Using SonarQube how would one implement a java import blacklist?
Using SonarQube (version 3.0) I am trying to implement a blacklist of java libraries. For example I'd like for SonarQube to generate a code smell for any java file that contains an import for org.apache.lang.StringUtils
I did find this rule: "Track uses of disallowed dependencies" however as previously stated I want to focus on the java file import statements themselves. e.g.
import org.apache.lang.StringUtils; // SonarQube should generate smell for this line
import java.awt.Component;
Ideally I'd like to maintain a centralized list of deprecated/bug causing imports that would cover the following use cases:
- Alert developer their code changes include prohibited imports
- Scan legacy code base for prohibited, potentially bug causing imports
Following David M. Karr's advice I looked through the custom rules documentation and found this template; Track uses of disallowed classes
Opening this template for configuration, there appears a note explaining that the rule parameters (in this case the class name) allows for regex - and explicitly advises to use regex when targeting packages.
The custom rule with org.apache.commons.lang.StringUtils passed to the ClassName parameter achieved the desired results stated in the question. Additionally the entire package can be targeted with org.apache.commons.lang.*
TL;DR
In SonarQube Dashboard
- Click "Rules" in main nav bar
- Search for "Track uses of disallowed classes"
- Select rule marked as "Template"
- At the bottom of the screen click "Create"
- Fill out Custom Rule configuration form, most importantly the ClassName field with either the fully qualified class e.g.
org.apache.commons.lang.StringUtilsor use regex to target an entire package e.g.org.apache.commons.lang.* - Create/Save
- Add and then Activate this new custom rule to a profile associated with the target project. (I'm sure there are other ways to do this part, this is what worked for my small project, by extending the Java SonarWay profile)
- Keep numbers which appear in both columns, in J lang
- Differentiation in J
- How to reshape an array with an arbitrary size in one dimension?
- Why is Insert (fold) right associative
- Write 4 : 'x&{.&.;: y' tacitly
- Alignment issue when printing formatted prime numbers in J language
- How can I define a verb in J that applies a different verb alternately to each atom in a list?
- How to get user input in the J programming language
- How to unbox a list of boxed lists of differing lengths in J?
- How can I fix 'noun result was required' error in J?
- In j, how can I define a verb locally in one scope and pass it to a defined adverb?
- Convert boxed array to normal array?
- Read column of CSV file as array
- Replace atom in array of strings
- What does the dyad `=` do to boxed strings?
- Index of minimum element using J
- How can I take the outer product of string vectors in J?
- Building an array of verbs in J
- Reading in multidigit command line parameter
- Amend with bond to new data shows unexpected behaviour
- How to turn a table or matrix into a (flat) list in J
- How to run dissect in J?
- How to define selection using index function in J
- How to exit the J console?
- Find 4-neighbors using J
- Writing custom verbs in J
- How do I negate a selector in J lang?
- How to use arbitrary selector in interchange in J lang?
- different result once square root is added inside tacit
- Sum of arrays with repeated indices