Skip to content
/ zpa Public
forked from felipebz/zpa

Parser and static code analysis tool for PL/SQL and Oracle SQL.

License

Notifications You must be signed in to change notification settings

assecosee/zpa

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Z PL/SQL Analyzer - ZPA

Latest release Build Quality Gate Status

The Z PL/SQL Analyzer (or simply ZPA) is a code analyzer for PL/SQL and Oracle SQL code.

You can use it in a SonarQube on-premise instance. SonarQube is an open platform to manage code quality. This project supports SonarQube 8.9.x and newer.

See some examples in our SonarQube instance!

Do you want to use this analyzer in a project hosted on SonarCloud? Try the zpa-cli!

Installation

  • Download the latest sonar-zpa-plugin release and copy to the SONARQUBE_HOME/extensions/plugins directory;
  • Restart your SonarQube server;
  • Navigate to the Marketplace (SONARQUBE_URL/marketplace?filter=installed). It should list "Z PL/SQL Analyzer" on the tab "Installed Plugins";
  • Run an analysis with SonarScanner.

If you like to live on the bleeding edge, you can use the latest development version.

Compatibility matrix

ZPA version SonarQube version (min/max)
3.4.0 9.9 / 10.5
3.5.0 (early-access, in development) 9.9 / 10.6

ZPA Toolkit

The ZPA Toolkit is visual tool to review the AST (abstract syntax tree) and the symbol table generated by the parser.

The latest ZPA Toolkit can be downloaded from the releases page and it requires JDK 11 or newer. You can also download the latest development version.

Contribute

Everyone is welcome to contribute. Please read our contribution guidelines for more information.

There are a few things you need to know about the code. It is divided in these modules:

  • plsql-custom-rules - Demo project showing how to extend ZPA with custom coding rules.
  • sonar-zpa-plugin - The SonarQube plugin itself, this module contains all the code necessary to integrate with the SonarQube platform.
  • zpa-checks - The built-in coding rules provided by ZPA.
  • zpa-checks-testkit - Test helper for coding rules, it can be used to test custom rules.
  • zpa-core - The heart of this project. It contains the lexer, the parser and the code required to understand and process PL/SQL code.
  • zpa-toolkit - A visual tool to review the AST (abstract syntax tree) generated by the parser.

The API exposed to custom plugins must be located in the package org.sonar.plugins.plsqlopen.api (it's a requirement from the SonarQube server). The classes located outside this package are not prepared for external consumption, so if you use them, your code can break without any further notice.

Running the integration tests

There are two sets of integration tests:

To run the integrations tests, first update the submodules:

git submodule update --init --recursive

Build the main plugin and the custom rules example:

./gradlew build publishToMavenLocal
./gradlew build -p plsql-custom-rules

Then run the tests:

./gradlew integrationTest

By default, the tests will be executed using SonarQube 9.9 LTS. You can change the SonarQube version using the property sonar.runtimeVersion, passing one of LATEST_RELEASE[9.9] (for SonarQube 9.9.x LTS), LATEST_RELEASE[10.4] (latest official release) or a.b.c.d for an exact release including build number:

./gradlew integrationTest -Dsonar.runtimeVersion=LATEST_RELEASE[9.9]

About

Parser and static code analysis tool for PL/SQL and Oracle SQL.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Kotlin 64.6%
  • PLSQL 31.6%
  • HTML 2.9%
  • Other 0.9%