Sonar's Clean Code solutions help developers deliver high-quality, efficient code standards that benefit the entire team or organization.
Prerequisites:
- JDK 11
- Maven 3.0.0 or newer
The easiest way to build the Project is by running:
mvn clean install -DskipTypeshed
It builds only Java Maven modules, runs tests, and installs jar locally. The Python interpreter is not required in that case.
Prerequisites:
- JDK 11
- Maven 3.0.0 or newer
- Python 3.9 or newer
- tox -
pip install tox - Run
git submodule update --initto retrieve Typeshed and SKlearn stubs as a Git submodules. - Run the following commands to extract only the needed files for the SKlearn stubs
cd python-frontend/typeshed_serializer/resources/python-type-stubs
git sparse-checkout set stubs/sklearn
git checkout
All the above should be available in PATH.
To execute the full build just run:
mvn clean install
The full build executes Typeshed serializer script. It generates protobuf messages for Typeshed symbols (for standard Python API) and our customs symbols (for Python libraries, e.g. AWS CDK). This helps with type inference and providing better rules.
First, please configure your IDE: https://github.com/SonarSource/sonar-developer-toolset.
Each new implemented rule should have @Rule(key = "S0000") annotation on the class level.
The number of the rule can be found here: https://sonarsource.github.io/rspec/#/rspec/?lang=python.
The key is usually automatically generated by a rspec repository GitHub action
and needs to be unique in the whole project.
- Commit message should be prefixed with the ticket number.
- Working on a separate branch and creating PR when it's finished.
- Clean coded, well-tested solution, quality gate should pass.
- Fix all issues reported by SonarQube Next instance.
- 95% or more code coverage for new changes (if possible). It can be checked on the CI build.
Please check if all files have a license header.
If not, the mvn install will fail with the Some files do not have the expected license header message.
To fix that please execute: mvn license:format.
Copyright 2011-2024 SonarSource.
SonarQube analyzers released after November 29, 2024, including patch fixes for prior versions, are published under the Sonar Source-Available License Version 1 (SSALv1).
See individual files for details that specify the license applicable to each file. Files subject to the SSALv1 will be noted in their headers.
