I have a question regarding the code analysis from multiple files, classes.
In the concrete example below is it possible to check the format of the String pathFromB that is passed in the C.getData(pathFromB) method call.
So to be more concrete, I want to perform a check if a string from one class (class A) with a certain format is used as an argument for a specific method in a different class (in this case getData from class B).
Case:
Is it possible to register a violation. Ex. when analyzing class B a rule violation is thrown because getData cannot use paths with an .xml extension.
Input test file:
class A {
String UNIX_PATH = "proj/dir/resources/file.xml";
String xml = B.someMethodFromB(UNIX_PATH);
}
class B {
public static String someMethodFromB(String pathFromB){
return C.getData(pathFromB);
}
}
class C {
public static String getData(String pathFromC) {
return pathFromC;
}
}
I am quite new to Sonar so maybe I didn’t provide enough context for the readers.
The problem I am facing is cross-file analysis from the same project:
ClassA → ClassB field → ClassB —> ClassC field → ClassC etc.
I want to exclude throwing a certain rule violation if a specific method is using a path with a certain extension, in my case .xml, if getData uses the path do not report a violation. The problem is if the method is maybe located in a different class than the one where the path with the extension is declared.
So cross-file checking would be required to inspect if the specific method is invoked with the path. From my current research and understanding this could be done via semantic analysis, so if someone has any suggestion on the topic of this kind of analysis or examples it would be greatly appreciated.
My other concern is if this is possible via the mentioned approach - the cost of running this kind of analysis in a larger codebase - the specific method could be called deeper in the analysis and not so quick as in the provided example above.