BlockTreeImpl.accept(BlockTreeImpl.java:77)
01:04:38 at org.sonar.plugins.java.api.tree.BaseTreeVisitor.scan(BaseTreeVisitor.java:43)
01:04:38 at org.sonar.plugins.java.api.tree.BaseTreeVisitor.visitMethod(BaseTreeVisitor.java:80)
01:04:38 at org.sonar.java.model.declaration.MethodTreeImpl.accept(MethodTreeImpl.java:218)
01:04:38 at com.cognifide.aemrules.checks.SessionShouldBeLoggedOut.findSessionsInMethod(SessionShouldBeLoggedOut.java:81)
01:04:38 at com.cognifide.aemrules.checks.SessionShouldBeLoggedOut.visitMethod(SessionShouldBeLoggedOut.java:61)
01:04:38 at org.sonar.java.model.declaration.MethodTreeImpl.accept(MethodTreeImpl.java:218)
01:04:38 at org.sonar.plugins.java.api.tree.BaseTreeVisitor.scan(BaseTreeVisitor.java:43)
01:04:38 at org.sonar.plugins.java.api.tree.BaseTreeVisitor.scan(BaseTreeVisitor.java:37)
01:04:38 at org.sonar.plugins.java.api.tree.BaseTreeVisitor.visitClass(BaseTreeVisitor.java:69)
01:04:38 at org.sonar.java.model.declaration.ClassTreeImpl.accept(ClassTreeImpl.java:194)
01:04:38 at org.sonar.plugins.java.api.tree.BaseTreeVisitor.scan(BaseTreeVisitor.java:43)
01:04:38 at org.sonar.plugins.java.api.tree.BaseTreeVisitor.scan(BaseTreeVisitor.java:37)
01:04:38 at org.sonar.plugins.java.api.tree.BaseTreeVisitor.visitCompilationUnit(BaseTreeVisitor.java:55)
01:04:38 at org.sonar.java.model.JavaTree$CompilationUnitTreeImpl.accept(JavaTree.java:184)
01:04:38 at org.sonar.plugins.java.api.tree.BaseTreeVisitor.scan(BaseTreeVisitor.java:43)
01:04:38 at com.cognifide.aemrules.checks.SessionShouldBeLoggedOut.scanFile(SessionShouldBeLoggedOut.java:56)
01:04:38 at org.sonar.java.model.VisitorsBridge.visitFile(VisitorsBridge.java:115)
01:04:38 at org.sonar.java.ast.JavaAstScanner.simpleScan(JavaAstScanner.java:87)
01:04:38 ... 55 more
01:04:38 [ERROR]
01:04:38 [ERROR] Re-run Maven using the -X switch to enable full debug logging.
01:04:38 [ERROR]
01:04:38 [ERROR] For more information about the errors and possible solutions, please read the following articles:
01:04:38 [ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/MojoExecutionException
01:04:38 Sonar analysis completed: FAILURE
Can you please help me to figure out solution for this.
I am using SonarQube 5.6.6, SonarJava 4.9 & AEM rules plugin 0.8.
When I update the SonarJava plugin from 4.9 to 4.10 (released yesterday), the web server (SQ 6.3.0) fails to start up due to the following exception (using AEM Rules v0.8):
2017.05.31 10:29:45 ERROR web[][o.a.c.c.C.[.[.[/]] Exception sending context initialized event to listener instance of class org.sonar.server.platform.web.PlatformServletContextListener
java.lang.NoClassDefFoundError: com/google/common/base/Functions
at com.cognifide.aemrules.extensions.RulesLoader.<clinit>(RulesLoader.java:49)
at com.cognifide.aemrules.extensions.AemRulesRulesDefinition.define(AemRulesRulesDefinition.java:30)
at org.sonar.server.rule.RuleDefinitionsLoader.load(RuleDefinitionsLoader.java:52)
at org.sonar.server.rule.RegisterRules.start(RegisterRules.java:99)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.picocontainer.lifecycle.ReflectionLifecycleStrategy.invokeMethod(ReflectionLifecycleStrategy.java:110)
at org.picocontainer.lifecycle.ReflectionLifecycleStrategy.start(ReflectionLifecycleStrategy.java:89)
at org.sonar.core.platform.ComponentContainer$1.start(ComponentContainer.java:321)
at org.picocontainer.injectors.AbstractInjectionFactory$LifecycleAdapter.start(AbstractInjectionFactory.java:84)
at org.picocontainer.behaviors.AbstractBehavior.start(AbstractBehavior.java:169)
at org.picocontainer.behaviors.Stored$RealComponentLifecycle.start(Stored.java:132)
at org.picocontainer.behaviors.Stored.start(Stored.java:110)
at org.picocontainer.DefaultPicoContainer.potentiallyStartAdapter(DefaultPicoContainer.java:1016)
at org.picocontainer.DefaultPicoContainer.startAdapters(DefaultPicoContainer.java:1009)
at org.picocontainer.DefaultPicoContainer.start(DefaultPicoContainer.java:767)
at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:142)
at org.sonar.server.platform.platformlevel.PlatformLevel.start(PlatformLevel.java:88)
at org.sonar.server.platform.platformlevel.PlatformLevelStartup.access$001(PlatformLevelStartup.java:40)
at org.sonar.server.platform.platformlevel.PlatformLevelStartup$1.doPrivileged(PlatformLevelStartup.java:70)
at org.sonar.server.user.DoPrivileged.execute(DoPrivileged.java:45)
at org.sonar.server.platform.platformlevel.PlatformLevelStartup.start(PlatformLevelStartup.java:67)
at org.sonar.server.platform.Platform.executeStartupTasks(Platform.java:188)
at org.sonar.server.platform.Platform.doStart(Platform.java:101)
at org.sonar.server.platform.Platform.doStart(Platform.java:79)
at org.sonar.server.platform.web.PlatformServletContextListener.contextInitialized(PlatformServletContextListener.java:45)
at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4727)
at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5189)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1419)
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1409)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
Caused by: java.lang.ClassNotFoundException: com.google.common.base.Functions
at org.sonar.classloader.ParentFirstStrategy.loadClass(ParentFirstStrategy.java:39)
at org.sonar.classloader.ClassRealm.loadClass(ClassRealm.java:87)
at org.sonar.classloader.ClassRealm.loadClass(ClassRealm.java:76)
... 37 common frames omitted
Prepare clear & concise contribution guidelines along with the vision for this project.
I have imported a new jar file into plugins directory and after a restart it showing only first 8 rules on the sonarqube. Can you please tell why this is happening?
Rule causes java.lang.StackOverflowError
when recursion is involved.
AEM-3 checks for the use of three non-thread-safe classes in field declarations in Servlets and Servlet Filters.
Out of the box, the ResourceResolver
can be adapted to several more classes:, including:
TagManager
AssetManager
UserManager
Preferences
To my knowledge, these also shouldn't be cached in a Sevlet/Filter field and It looks like including them in the AEM-3 rule would be very simple.
Not sure how many of those are likely to be used in this context. I believe some of these cases might be too absurd to even include (like caching a User
object in a Servlet field) while some actually tend to be used in Servlets (TagManager
, AssetManager
)
Your thoughts?
Hi,
Please correct me, but did not see technical debt defined for the AEM rules.
Is it something which we have to define of our own?
Thanks
Milind
This plugin is not supported for SonarQube v6.3.1. After putting the jar in plugins folder sonar server does not start.
Implement a new sensor that will support writing new rules for HTL language. Consider list of following rules when making decision on how the analysis should be performed:
< list of rules to be updated here >
(parser / regular expressions / jsoup / ?)
Rule AEM-15 shows issue next to annotation, for example:
@Override // issue
public void synchronized increment() {...
Expected:
@Override
public void synchronized increment() {... // issue
Some rules are only applicable for specific versions of AEM which translates to specific versions of Sling & OSGI.
Check whether it is possible to pass during execution a variable to conditionally turn on/off specific rules.
--aemVersion=6.4
Session based classes inside anonymous classes inside constructors or afterCreated
or inside private methods invoked from constructor or afeterCreated
should not be marked as issue, for example:
class A {
@Inject
private ResourceResolver resourceResolver;
@Override
public void afterCreated() {
List<String> list = find();
}
private List<String> find() {
return FluentIterable.from(ImmutableList.<String>of("a", "b", "c"))
.transform(new Function<String, String>() {
@Override
public void String apply(String s) {
return resourceResolver.getResource(s).getValueMap("string", String.class);
}
}).toList();
}
}
resourceResolver.getResource(s)
should not be marked as an issue.
When using current code from master I'm not able to start SonarQube:
ERROR web[][o.s.s.p.Platform] Background initialization failed. Stopping SonarQube java.lang.IllegalArgumentException: The rule 'AEM-11' of repository 'AEM Rules' is declared several times
Rule AEM-12 marks fields that are not annotated with @JcrProperty
Hi,
Using the latest SonarQube 6.7 LTS release and installed V0.9 of rule plugin.
While going through the AEM Repo, on the rules, not getting rule "Activate" option.
Login used : admin
Java Plugin Version with SQ67: 4.15.xx
Regards
Milind
Instead of reading json files with defined technical debt introduce new annotation which will describe technical debt for given rule
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.