Custom plugin - can't use external maven dependency


regarding documentation sonar-java/ at master · SonarSource/sonar-java · GitHub
and explained in topic Unable to use JUtils in Java custom urles - #7 by HAYOUNGCHOI
we can’t add external maven dependency.
Another solution is to reimplement or copy-paste the external library code in the custom plugin :frowning:
But, for example, I want to use the class “” instead of “java.util.regex.Pattern” because of a security error raised in our SonarCloud instance ( error “Make sure the regex used here, which is vulnerable to polynomial runtime due to backtracking, cannot lead to denial of service.” when “java.util.regex.Pattern.compile(…)”).
I can’t copy-paste the “…)” code because it’s too big and usgin a lot of internal classes.
I want to add “” maven dependency to use it at runtime but if done it, I have a ClassNotFoundError when SonarQube started. Thus, SonarQube start crashes and it stops.

How can I resolve this point ?

SonarQube version : 9.9

thank you a lot.


I’m pretty sure the issue you’re seeing is about the pattern you’re trying to compile and not about the method you’re calling to compile it with.