SonarLint should give the ability to configure java version used for SLCore

michha · August 5, 2024, 10:46am

Operating system: Windows 10
Visual Studio version: 17.10.4
SonarLint plugin version: 8.1.0.95039
Programming language you’re coding in: C#

Since one of the last versions of SonarLint I get the error message SonarLint background service failed to start. Some collegues and I made a deep dive the last days to analyse this.

Here are my insights:

SonarLint Visual Studio extension contains a java JRE
the extension is stored in a path C:\Users\{userid}\AppData\Local\Microsoft\VisualStudio\{vs-version}\Extensions\{random-characters}
JRE is located in {extension-path}\Sloop\jre\bin
latest SonarLint VS extension comes with Temurin 17.0.9 (released on October 19, 2023)
C# class SonarLint.VisualStudio.Integration.Vsix.SLCore.SLCoreLocator has a hard-coded string literal for java path inside extension directory
our company uses AppLocker (a windows security feature) to prevent malicious code execution
executables inside a user directories are not allowed, therefor executing of any binary is blocked (including starting java)

Stacktrace

[ThreadId xxx] [SLCoreHandler] Creating SLCore instance
[ThreadId xxx] [SLCoreHandler] Starting SLCore instance
[ThreadId xxx] [SLCoreHandler] Error starting SLCore instance
[ThreadId xxx] [DEBUG] System.ComponentModel.Win32Exception (0x80004005): {message text by applocker, saying something was blocked from execution}
  at System.Diagnostics.Process.StartWithCreateProcess(ProcessStartInfo startInfo)
  at SonarLint.VisualStudio.SLCore.Core.Process.SLCoreProcess..ctor(SLCoreLaunchParameters launchParameters, ISLCoreErrorLoggerFactory slCoreErrorLoggerFactory)
  at SonarLint.VisualStudio.SLCore.Core.Process.SLCoreProcessFactory.StartNewProcess(SLCoreLaunchParameters slCoreLaunchParameters)
  at SonarLint.VisualStudio.SLCore.SLCoreRpcFactory.StartNewRpcInstance()
  :
  :

My suggestions would be

like the VS Code extension respects the value of JAVA_HOME (and other locations) it would be nice if the VS extension would also do this
a SonarLint Light version without a bundled java version would comply more with company rules. It would be fully in scope of a company which java flavor and what version is used.

If desired, I could make a pull request for the first option.

georgii.borovinskikh · August 6, 2024, 1:13pm

Hi @michha,

It’s unlikely we’ll have a separate packaging version, but we will definitely look into allowing to set the custom JRE location for our next release, which is currently scheduled for the beginning of September.

As a workaround for your case, you can manually install the latest java-less version and disable automatic updates for it, while we work on the fix.

michha · August 8, 2024, 4:30pm

Thank you for your answer. I will wait for the september release and will return here for feedback about the next version.

georgii.borovinskikh · September 11, 2024, 2:47pm

The version has been released.

You can find the JRE setting in Extensions > SonarLint > Options

system · October 8, 2024, 11:54am

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.