java - How to analyze code from other class than currently analyzed in SonarQube? -


case: i'm writing sonarqube rule needs check if manually created object being closed. when it's not, issue should raised.

let's assume part related determining if object created manually (or not) easy , not relevant. purpose of example it'll constructor call. however, there other ways instantiate kind of object, not eligible closing.

these cases cover. let's assume have following class:

public class mytype {     public void close() {         //close     } }

this first case. simple one:

public class classone {      public void methoda() {         mytype z = null;         try {             z = new mytype();             // sth         } {             z.close(); // correct use         }     }      public void methodb() {         mytype z = new mytype();         // sth         // incorrect use, should closed here     } }

second one, bit more tricky:

public class classone {      mytype creator() {         return new mytype();     }      mytype jump() {         return creator();     }      public void methoda() {         mytype z = null;         try {             z = jump();             // sth         } {             z.close(); // correct use         }     }      public void methodb() {         mytype z = jump();         // sth         // incorrect use, should closed here     } }

third case, 1 i'm not able handle:

public class classone {      public void methoda() {         mytype z = null;         try {             z = new classtwo().creator();             // sth         } {             z.close(); // correct use         }     }      public void methodb() {         mytype z = new classtwo().creator();;         // sth         // incorrect use, should closed here     } }   public class classtwo {     mytype creator() {         return new mytype();     } }

to sum up. implemented first , second case. have problem third one, since don't know how jump method declaration of other class analyze if creates object manually.

what correct way implement it? possible? (using available api of course)

both of analyzed classes belong same project , included project analysis.

short answer : available api can't solve third case.

now more detailed answer : how sonarqube java plugin runs analysis : works source file (aka compilationunit) source file , read bytecode symbols out of source resolve them even if source these symbols available analyzer. current limitation : sources analyzed in isolation 1 another.

this means that, of today, able know method called in source not have access code of method api if defined outside source.

there plans make limitation go away @ point not scheduled now.

there might workaround hacking around , complex (you can "inline" bytecode instructions or try read , parse source you're interested in) won't recommend those.


Comments

Post a Comment

Popular posts from this blog

c# - Validate object ID from GET to POST -

i have method allows user access comment have made on site. have post method lets them update comment. my normal solution send entire comment model through, let them update it, update on database when post back. involve sending commentid through in hiddenfor , can manipulated. how can verify commentid sent in get method same i'm getting in post , not able alter comment wish? how can verify commentid sent in method same i'm getting in post? basically have validate following things in post - user logged-in user. authenticated users post comments. commentid in post , should valid commentid , should present in database. userid associated logged-in user should same userid associated comment . comment should contain userid column, can check @ time of update. to make sure update happens comment has been sent in get - hold commentid in session , in post action compare commentid value in session .
Read more

node.js - Custom Model Validator SailsJS -

when using custom model validator checks record within model. return within spread doesn't seem end control flow. //post.js model /** * custom validator **/ types: { isuservalid: function(user_id) { var promise = require('bluebird'); promise.all([ user.findone({id: user_id}) ]) .spread(function(user) { console.log(user); if (user === null || user === undefined) { console.log('failed'); return false; }else{ console.log('passed'); return true; } }); } }, my response standard validation failed response. { "error": "e_validation", "status": 400, "summary": "1 attribute invalid", "model": "post", "invalidattributes": { "owner": [ { "rule": "isuservalid", ...
Read more

php - Find a regex to take part of Email -

i have following emails need extract part from: bestellnummer xxx: 1 von xxx, 1er pack ------------- anfang der nachricht ------------- foo bar baz foo bar baz // <<<<< need text here ------------- ende der nachricht ------------- ------------- anfang der nachricht ------------- foo bar baz foo bar baz ------------- ende der nachricht ------------- there 0 unlimited occurences of ------------- anfang der nachricht ------------- ------------- ende der nachricht ------------- and i'm able extract first part regex: $re = "/------------- .*? -------------.?(.*?).?------------- .*? -------------/s"; but, i'm quite new on learning regex, i'm pretty sure there must better regex extract part (foo bar baz foo bar baz) of text between ------------- anfang der nachricht ------------- ------------- ende der nachricht ------------- as can in different languages, i'm using .? to match between hyphens. i...
Read more