sonar-android-plugin
sonar-android-plugin copied to clipboard
jvilya
SonarQube plugin for supporting Android Lint
SonarQube Android Lint Plugin
SonarQube plugin for supporting Android Lint
Features
- Integrates Android Lint for static code analysis
- Up to date rules (1 vulnerability, 88 bugs, 224 code smells - 313 in total)
- Supports SonarQube 6.7.7 and up
Plans
- Add support of custom lint checks
- Implement sensor that runs Android Lint analysis on its own (not just parsing
lint-results.xmlfile)
Settings
To specify Android Lint report file you can use sonar.android.lint.reportPaths property. It's comma-delimited list of paths to AndroidLint reports.
For example, in the project configuration
sonarqube {
properties {
property "sonar.android.lint.reportPaths", "build/reports/lint-results.xml"
}
}
or SonarQube's project settings
Usage
Get the latest version from the Releases Page. Put the jar
to
$SONAR_HOME/extensions/plugins folder. Restart SonarQube.
Or build plugin by yourself
git clone https://github.com/jvilya/sonar-android-plugincd sonar-android-pluginmvn packagecp target/sonar-android-lint-[enter_version].jar $SONAR_HOME/extensions/pluginscd $SONAR_HOME/bin/[your_os]./sonar.sh restart
Why?
There are several similar projects.
One of them is Android Lint Plugin. But it's too old - the last commit was more than 4 years ago. Also, it doesn't support a lot of new rules provided by Android Lint.
Another one is SLang with Kotlin Plugin.
It allows you to import Android Lint issues as external. You can read more about this type of issues here -
Importing Third-Party Issues.
The support of external issues looks nice if you are ok with its limitations:
- you can't manage them within SonarQube; for instance, there is no ability to mark them False Positive.
- you can't manage the activation of the rules that raise these issues within SonarQube. External rules aren't visible on the Rules page or reflected in Quality Profiles.
- external issues and the rules that raise them must be managed in the configuration of your linter.
As a result, this plugin was developed for providing the native SonarQube's experience to work with Android Lint issues.
jvilya