green-code-initiative / ecocode Goto Github PK
View Code? Open in Web Editor NEWReduce the environmental footprint of your software programs with SonarQube
Home Page: https://ecocode.io
License: GNU General Public License v3.0
Reduce the environmental footprint of your software programs with SonarQube
Home Page: https://ecocode.io
License: GNU General Public License v3.0
[ecoCode challenge 2023 - Team 28 days]
Is your feature request related to a problem? Please describe.
The i++ form has the disadvantage of generating a temporary variable during incrementation, which is not the case with the ++i form.
idea from @jycr :
SonarQuabe has a centralized repository to describe each of its rules, which is independent of the different existing implementations:
https://github.com/SonarSource/rspec
This makes it possible to have a centralized vision of the rules, and their variations according to the programming languages.
This also helps to avoid problems/conflicts in assigning identifiers (keys) for the rules.
This also makes it easier to write descriptions (in asciidoc/markdown).
Perhaps this orientation could become interesting for the future of ecoCode rules?
According to me, we should have a special meeting for this point to initiate this refactoring to :
Is your feature request related to a problem? Please describe.
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
Describe the solution you'd like
A clear and concise description of what you want to happen.
Describe alternatives you've considered
A clear and concise description of any alternative solutions or features you've considered.
Additional context
Add any other context or screenshots about the feature request here.
please take into account following optimizations for automatic release system :
Is your feature request related to a problem? Please describe.
There is a lot of implemented rules for each language in ecocode
plugin.
Maybe some rules already exist natively in SonarQube.
And second point, check the veracity of each rule :
Describe the solution you'd like
It would be good to make a verification audit to check if :
ecoCode-common
repository) with eco-design
tagDescribe alternatives you've considered
For ambiguous rules (implemented VS SonarQube native), list them and discuss about it during a core team point.
Is your feature request related to a problem? Please describe.
We migrated our source code from "CNumr" organization (https://github.com/cnumr/ecoCode) to "Green Code Initiative" organization (https://github.com/green-code-initiative/ecoCode)
Describe the solution you'd like
refactor all code source packages from "cnumr" to "greencodeinitiative"
once issue ok, please make same modifications to ecoCode-mobile
repository
Pages concerned:
Needs:
The name of the tag is in french "eco-conception".
It might be renamed as "eco-design".
It also seems like I don't have right access to the repository since it has moved. Could you please give me access to create a feature branch then the PR?
[ecoCode challenge 2023 - Team 28 days]
The shape using the quotation marks allows the developer to insert variables that will be substituted at run time. But if the string does not have a variable, use quotes instead. Thus, language will not look for variables to subtituture, which will reduce the consumption of CPU cycles.
Is your feature request related to a problem? Please describe.
Describe the solution you'd like
INSTALL.md
fileonce issue ok, please make same modifications to ecoCode-mobile
repository
Describe the bug
[INFO] Load metrics repository
[INFO] Load metrics repository (done) | time=42ms
[INFO] Sensor JavaSensor [java]
[INFO] Configured Java source version (sonar.java.source): 11
[INFO] JavaClasspath initialization
[INFO] JavaClasspath initialization (done) | time=28ms
[INFO] JavaTestClasspath initialization
[INFO] JavaTestClasspath initialization (done) | time=19ms
[INFO] Server-side caching is enabled. The Java analyzer will not try to leverage data from a previous analysis.
[INFO] Using ECJ batch to parse 34 Main java source files with batch size 266 KB.
[INFO] Starting batch processing.
[INFO] The Java analyzer cannot skip unchanged files in this context. A full analysis is performed for all files.
[ERROR] Unable to run check class fr.cnumr.java.checks.OptimizeReadFileExceptions - GRSP0028 on file 'src/main/java/BookingService.java', To help improve the SonarSource Java Analyzer, please report this problem to SonarSource: see https://community.sonarsource.com/
java.lang.ClassCastException: class org.sonar.java.model.expression.NewClassTreeImpl cannot be cast to class org.sonar.plugins.java.api.tree.TryStatementTree (org.sonar.java.model.expression.NewClassTreeImpl and org.sonar.plugins.java.api.tree.TryStatementTree are in unnamed module of loader org.sonar.classloader.ClassRealm @5339cdc6)
at fr.cnumr.java.checks.OptimizeReadFileExceptions.visitNode(OptimizeReadFileExceptions.java:41)
at org.sonar.java.model.VisitorsBridge$IssuableSubscriptionVisitorsRunner.lambda$visit$6(VisitorsBridge.java:452)
at org.sonar.java.model.VisitorsBridge$IssuableSubscriptionVisitorsRunner.lambda$forEach$9(VisitorsBridge.java:468)
at org.sonar.java.model.VisitorsBridge.runScanner(VisitorsBridge.java:265)
at org.sonar.java.model.VisitorsBridge$IssuableSubscriptionVisitorsRunner.forEach(VisitorsBridge.java:468)
at org.sonar.java.model.VisitorsBridge$IssuableSubscriptionVisitorsRunner.visit(VisitorsBridge.java:454)
at org.sonar.java.model.VisitorsBridge$IssuableSubscriptionVisitorsRunner.visitChildren(VisitorsBridge.java:438)
at org.sonar.java.model.VisitorsBridge$IssuableSubscriptionVisitorsRunner.visit(VisitorsBridge.java:458)
at org.sonar.java.model.VisitorsBridge$IssuableSubscriptionVisitorsRunner.visitChildren(VisitorsBridge.java:438)
at org.sonar.java.model.VisitorsBridge$IssuableSubscriptionVisitorsRunner.visit(VisitorsBridge.java:458)
at org.sonar.java.model.VisitorsBridge$IssuableSubscriptionVisitorsRunner.visitChildren(VisitorsBridge.java:438)
at org.sonar.java.model.VisitorsBridge$IssuableSubscriptionVisitorsRunner.visit(VisitorsBridge.java:458)
at org.sonar.java.model.VisitorsBridge$IssuableSubscriptionVisitorsRunner.visitChildren(VisitorsBridge.java:438)
at org.sonar.java.model.VisitorsBridge$IssuableSubscriptionVisitorsRunner.visit(VisitorsBridge.java:458)
at org.sonar.java.model.VisitorsBridge$IssuableSubscriptionVisitorsRunner.visitChildren(VisitorsBridge.java:438)
at org.sonar.java.model.VisitorsBridge$IssuableSubscriptionVisitorsRunner.visit(VisitorsBridge.java:458)
at org.sonar.java.model.VisitorsBridge$IssuableSubscriptionVisitorsRunner.scanFile(VisitorsBridge.java:416)
at org.sonar.java.model.VisitorsBridge.lambda$runScanner$1(VisitorsBridge.java:260)
at org.sonar.java.model.VisitorsBridge.runScanner(VisitorsBridge.java:265)
at org.sonar.java.model.VisitorsBridge.runScanner(VisitorsBridge.java:260)
at org.sonar.java.model.VisitorsBridge.visitFile(VisitorsBridge.java:243)
at org.sonar.java.ast.JavaAstScanner.simpleScan(JavaAstScanner.java:132)
at org.sonar.java.JavaFrontend.scanAsBatchCallback(JavaFrontend.java:247)
at org.sonar.java.JavaFrontend.lambda$scanBatch$0(JavaFrontend.java:238)
at org.sonar.java.model.JParserConfig$Batch$1.acceptAST(JParserConfig.java:181)
at org.eclipse.jdt.core.dom.CompilationUnitResolver.resolve(CompilationUnitResolver.java:1143)
at org.eclipse.jdt.core.dom.CompilationUnitResolver.resolve(CompilationUnitResolver.java:739)
at org.eclipse.jdt.core.dom.ASTParser.createASTs(ASTParser.java:1049)
at org.sonar.java.model.JParserConfig$Batch.parse(JParserConfig.java:165)
at org.sonar.java.JavaFrontend.scanBatch(JavaFrontend.java:238)
at org.sonar.java.JavaFrontend.scanInBatches(JavaFrontend.java:228)
at org.sonar.java.JavaFrontend.scanAsBatch(JavaFrontend.java:195)
at org.sonar.java.JavaFrontend.scan(JavaFrontend.java:170)
at org.sonar.plugins.java.JavaSensor.execute(JavaSensor.java:113)
at org.sonar.scanner.sensor.AbstractSensorWrapper.analyse(AbstractSensorWrapper.java:64)
at org.sonar.scanner.sensor.ModuleSensorsExecutor.execute(ModuleSensorsExecutor.java:88)
at org.sonar.scanner.sensor.ModuleSensorsExecutor.lambda$execute$1(ModuleSensorsExecutor.java:61)
at org.sonar.scanner.sensor.ModuleSensorsExecutor.withModuleStrategy(ModuleSensorsExecutor.java:79)
at org.sonar.scanner.sensor.ModuleSensorsExecutor.execute(ModuleSensorsExecutor.java:61)
at org.sonar.scanner.scan.SpringModuleScanContainer.doAfterStart(SpringModuleScanContainer.java:82)
at org.sonar.core.platform.SpringComponentContainer.startComponents(SpringComponentContainer.java:188)
at org.sonar.core.platform.SpringComponentContainer.execute(SpringComponentContainer.java:167)
at org.sonar.scanner.scan.SpringProjectScanContainer.scan(SpringProjectScanContainer.java:399)
at org.sonar.scanner.scan.SpringProjectScanContainer.scanRecursively(SpringProjectScanContainer.java:395)
at org.sonar.scanner.scan.SpringProjectScanContainer.doAfterStart(SpringProjectScanContainer.java:364)
at org.sonar.core.platform.SpringComponentContainer.startComponents(SpringComponentContainer.java:188)
at org.sonar.core.platform.SpringComponentContainer.execute(SpringComponentContainer.java:167)
at org.sonar.scanner.bootstrap.SpringGlobalContainer.doAfterStart(SpringGlobalContainer.java:135)
at org.sonar.core.platform.SpringComponentContainer.startComponents(SpringComponentContainer.java:188)
at org.sonar.core.platform.SpringComponentContainer.execute(SpringComponentContainer.java:167)
at org.sonar.batch.bootstrapper.Batch.doExecute(Batch.java:72)
at org.sonar.batch.bootstrapper.Batch.execute(Batch.java:66)
at org.sonarsource.scanner.api.internal.batch.BatchIsolatedLauncher.execute(BatchIsolatedLauncher.java:46)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:566)
at org.sonarsource.scanner.api.internal.IsolatedLauncherProxy.invoke(IsolatedLauncherProxy.java:60)
at com.sun.proxy.$Proxy24.execute(Unknown Source)
at org.sonarsource.scanner.api.EmbeddedScanner.doExecute(EmbeddedScanner.java:185)
at org.sonarsource.scanner.api.EmbeddedScanner.execute(EmbeddedScanner.java:137)
at org.sonarsource.scanner.maven.bootstrap.ScannerBootstrapper.execute(ScannerBootstrapper.java:65)
at org.sonarsource.scanner.maven.SonarQubeMojo.execute(SonarQubeMojo.java:104)
at org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo(DefaultBuildPluginManager.java:134)
at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:208)
at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:154)
at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:146)
at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:117)
at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:81)
at org.apache.maven.lifecycle.internal.builder.singlethreaded.SingleThreadedBuilder.build(SingleThreadedBuilder.java:51)
at org.apache.maven.lifecycle.internal.LifecycleStarter.execute(LifecycleStarter.java:128)
at org.apache.maven.DefaultMaven.doExecute(DefaultMaven.java:309)
at org.apache.maven.DefaultMaven.doExecute(DefaultMaven.java:194)
at org.apache.maven.DefaultMaven.execute(DefaultMaven.java:107)
at org.apache.maven.cli.MavenCli.execute(MavenCli.java:955)
at org.apache.maven.cli.MavenCli.doMain(MavenCli.java:290)
at org.apache.maven.cli.MavenCli.main(MavenCli.java:194)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:566)
at org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced(Launcher.java:289)
at org.codehaus.plexus.classworlds.launcher.Launcher.launch(Launcher.java:229)
at org.codehaus.plexus.classworlds.launcher.Launcher.mainWithExitCode(Launcher.java:415)
at org.codehaus.plexus.classworlds.launcher.Launcher.main(Launcher.java:356)
[INFO] Did not optimize analysis for any files, performed a full analysis for all 4 files.
To Reproduce
Steps to reproduce the behavior:
Run command : mvn clean verify sonar:sonar -Dsonar.projectKey=GreenIT -Dsonar.host.url=http://localhost:9000 -Dsonar.login=sqp_xxxxxxx
Expected behavior
Full scan
Screenshots
If applicable, add screenshots to help explain your problem.
Software Versions
[ecoCode challenge 2023 - Team 28 days]
The shape using the quotation marks allows the developer to insert variables that will be substituted at run time. But if the string does not have a variable, use quotes instead. Thus, language will not look for variables to subtituture, which will reduce the consumption of CPU cycles.
Is your feature request related to a problem? Please describe.
Currently, plugin requires a 11 JDK at minimum. But, many societies still uses a 1.8 JDK.
check #57
Describe the solution you'd like
Check if possible to make plugin 1.8 JDK compatible with a minimum code modifications.
it would be very useful to add those plugins on the SonarQube Marketplace.
The procedure is relatively straightforward. See: https://github.com/SonarSource/sonar-update-center-properties
If you are OK with this idea, and if you wish, I can do the work for you.
Describe the bug
when automatic workflow build is launched when a PR is created or updated, it crashes when it try to communicate with SonarCloud.io to send metrics.
To Reproduce
Update or create a PR from a fork branch and check build workflow.
Expected behavior
The build workflow is OK and SonarCloud.io is updated with the new branch from fork
Screenshots
the error :
... Caused by: org.sonar.api.utils.MessageException: Project not found. Please check the 'sonar.projectKey' and 'sonar.organization' properties, the 'SONAR_TOKEN' environment variable, or contact the project administrator
Solution idea : upgrade build workflow to give the name branch
there are two files to declare rules definition on PHP plugin : PhpRuleRepository
and PhpRulesDefinition
.
But, actually, PhpRuleRepository
is really used in PHPPlugin
.
But there is a unit test for PhpRulesDefinition
and no unit test for PhpRuleRepository
.
After PR #79 merged, correct this pb of duplicated classes and unit tests.
check if rules are also raised by SonarLint plugin on developer IDE.
after a quick check on ecoCode-java-test-project
, there is no ecoCode
rules used and thus not raised. Cause : project not binded on a real Sonar project to synchronize all rules.
one way : to send real test projects to ecoCode sonarcloud instance (like done for ecoCode plugins) and then bind local IDE project to this sonarcloud project.
once ok for Java, check for other languages plugins
Nous allons regarder cette règle équipe 4kms/an
The fat Team 800Kg will implement this rules.
Is your feature request related to a problem? Please describe.
The java rule Avoid using global variables
with id cnumr-java:D4
isn't really "good" for our society for different reasons :
Regex patterns should not be created needlessly
(id : java:S4248
) : please see captureplease check also rule Avoid using Pattern.compile() in a non-static context.
(id cnumr-java:S77
) because it's quite against the rule Avoid using global variables
(id cnumr-java:D4
)
Describe the solution you'd like
what is your point of view @glalloue, @jules-delecour-dav, @jhertout, @olegoaer, @mdubois81 ?
Describe the bug
currently, there are :
INSTALL.md
that contains all technical documentation to install and use plugins for development environnmentstarter-pack.md
with some "starter" documentation but also for development environmentExpected behavior
Clarify and upgrade an installation documentation without dealing with development environment, only for using in SonarQube (install on SonarQube, config SonarQube quality profile with custom script or not)
First of all, thank you for your work!
After an analysis, no ecocode code smells appears in my Sonar project :
I added the ecocode-php-plugin-0.2.2.jar in the extensions/plugins directory.
All rules appears in my quality profiles and I've activate them.
My project use the good quality PHP ecoCode profile where I use those rules.
But when I add some dirty code on my Symfony project ie :
Only basic sonar way code smell is detected.
Do I missed something in my Sonar configuration?
Thanks a lot for your answer
Software Versions
Guillaume
Describe the bug
When I download the latest jar files release from github, it's not the same version printed by sonarqube after loading.
It can make confusion with users.
Expected behavior
Versions have to be the same between releases github and the pom version from jar files.
Screenshots
Additional context
Something like mvn versions:set -DnewVersion=XX.XX
have to be done inside github workflow before releasing.
Is your feature request related to a problem? Please describe.
currently, when a developer create a new rule in the plugin, he can test it with unit tests but not on a real SonarQube environment.
Describe the solution you'd like
Create a new project / repository containing an example application (one by language ?) which can be used to push on local development SonarQube environment to check if the new rule is OK.
It would be an integration test.
Maybe we can use all current source files used in unit tests.
Currently SonarCloud raise a security error because of java.util.regex.Pattern.compile(…)
.
To correct it, we can use com.google.re2j.Pattern.compile(…)
but it is available with com.google.re2j.Pattern.compile(…)
external dependency.
But regarding SonarQube plugin development best practices, we can't use external dependencies for runtime :(
Follow discussion with Sonar support : https://community.sonarsource.com/t/custom-plugin-cant-use-external-maven-dependency/85967
once a solution is here, check other plugins
When i install plugins on sonarqube instance, homage link is broken :
** How to reproduce**
Steps to reproduce the behavior:
Expected behavior
Link to the good folder associated to the selected plugin.
Screenshots
see above
Software Versions
Additional context
The IncrementCheck seems irrelevant since the java compiler produces the same byte code in many cases.
Steps to reproduce the behavior:
Is your feature request related to a problem? Please describe.
The java rule The variable exception is not assigned
with id cnumr-java:S63
isn't really "good" for our society becasue the argument to change delete the variable is not relevant. try-catch
statement in Java language use a temporary variable in catch
statement. Please see followed captures :
Describe the solution you'd like
what is your point of view @glalloue, @jules-delecour-dav, @jhertout, @olegoaer, @mdubois81 ?
Hello,
I downloaded the latest source code release (0.2.2) as a tgz archive.
I followed the guide and started by building the plugins with ./tool_build.sh
.
Then I launched the docker-compose with ./tool_docker-init.sh
.
As we can see in the docker-compose file, we're looking for the version 0.2.3 of the plugins which don't exist because we have built the 0.2.2 versions.
volumes:
- type: bind
source: ./java-plugin/target/ecocode-java-plugin-0.2.3-SNAPSHOT.jar
target: /opt/sonarqube/extensions/plugins/ecocode-java-plugin-0.2.3-SNAPSHOT.jar
$ ll java-plugin/target/
total 5840
drwxr-xr-x 9 j.buiquang utilisa. du domaine 4096 févr. 28 11:03 ./
drwxrwxr-x 4 j.buiquang utilisa. du domaine 4096 févr. 28 11:03 ../
drwxr-xr-x 3 j.buiquang utilisa. du domaine 4096 févr. 28 11:03 classes/
-rw-r--r-- 1 j.buiquang utilisa. du domaine 5854022 févr. 28 11:03 ecocode-java-plugin-0.2.2.jar
# ...
I also found that the target are generated without the "SNAPSHOT" suffix.
Describe the bug
please check the analysis in SonarCloud : https://sonarcloud.io/project/security_hotspots?id=green-code-initiative_ecoCode&sinceLeakPeriod=true
Expected behavior
No security issue in SonarCloud
Team 5R
An automated container build was added by #72 but only amd64 platform was addressed (I was sure it was the only SonarQube supported platform).
To add this support, we need to find a workaround for building, because the actual used maven image doesn't support ARMv8. So we need to find a supported tag, or to build only on amd64 (and it would better to only build once) and put the jars in SQ containers.
(I can't assign myself, but I can manage to do it)
The ./check_requirement.sh script return error when 3.9.0 version from maven is installed.
Max version installed is supposed to be 3.8.7
3.9.0 version has been released January 31 this year.
So many developers can use this version and maybe they already installed it before next hackaton event.
Proposal for support by the team 17%. We think we can develop it quickly.
(TO BE MEASURED)
The Rule EC75 about String concatenation in a loop is said "Not applicable" for Python, but there actually is a way to generate strings that might be a better manner than concatenation in a loop: creating a list of string using a list comprehension then calling the join() built-in.
Non-compliant code example:
s = ""
for fruit in fruits:
s += fruit.name
Compliant code example:
l = [fruit.name for fruit in fruits]
"".join(l)
The new SonarQube version 9.9 has just been released.
Check installation of plugins and upgrade documentation / docker image if all is ok.
Create the same issue on other repositories if all is ok.
Describe the bug
We use Sonar 8 for multiples Project in our Company.
Since the installation of the plugin ecocode ( version 0.1.1 ) , users get errors on scanning Legacy projects that run with Java 8 :
This is the error occured :
[ERROR] Failed to execute goal org.sonarsource.scanner.maven:sonar-maven-plugin:3.7.0.1746:sonar (default-cli) on project pfx-aggregator: The plugin [ecocodepythonplugin] does not support Java 1.8.0_282: fr/cnumr/python/CustomPythonRulesPlugin has been compiled by a more recent version of the Java Runtime (class file version 55.0), this version of the Java Runtime only recognizes class file versions up to 52.0 -> [Help 1]
[ERROR]
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR]
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/MojoExecutionException
[ERROR]
[ERROR] After correcting the problems, you can resume the build with the command
[ERROR] mvn -rf :pfx-aggregator
Team 5R
Describe the bug
When we build plugin (using tool_build.sh
script), informations are note up-to-date.
Example for java-plugin :
--- sonar-packaging-maven-plugin:1.21.0.505:sonar-plugin (default-sonar-plugin) @ ecocode-python-plugin ---
[INFO] -------------------------------------------------------
[INFO] Plugin definition in update center
[INFO] Key: ecocodepythonplugin
[INFO] Name: ecoCode Python Sonar Plugin
[INFO] Description: Les règles s'appuient sur l'édition 3 du livre "Ecoconception Web / Les 115 bonnes pratiques" => https://collectif.greenit.fr/ecoconception-web/115-bonnes-pratiques-eco-conception_web.html
[INFO] Version: 0.2.2-SNAPSHOT
[INFO] Display Version: 0.2.2-SNAPSHOT
[INFO] Entry-point Class: fr.cnumr.python.CustomPythonRulesPlugin
[INFO] Required Plugins:
[INFO] Does the plugin support SonarLint?: true
[INFO] Use Child-first ClassLoader: false
[INFO] Base Plugin: python
[INFO] Homepage URL:
[INFO] Minimal SonarQube Version: 9.4.0.54424
[INFO] Licensing: GPL v3
[INFO] Organization: CNumR
[INFO] Organization URL: https://collectif.greenit.fr
[INFO] Terms and Conditions:
[INFO] Issue Tracker URL: https://github.com/green-code-initiative/ecocode/issues
[INFO] Build date: 2023-01-04T08:57:25+0100
[INFO] Sources URL: https://github.com/green-code-initiative/ecocode/ecocode-python-plugin
[INFO] Developers:
[INFO] Minimal JRE Specification Version:
[INFO] Minimal Node.js Version:
[INFO] Skip packaging of dependencies
[INFO] -------------------------------------------------------
[INFO] Building jar: /Users/ddecarvalho/git_perso/ecocode/python-plugin/target/ecocode-python-plugin-0.2.2-SNAPSHOT.jar
To Reproduce
Launch locally tool_build.sh
script
Expected behavior
Lack of information :
When ok in this repository, please make same modifications into ecoCode-mobile
repository
Software Versions
Is your feature request related to a problem? Please describe.
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
Describe the solution you'd like
A clear and concise description of what you want to happen.
Describe alternatives you've considered
A clear and concise description of any alternative solutions or features you've considered.
Additional context
Add any other context or screenshots about the feature request here.
Describe the bug
when we launch a SonarQube analysis, there is a lot of exception on ecocode plugin. Then, the analysis crashes and this stops and CI/CD pipeline.
please see examples above.
To Reproduce
JDK 17
Gradle
example command launched : gradle --no-daemon sonarqube -Dsonar.qualitygate.wait=true -Dsonar.branch.name=release-4.1 -Pspring.test.config=/builds/contenu/rcc/rcc/.gradle/test.properties
@dedece35 can give some example source code if need (to test it)
Expected behavior
Analysis in succes without exceptions.
Once correction OK, upgrade (if possible) SonarQube checks in code to avoid this kind of issue (make an audit of each rule to check Class Casts).
Screenshots
Please see log file.
Software Versions
Describe the bug
I can't force to obtain this code smell: Avoid multiple if-else statement for a Java project.
To Reproduce
Steps to reproduce the behavior:
./gradlew sonarqube -Dsonar.projectKey=KC-Spring-Native -Dsonar.host.url=http://localhost:9000/ -Dsonar.login=<token_generated>
sonar_standard | 2022.12.16 23:57:39 INFO ce[][o.s.c.t.CeWorkerImpl] Execute task | project=KC-Spring-Native | type=REPORT | id=AYUdXzh92hVIDeT3_WTc | submitter=admin sonar_standard | 2022.12.16 23:57:41 INFO ce[AYUdXzh92hVIDeT3_WTc][o.s.c.t.s.ComputationStepExecutor] Extract report | status=SUCCESS | time=178ms ... sonar_standard | 2022.12.16 23:57:59 INFO ce[AYUdXzh92hVIDeT3_WTc][o.s.c.t.p.a.p.PostProjectAnalysisTasksExecutor] Webhooks | globalWebhooks=0 | projectWebhooks=0 | status=SUCCESS | time=42ms sonar_standard | 2022.12.16 23:58:00 INFO ce[AYUdXzh92hVIDeT3_WTc][o.s.c.t.CeWorkerImpl] Executed task | project=KC-Spring-Native | type=REPORT | id=AYUdXzh92hVIDeT3_WTc | submitter=admin | status=SUCCESS | time=20734ms
TOKEN=<token_generated> docker-compose start
Expected behavior
I expected to see an output similar to these one (but oriented to the Avoid multiple if-else statement), as follow:
Screenshots
See previous ones.
Software Versions
Additional context
platform: linux/amd64
type: bind source: ./php-plugin/target/ecocode-php-plugin-0.1.0-SNAPSHOT.jar target: /opt/sonarqube/extensions/plugins/ecocode-php-plugin-0.1.0-SNAPSHOT.jar type: bind source: ./python-plugin/target/ecocode-python-plugin-0.1.0-SNAPSHOT.jar target: /opt/sonarqube/extensions/plugins/ecocode-python-plugin-0.1.0-SNAPSHOT.jar
Thanks in advance for your support!
Is your feature request related to a problem? Please describe.
The java rule using a switch statement instead of multiple if-else conditions (more than one)
with id cnumr-java:AMIES
isn't really "good" for our society because the argument to change a single if
statement to a switch
statement is really not good. Please see followed captures :
Describe the solution you'd like
what is your point of view @glalloue, @jules-delecour-dav, @jhertout, @olegoaer, @mdubois81 ?
We build the java ecocode plugin from the repository, put it in the extension folder of our 9.9 sonarqube (the latest version), restarted sonarqube.
The plugin can be seen in the administration panel, in the installed plugin section.
However, none of the rules are applied. I tested it on faulty code, (copying some of the code described as non compliant in the rules), and the ecodesign and ecocode tag are never shown.
Is there something specific to do to make the plugin work ?
Describe the bug
A clear and concise description of what the bug is.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
A clear and concise description of what you expected to happen.
Screenshots
If applicable, add screenshots to help explain your problem.
Software Versions
Additional context
Add any other context about the problem here.
I installed the plugin in my local SonarQube installation (v9.9).
I activated the "eco-conception" rules in my Quality Profile:
This Quality Profile is well "applied" to my project.
But the rules are no detecting code smells on my Python code :
Example in screenshot above for rules:
In order for the request for publication of the plugin on the SonarSource Marketplace (see: #63) to be validated, the "Quality Gate" must be "passed".
The latest analysis shows that a "Security Hotspot" must be fix:
Is your feature request related to a problem? Please describe.
There is a lack on releasing automatically our plugin and make available plugin Jars with a tagged version.
Describe the solution you'd like
Use Github workflows to do automaticaly a release on push tag event
Describe alternatives you've considered
No other alternatives because it seems to be the best practice on github open-source projects
Additional context
The release notes would be automatically got from CHANGELOG.md
file.
the same issue for ecocode-mobile
project : green-code-initiative/ecoCode-android#12
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.