SonarQube plugin for supporting Android Lint
- Integrates Android Lint for static code analysis
- Up to date rules (1 vulnerability, 88 bugs, 224 code smells - 313 in total)
- Supports SonarQube 6.7.7 and up
- Add support of custom lint checks
- Implement sensor that runs Android Lint analysis on its own (not just parsing
lint-results.xml
file)
To specify Android Lint report file you can use sonar.android.lint.reportPaths
property. It's comma-delimited list of paths to AndroidLint reports.
For example, in the project configuration
sonarqube {
properties {
property "sonar.android.lint.reportPaths", "build/reports/lint-results.xml"
}
}
or SonarQube's project settings
Get the latest version from the Releases Page. Put the jar
to
$SONAR_HOME/extensions/plugins
folder. Restart SonarQube.
Or build plugin by yourself
git clone https://github.com/jvilya/sonar-android-plugin
cd sonar-android-plugin
mvn package
cp target/sonar-android-lint-[enter_version].jar $SONAR_HOME/extensions/plugins
cd $SONAR_HOME/bin/[your_os]
./sonar.sh restart
There are several similar projects.
One of them is Android Lint Plugin. But it's too old - the last commit was more than 4 years ago. Also, it doesn't support a lot of new rules provided by Android Lint.
Another one is SLang with Kotlin Plugin.
It allows you to import Android Lint issues as external
. You can read more about this type of issues here -
Importing Third-Party Issues.
The support of external issues looks nice if you are ok with its limitations:
- you can't manage them within SonarQube; for instance, there is no ability to mark them False Positive.
- you can't manage the activation of the rules that raise these issues within SonarQube. External rules aren't visible on the Rules page or reflected in Quality Profiles.
- external issues and the rules that raise them must be managed in the configuration of your linter.
As a result, this plugin was developed for providing the native SonarQube's experience to work with Android Lint issues.