The requirements to be added to the Marketplace are here: https://docs.sonarqube.org/display/DEV/Deploying+to+the+Marketplace
I haven’t tried to test it yet, but off-hand it looks like there are issues with requirements 3 and 7.
Specifically, since you don’t declare a
sonar.pluginKey property (at least, I didn’t see one) then your entire artifact id becomes the plugin key:
guava-helper-for-java-8, and that breaks the rule to have only alpha-numeric (lower case) keys. I know you’re planning to re-key the plugin, so please just keep this point in mind.
On #7, you don’t provide a link to a SonarCloud analysis. Maybe it’s there, but I’m too busy (lazy) to go looking right now.
Beyond those requirements, I’m a bit confused. You said initially your plugin depends on the SpotBugs plugin, but your README says it provides the plugin…? And if the latter, what happens if I install your plugin on an instance where SpotBugs is already installed?
And in either case, I have to wonder if the rules wouldn’t be better in the SpotBugs plugin. But like Julien, I’m just expressing a personal opinion.
So… once the things listed above are sorted out, I’ll do the testing required before I can add you to the Marketplace, and we’ll go from there.