We have many teams with a lot of java code. For avoiding performance issue, we want to prevent to use some specified classes/methods on many code repositories.
How to prevent to use specified class/method in code with static analysis tools, like CheckStyle, Sonarqube?
This sounds like a good candidate for Checkstyle's IllegalType and IllegalImport checks. Also, for finer granularity, you can use ImportControl.
Additionally, in your configuration, you can forbid certain methods as follows, using MatchXPath:
<?xml version="1.0"?>
<!DOCTYPE module PUBLIC
"-//Puppy Crawl//DTD Check Configuration 1.3//EN"
"http://www.puppycrawl.com/dtds/configuration_1_3.dtd">
<module name="Checker">
<property name="charset" value="UTF-8"/>
<module name="TreeWalker">
<module name="MatchXpath">
<property name="query" value="//METHOD_CALL//DOT[.//IDENT[@text = 'yourForbiddenMethod']]"/>
<message key="matchxpath.match"
value="Avoid using deprecated method 'yourForbiddenMethod()'."/>
</module>
</module>
</module>
Code example:
public class Test {
static int method(Object args) {
return AllowedClass.yourForbiddenMethod(args);
}
}
Result:
➜ src java -jar checkstyle-8.42-all.jar -c config.xml Test.java
Starting audit...
[ERROR] /src/Test.java:3:29: Avoid using deprecated method yourForbiddenMethod(). [MatchXpath]
Audit done.
Checkstyle ends with 1 errors.