Hello, we are working on a spring backed written in kotlin. It appears that there are some java rules that we would like to see flagged in our kotlin files (ie Java static code analysis: "@RequestMapping" methods should not be). Is there a way to configure SonarLint (or SonarQube for that matter) to run java rules on kotlin files?
no this is not possible, Java rules are designed only to analyze Java source code. We have Kotlin analyzer, although, it doesn’t have the rule you are mentioning.
No plans for that.
The only thing I can think of if those rules are available through detekt linter. Then you can import issues with sonar.kotlin.detekt.reportPaths
Yeah this question may not be just applied to SonarLint.
We are using Kotlin to build a spring server application and so are very interested in the java rules that pertain to running a web server. It would be great to have those rules to kotlin because kotlin on the jvm still has those same vulnerabilities.
One thing we were exploring as a work around is using a java decompiler to convert the .class files to .java and then uploading that project to sonarqube. One downside we can see is that line numbers won’t be preserved.
We are interested in the vulnerabilities and hotspots. But I could imagine that most of the java rules would be applicable to Kotlin when it is running on the jvm.