Hey Team,
I am trying to use sonarqube for writing custom rules for unsupported coding language. I read through documentations but couldn’t find any way to do it.
Kindly advise on this, it will be very helpful.
Hi,
Welcome to the community!
To make this work you’ll need to create a language analyzer that both collects metrics and implements rules. Feel free to use any of our open source language analysis repos as a template.
HTH,
Ann
Hello,
The unsupported coding language has compiler built already. I wish to write a code review plugin that will tell best practices, bugs, threat levels, code security severity etc. So for this purpose, which process should I follow?
Kindly advise.
Thanks in advance!
Hi,
Feel free to take a look at any of our open-source language engines. You’ll need to start by providing metrics and they can give you the blueprint. Rules come after that, and again they can help.
Ann
I am interested into this as well. I understand Sonar parses the language and generate the AST, so that you can define rules on it. Am I right?
How can I see the resulting AST for a given language, or even just a text file?
I am looking to parse .graphql fiels
Hi @LunaticMuch,
The parsing is done by language plugins and each plugin has its own parsing engine, that may use an AST internally or not.
So, there’s no way to tell how to see the AST for a given language because it really depends on how the specific plugin was implemented. This information is neither used nor stored on the SonarQube server.
If you want to parse graphql files, you’ll need to implement a new plugin and parse the files yourself using your preferred library.
2 Likes
Hi @felipebz
For an unsupported language, is there any example or step by step documentation guide that can be used. I am new to this so learning it from basics, learnt few things but how to exactly begin for an unsupported language.
Kindly assist.
Thank you
Thanks for this @felipebz
As also @harsh_singh is asking, where can we find an example of a library and plug-in for an unsupported language?
Shall I consider my first step is to find a Java library that allow me to parse a GraphQL file and extract the syntax? Maybe a lexical analyser?
Thanks 
Unfortunately, there isn’t any well-documented guide on how to write new plugins. There are some basic instructions here and here but, tbh, these pages don’t contain enough information to help you to build a new plugin from scratch.
I suggest you to look at the source code of the existing plugins to understand how they work and how they report metrics/issues to the SonarQube server.
I think that a good starting point to grasp the concepts is the sonar-text plugin. You could also take a look at sonar-xml and sonar-html to see how they use existing parsers to analyze the code and report metrics and issues. Also, if you don’t find any existing library to parse your language and you think you’ll need to implement a custom parser, I suggest you to use sonar-iac and sonar-flex as a starting point.
2 Likes
Nice, I’ll check out.
In my case, with GraphQL, the standard library in Java can return the ast for a given GraphQL file. So this should solve the parsing step. Then it’s about rules.
I’ll make a test.
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.