Disclaimer : I have tried to post this message on the users mailing list of Sonar.
We are using SonarQube 4.5.1 and encountered an issue this morning on some project using the property sonar.java.binaries.
We updated the version of the java plugin yesterday to 2.8 (we were using 2.5.1 before).
The error in the analysis is :
[ERROR] [20:43:58.997] Invalid value for sonar.java.binaries
[ERROR] No files nor directories matching '/PATH_TO_JENKINS_WORKSPACES/sonar/PROJECT_NAME/release/PROJECT_JAR.jar'
In the pom.xml, sonar.java.binaries property is valued with : ${basedir}/release/${project.artifactId}.jar
Variables changes is good on analysis and jar exists in the repository.
Here is my investigation :
When getting back to version 2.5.1, sonar analysis is OK
When using version 2.8, if sonar.java.binaries points straightly to a jar file, analysis is KO
When using version 2.8, if sonar.java.binaries points to a directory (in my case, ${basedir}/release/), the analysis is OK
Is the behavior of sonar.java.binaries, implemented in 2.8, wanted ? or this a regression ?
Thanks,
Frédéric
As your project is built using Maven, we recommend to analyze it using the SonarQube Maven Plugin.
In that case you don't need to define the sonar.java.* properties
BTW : it would better to upgrade directly to SonarQube 4.5.4 and Java Plugin 3.3 to get all bug fixes / enhancements in particular new rules on bug detection coming with recent Java Plugin: http://nemo.sonarqube.org/coding_rules#languages=java|tags=bug|repositories=squid
As I understand from here you should use double slashes for sonar.java.binaries
Related
I have been working on a Java Eclipse project that uses Antlr 4.4. In my project, I need to use classes of another Java project that in turn uses Antlr 4.6. as a result, I get the error message: ANTLR Tool version 4.6 used for code generation does not match the current runtime version 4.4. I have no idea how to solve this problem without damaging the codes.
Pretty simple: use the runtime with the same version as what was used to generated your parser files. In this case upgrade your runtime to 4.6.
//unexpected gauge plugin error comes
I'm completely new to gauge and asked to create a sample gauge project as POC, followed the official documentation but got the error and couldn't come across and i'm stuck here
Steps followed:
JDK 1.8 was already configured in my system with environment/system variables configured properly
Installed jetbrains intellij-IDEA of version 2019.
Installed gauge on the machine and configured the system variable
Then created a maven project and added a archetype as suggested in blog
com.thoughtworks.gauge.maven:gauge-maven-plugin
GroupId: “com.thoughtworks.gauge.maven:
ArtifactId: “gauge-archetype-java” and selected the template.
got the couple gauge dependencies(gauge java, gauge plugin) in my pom.xml file.
verified the project structure, all required directories were listed.
But when opened the spec file or as soon as i open my IDE i get this error saying unsupported gauge plugin error, it must be >=0.9.0.
need some help here to get rid of that, because of which though the step implementation was mapped and developed still the steps in .spec file have error saying they are unimplemented.Thanks in advance
I was going through a bug that said exactly the same error in git hub and checked my binary path for gauge, there i've manually chnaged to 0.9.0 from 0.3.15.
path is set to "C:/program Files/gauge/bin, i've tried chnanging this with the path where i had my gauge plugin libraries
Eg: C:\Users\pradeep\Downloads\Gauge-Java-Intellij-0.3.15\Gauge-Java-Intellij\lib
raising a new question as i'm not currently clarified with what to change as my binary path or anyother to fix
https://github.com/kpkk/Gauge-POC - code is available here, on my git repositories
Looks like you're referring an outdated blog and setup instructions. The sample POC you shared works fine on the latest version of gauge v1.0.5 and IntelliJ-plugin v0.3.15. Please try following the instructions to install Gauge.
After installing gauge create a sample maven project by running the following command on the windows command prompt.
gauge init java_maven
You can open this newly created project in IntelliJ
I'm confronting a weird issue using gradlew(4.10.2) + dagger(2.18).
The problem is when I call:
./gradlew :app:compileDebugAndroidTestKotlin
The build fails with:
Task :Common:compileDebugJavaWithJavac FAILED
/CommonModule_ProvidesGsonFactory.java:6: error: package javax.annotation.processing does not exist
import javax.annotation.processing.Generated;
/CommonModule_ProvidesGsonFactory.java:8: error: cannot find symbol
#Generated(
But if I run the task from Android Studio, the task succeed and the #Generated is not present in the dagger generated class.
Do you have some clue to avoid the #Generated annotation using ./gradlew?
if you have :
javax annotation does not exist
I have this issue on my macOS
this error occures because your jdk is above of 1.8
just add below code on build.gradle of your apps .
//Resolve jdk8+ Generation Annotations - javax annotation does not exist
compileOnly 'com.github.pengrad:jdk9-deps:1.0'
Dagger uses auto-common's GeneratedAnnotations to figure out which #Generated annotation to use. It does this based on the classpath.
What this means is that while the annotation processor is running, javax.annotation.processing.Generated is available and used in the generator, but when the resulting file is compile in another task, it is no longer on the classpath.
Potential causes could be that code was generated using a newer version of the JDK and the incremental build is invalid, requiring a full "clean & rebuild" or there is a problem with java language levels where the annotation processor runs on Java 9+, but android is compiled as Java 8 or lower.
Using ./gradlew compileDebugAndroidTestKotlin -Dorg.gradle.java.home=<Android studio jre path> solved the problem.
I had this problem when I updated my Android Studio to 4.2
The problem was solved when I upgrade the Kotlin version from 1.3.51 to 1.4.31
It seems the problem is reported and solved in this issue:
https://github.com/google/dagger/issues/1449
https://youtrack.jetbrains.com/issue/KT-32804
change to embeded Android studio version and only clean!(not rebuild) Improove #kiskae answer
I also got "package javax.annotation.processing does not exist import javax.annotation.processing.Generated" in Android Studio while trying to build the project with Gradle.
Due to some reasons I cannot upgrade any dependencies in the project. What worked for me in this case:
not only install Java 8 instead of any higher Java versions you have (you can download it from here, for example: https://www.oracle.com/ru/java/technologies/javase/javase-jdk8-downloads.html),
but also check out Project Structure -> SDK location -> JDK location and make sure that this folder really contains jdk. The right option to choose can start with JAVA_HOME, for instance.
My case was that after some update this location was set by default as embedded JDK which did not contain any jdk and as a quite newbie to Android I have spent a couple of beautiful hours trying to figure out what's wrong with my Java 8.
In my case I change "Gradle JDK" and it's work perfectly.
Go to "File ==> project structure ==> SDK Location ==> Gradle settings ==> then change the selected gradle JDK from the drop down menu "
Hope this will help you.
I'm trying to implement a custom SonarQube plugin which also works fine on my dev machine in Eclipse, but as soon as I deploy it to our SonarQube instance it crashes during runtime with a ClassNotFoundException. The class which it can't find during runtime is ExpressionsHelper, which (as far as I understand it) should be in the sonar-java-plugin-***.jar.
Our SonarQube instance is running version 6.1, the SonarJava plugin is installed in version 4.15.0.12310.
Now to which version(s) should I set which property in my pom.xml so that the configuration on my dev machine matches the available libraries on the SonarQube instances? I've tried setting them to sonar.version=6.1, java.plugin.version=4.15.0.12310 but then I still got the ClassNotFoundException during the scan.
Thanks for your help in advance.
If the class is not part of package starting with : org.sonar.plugins.java.api it won't be found at runtime.
org.sonar.java.checks.helpers.ExpressionHelper is not part of this package and so won't be found at runtime, hence the exception you encounter.
I'm using SonarQube 6.3.1 with default profile Sonar way. I have the newest SonarJava plugin installed (4.8.0.9441).
I can see that the rule SQL binding mechanisms should be used is activated.
I have installed SonarLint 2.9.0 plugin for Intellij and connected to running SonarQube server.
After copying example violation from Sonar page I can see in my IDE that plugin works fine. Everything seemed perfect up to this moment.
Unfortunately, analysis on SonarQube server doesn't find this vulnerability. The same goes for another owasp-a6 rule Cookies should be secure (also found by Sonarlint). But on the other hand, some owasp rules work (i.e. Console logging should not be used).
Is this a known Sonar issue that some rules are omitted? Exclusions are not a problem, I'm pretty sure that those files are being analyzed because some other issues have been found.