Create an Abstract Syntax Tree

SonarQube Server / Community Build Writing rules
1

Hello,

I am trying to create a custom rule for java, which checks if a method is invoked multiple times on an object. My problem is, that I don´t understand the structure of the Abstract Syntax Tree (AST) Sonarqube is building. I want to understand what i get when i call for example the methods symbol(), symbolType() or methodSelect() on my trees.(Compared to an AST, https://astexplorer.net/ or the ASTView in Eclipse is giving me) Or better: How do I traverse the tree, by calling these methods.
I read that i can use the sslr toolkit to show me the tree, but i do not found any tutorials which would help me to create a tree in eclipse (java).

For example how would i get the information of the package of every “get”-Method of this class. (It should be javax.persistence.criteria.Path)

package com.example.test;

import javax.persistence.criteria.CriteriaQuery;
import javax.persistence.criteria.Path;
import javax.persistence.criteria.Root;

import com.example.test.AbstractRepository;

public class TestClass extends AbstractRepository<TestDbo>
{
	public void TestMethod()
	{
		CriteriaQuery<TestDbo> query = getCriteriaBuilder().createQuery(TestDbo.class);
		Root<TestDbo> root = query.from(TestDbo.class);
		Path<Object> path = root.get("1").get("3").get("2"); // Noncompliant
	}

}

I hope i could explain my problem clear enough, if not please ask for further informations.

My version:

  <properties>
    <sonarqube.version>8.9.0.43852</sonarqube.version>
    <sonarjava.version>6.15.1.26025</sonarjava.version>
    <jacoco.version>0.8.7</jacoco.version>
    <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
    <maven.compiler.release>8</maven.compiler.release>
  </properties>

Greetings
Johannes

2

Hello,

Can you please provide the code of the rule you wrote already?
Without it, it’s going to be hard to explain to you what you might be doing wrong.

Our AST-api is specific to our analyzer, and not shared with eclipse or any other java AST. The visitors that we use for our rules are subscription-based (the rule subscribes to a given KIND of tree, using an IssuableSubscriptionVisitor ), or visit every node (BaseTreeVisitor).

To make sure you understand what these rules are doing, you might want to have a look, or reread, the tutorial for custom rules, and the example of custom rules.

Moreover, all the rules from the SonarSuurce java analyzer are open-source, so if your custom rule should act “close-enough” from an existing rule, you might want to have a look at the actual implementation of the rule, here: https://github.com/SonarSource/sonar-java/tree/master/java-checks/src/main/java/org/sonar/java/checks

Hope this helps,
Michael

3

Hello,

thanks for your reply.

I figured my Problem out. I made a “TestDbo.java” in the same package as my CustomRule and assumed my test can use it, without including it in my test environment.
I just got confused from the errors, because I was able to get the package from 2 of 3 get()-methods, while 1 was “!unknown”, which let me believe, that the configuration was right, but I just didn’t understand the structure of the AST.

Greetings
Johannes

1 Like
4

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.