Disallow packages or specific classes

romack · August 18, 2020, 6:37pm

Is there an existing rule that allows one to disallow the use of specific packages and/or java classes?

For instance, if I wanted to disallow the use of java.sqlStatement (I know there is already a specific to PreparedStatement… this is just an example)

Or another example would be for projects that are using SLF4J, disallow the use of log4j packages.

In the past this could be accomplished via a custom rule. Is it possible to accomplish this in SonarCloud?

Thanks in advance for your help,

Chris

Michael · August 20, 2020, 7:16am

Hello @romack,

There is multiple rules provided with our java analyzer which cover your case:

When tracking disallowed classes (S3688), you can use regular expressions, such as: java.lang\..* to cover a family of classes based on their fully qualified names.

Cheers,
Michael

system · August 27, 2020, 7:16am

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Is there a rule to catch usage of specified packages? SonarQube Server / Community Build	2	590	March 7, 2019
Track uses of disallowed classes (RSPEC-3688) not found in sonarcloud SonarQube Cloud java , rules , sonarqube-cloud	1	332	July 27, 2023
Controling java imports with the help of sonarqube SonarQube Server / Community Build	6	1709	June 12, 2019
Minor hurdles with Track uses of disallowed classes SonarQube Server / Community Build java	2	642	July 3, 2019
Missing classes of Sonar-Plugin-Java Writing rules java , sonarqube , custom_rules	5	4502	October 18, 2019

Disallow packages or specific classes

Related topics