diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml index 827c40c..70fc885 100644 --- a/.github/workflows/maven.yml +++ b/.github/workflows/maven.yml @@ -15,12 +15,12 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Set up JDK 11 - uses: actions/setup-java@v2 + uses: actions/setup-java@v3 with: java-version: 11 distribution: temurin - name: Build with Maven - run: mvn clean package javadoc:jar verify spotless:check + run: mvn clean package source:jar javadoc:jar verify spotless:check timeout-minutes: 10 diff --git a/.github/workflows/sonarcloud.yml b/.github/workflows/sonarcloud.yml index fb43fa5..a9aef74 100644 --- a/.github/workflows/sonarcloud.yml +++ b/.github/workflows/sonarcloud.yml @@ -1,4 +1,4 @@ -name: Analyze by SonarCloud +name: SonarCloud on: push: branches: @@ -7,25 +7,25 @@ on: types: [opened, synchronize, reopened] jobs: build: - name: Build + name: Build and analyze runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 with: fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis - - name: Set up JDK 11 - uses: actions/setup-java@v1 + - name: Set up JDK 17 + uses: actions/setup-java@v3 with: - java-version: 11 - distribution: temurin + java-version: 17 + distribution: 'zulu' - name: Cache SonarCloud packages - uses: actions/cache@v1 + uses: actions/cache@v3 with: path: ~/.sonar/cache key: ${{ runner.os }}-sonar restore-keys: ${{ runner.os }}-sonar - name: Cache Maven packages - uses: actions/cache@v1 + uses: actions/cache@v3 with: path: ~/.m2 key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} @@ -34,4 +34,5 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - run: mvn -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=philippefichet_sonarlint4netbeans \ No newline at end of file + # -Dsonar.java.fileByFile=true to avoid "ECJ Unable to resolve type XXX" + run: mvn -B verify sonar:sonar -Dsonar.projectKey=philippefichet_sonarlint4netbeans -Dsonar.java.fileByFile=true \ No newline at end of file diff --git a/pom.xml b/pom.xml index 8cde2c7..5bb46bd 100644 --- a/pom.xml +++ b/pom.xml @@ -49,7 +49,7 @@ org.apache.netbeans.utilities nbm-maven-plugin - 4.7 + 4.8 true Lesser GPL 2.1 @@ -70,7 +70,7 @@ org.apache.maven.plugins maven-compiler-plugin - 3.10.1 + 3.11.0 11 11 @@ -80,7 +80,7 @@ org.apache.maven.plugins maven-surefire-plugin - 3.0.0-M7 + 3.2.1 false @@ -112,7 +112,7 @@ org.jacoco jacoco-maven-plugin - 0.8.8 + 0.8.10 prepare-agent @@ -141,7 +141,7 @@ org.pitest pitest-maven - 1.7.5 + 1.15.1 true com.github.philippefichet.sonarlint4netbeans.SonarLintEngineImplJavascriptPluginTest @@ -150,7 +150,7 @@ org.pitest pitest-junit5-plugin - 0.15 + 1.2.0 @@ -158,7 +158,7 @@ io.qameta.allure allure-maven - 2.11.2 + 2.12.0 ${io.qameta.allure.version} @@ -166,7 +166,7 @@ org.apache.maven.plugins maven-jar-plugin - 3.2.2 + 3.3.0 ${project.build.outputDirectory}/META-INF/MANIFEST.MF @@ -176,29 +176,21 @@ org.apache.maven.plugins maven-javadoc-plugin - 3.3.2 + 3.6.0 org.apache.maven.plugins maven-source-plugin - 3.2.1 + 3.3.0 UTF-8 source - - - attach-sources - - jar - - - com.diffplug.spotless spotless-maven-plugin - 2.22.0 + 2.40.0 UTF-8 UNIX @@ -213,7 +205,7 @@ org.apache.maven.plugins maven-gpg-plugin - 3.0.1 + 3.1.0 --no-tty @@ -226,7 +218,7 @@ org.apache.maven.plugins maven-release-plugin - 3.0.0-M4 + 3.0.1 -Dgpg.passphrase=${gpg.passphrase} -Dgpg.homedir=${gpg.homedir} -Dgpg.useagent=false -Dgpg.executable=${gpg.executable} clean verify package javadoc:jar gpg:sign install:install deploy:deploy @@ -235,7 +227,7 @@ org.owasp dependency-check-maven - 8.0.1 + 8.4.0 false false @@ -248,23 +240,28 @@ + + org.sonarsource.scanner.maven + sonar-maven-plugin + 3.10.0.2594 + org.sonarsource.sonarlint.core sonarlint-core - 8.11.0.56591 + 9.3.1.74774 org.sonarsource.javascript nodejs-utils - 9.9.0.19492 + 9.13.0.20537 com.google.code.gson gson - 2.9.1 + 2.10.1 org.apache.commons @@ -465,11 +462,11 @@ UTF-8 RELEASE130 - 1.9.7 + 1.9.20.1 3.23.1 - 4.4.0 - 2.20.1 - 5.9.1 + 4.8.1 + 2.24.0 + 5.10.0 1.7.36 diff --git a/src/main/java/com/github/philippefichet/sonarlint4netbeans/SonarLintEngineImpl.java b/src/main/java/com/github/philippefichet/sonarlint4netbeans/SonarLintEngineImpl.java index c93b06d..ade67f5 100644 --- a/src/main/java/com/github/philippefichet/sonarlint4netbeans/SonarLintEngineImpl.java +++ b/src/main/java/com/github/philippefichet/sonarlint4netbeans/SonarLintEngineImpl.java @@ -64,16 +64,16 @@ public final class SonarLintEngineImpl implements SonarLintEngine { private static final Logger LOG = Logger.getLogger(SonarLintEngineImpl.class.getName()); - // https://search.maven.org/artifact/org.sonarsource.java/sonar-java-plugin/ - private static final String SONAR_JAVA_PLUGIN_VERSION = "7.15.0.30507"; - // https://search.maven.org/artifact/org.sonarsource.javascript/sonar-javascript-plugin/ - private static final String SONAR_JAVASCRIPT_PLUGIN_VERSION = "9.11.1.20218"; - // https://search.maven.org/artifact/org.sonarsource.php/sonar-php-plugin/ - private static final String SONAR_PHP_PLUGIN_VERSION = "3.25.0.9077"; - // https://search.maven.org/artifact/org.sonarsource.html/sonar-html-plugin/ - private static final String SONAR_HTML_PLUGIN_VERSION = "3.6.0.3106"; - // https://search.maven.org/artifact/org.sonarsource.xml/sonar-xml-plugin/ - private static final String SONAR_XML_PLUGIN_VERSION = "2.6.1.3686"; + // https://central.sonatype.com/artifact/org.sonarsource.java/sonar-java-plugin + private static final String SONAR_JAVA_PLUGIN_VERSION = "7.24.0.32100"; + // https://central.sonatype.com/artifact/org.sonarsource.javascript/sonar-javascript-plugin + private static final String SONAR_JAVASCRIPT_PLUGIN_VERSION = "10.7.0.22914"; + // https://central.sonatype.com/artifact/org.sonarsource.php/sonar-php-plugin + private static final String SONAR_PHP_PLUGIN_VERSION = "3.32.0.10180"; + // https://central.sonatype.com/artifact/org.sonarsource.html/sonar-html-plugin + private static final String SONAR_HTML_PLUGIN_VERSION = "3.9.0.3600"; + // https://central.sonatype.com/artifact/org.sonarsource.xml/sonar-xml-plugin + private static final String SONAR_XML_PLUGIN_VERSION = "2.10.0.4108"; private static final String PREFIX_PREFERENCE_RULE_PARAMETER = "rules.parameters."; private static final String PREFIX_EXCLUDE_RULE = "excludedRules"; private static final String PREFIX_RUNTIME_EXTRA_PROPERTIES_PREFERENCE = "extraProperties"; diff --git a/src/main/sonar/plugins/sonar-html-plugin-3.6.0.3106.jar b/src/main/sonar/plugins/sonar-html-plugin-3.6.0.3106.jar deleted file mode 100644 index 0903530..0000000 Binary files a/src/main/sonar/plugins/sonar-html-plugin-3.6.0.3106.jar and /dev/null differ diff --git a/src/main/sonar/plugins/sonar-html-plugin-3.9.0.3600.jar b/src/main/sonar/plugins/sonar-html-plugin-3.9.0.3600.jar new file mode 100644 index 0000000..18a15b2 Binary files /dev/null and b/src/main/sonar/plugins/sonar-html-plugin-3.9.0.3600.jar differ diff --git a/src/main/sonar/plugins/sonar-java-plugin-7.15.0.30507.jar b/src/main/sonar/plugins/sonar-java-plugin-7.24.0.32100.jar similarity index 77% rename from src/main/sonar/plugins/sonar-java-plugin-7.15.0.30507.jar rename to src/main/sonar/plugins/sonar-java-plugin-7.24.0.32100.jar index 9e59edd..e8a0816 100644 Binary files a/src/main/sonar/plugins/sonar-java-plugin-7.15.0.30507.jar and b/src/main/sonar/plugins/sonar-java-plugin-7.24.0.32100.jar differ diff --git a/src/main/sonar/plugins/sonar-javascript-plugin-9.11.1.20218.jar b/src/main/sonar/plugins/sonar-javascript-plugin-10.7.0.22914.jar similarity index 65% rename from src/main/sonar/plugins/sonar-javascript-plugin-9.11.1.20218.jar rename to src/main/sonar/plugins/sonar-javascript-plugin-10.7.0.22914.jar index e540f90..6d93858 100644 Binary files a/src/main/sonar/plugins/sonar-javascript-plugin-9.11.1.20218.jar and b/src/main/sonar/plugins/sonar-javascript-plugin-10.7.0.22914.jar differ diff --git a/src/main/sonar/plugins/sonar-php-plugin-3.25.0.9077.jar b/src/main/sonar/plugins/sonar-php-plugin-3.32.0.10180.jar similarity index 57% rename from src/main/sonar/plugins/sonar-php-plugin-3.25.0.9077.jar rename to src/main/sonar/plugins/sonar-php-plugin-3.32.0.10180.jar index f7207ac..e2eed3e 100644 Binary files a/src/main/sonar/plugins/sonar-php-plugin-3.25.0.9077.jar and b/src/main/sonar/plugins/sonar-php-plugin-3.32.0.10180.jar differ diff --git a/src/main/sonar/plugins/sonar-xml-plugin-2.6.1.3686.jar b/src/main/sonar/plugins/sonar-xml-plugin-2.10.0.4108.jar similarity index 79% rename from src/main/sonar/plugins/sonar-xml-plugin-2.6.1.3686.jar rename to src/main/sonar/plugins/sonar-xml-plugin-2.10.0.4108.jar index 4ed5663..e6881b5 100644 Binary files a/src/main/sonar/plugins/sonar-xml-plugin-2.6.1.3686.jar and b/src/main/sonar/plugins/sonar-xml-plugin-2.10.0.4108.jar differ diff --git a/src/test/java/com/github/philippefichet/sonarlint4netbeans/DefaultIssueTestImpl.java b/src/test/java/com/github/philippefichet/sonarlint4netbeans/DefaultIssueTestImpl.java index 047b99e..f6f1509 100644 --- a/src/test/java/com/github/philippefichet/sonarlint4netbeans/DefaultIssueTestImpl.java +++ b/src/test/java/com/github/philippefichet/sonarlint4netbeans/DefaultIssueTestImpl.java @@ -20,14 +20,20 @@ package com.github.philippefichet.sonarlint4netbeans; import java.util.List; +import java.util.Map; +import java.util.Optional; import org.assertj.core.groups.Tuple; import org.sonarsource.sonarlint.core.analysis.api.ClientInputFile; import org.sonarsource.sonarlint.core.analysis.api.Flow; import org.sonarsource.sonarlint.core.analysis.api.QuickFix; import org.sonarsource.sonarlint.core.client.api.common.analysis.Issue; +import org.sonarsource.sonarlint.core.commons.CleanCodeAttribute; +import org.sonarsource.sonarlint.core.commons.ImpactSeverity; import org.sonarsource.sonarlint.core.commons.IssueSeverity; import org.sonarsource.sonarlint.core.commons.RuleType; +import org.sonarsource.sonarlint.core.commons.SoftwareQuality; import org.sonarsource.sonarlint.core.commons.TextRange; +import org.sonarsource.sonarlint.core.commons.VulnerabilityProbability; /** * @@ -128,14 +134,34 @@ public TextRange getTextRange() { throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates. } + @Override + public String toString() { + return "DefaultIssueTestImpl{" + "severity=" + severity + ", type=" + type + ", ruleKey=" + ruleKey + ", startLine=" + startLine + ", endLine=" + endLine + ", startLineOffset=" + startLineOffset + ", endLineOffset=" + endLineOffset + ", clientInputFile=" + clientInputFile + '}'; + } + @Override public List quickFixes() { throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates. } @Override - public String toString() { - return "DefaultIssueTestImpl{" + "severity=" + severity + ", type=" + type + ", ruleKey=" + ruleKey + ", startLine=" + startLine + ", endLine=" + endLine + ", startLineOffset=" + startLineOffset + ", endLineOffset=" + endLineOffset + ", clientInputFile=" + clientInputFile + '}'; + public Optional getCleanCodeAttribute() { + throw new UnsupportedOperationException("Not supported yet."); // Generated from nbfs://nbhost/SystemFileSystem/Templates/Classes/Code/GeneratedMethodBody + } + + @Override + public Map getImpacts() { + throw new UnsupportedOperationException("Not supported yet."); // Generated from nbfs://nbhost/SystemFileSystem/Templates/Classes/Code/GeneratedMethodBody + } + + @Override + public Optional getRuleDescriptionContextKey() { + throw new UnsupportedOperationException("Not supported yet."); // Generated from nbfs://nbhost/SystemFileSystem/Templates/Classes/Code/GeneratedMethodBody + } + + @Override + public Optional getVulnerabilityProbability() { + throw new UnsupportedOperationException("Not supported yet."); // Generated from nbfs://nbhost/SystemFileSystem/Templates/Classes/Code/GeneratedMethodBody } public static class Builder