Writing rule for java


I want to write the rules for java in security.
But as I am new for this and having very basic knowledge of java. I could not get proper documentation for sonar.java.plugin.api.* even I gone through the custom rule 101 for java example.

Can somebody share any writing guide or api documentation details that how I can use it for writing rules in java.

Or any training link from where I can learn it.

Thank you.

Hello @sukdevk

As a reminder, here are the different links for reference:

  • CUSTOM RULES 101 is the go-to guide when starting to implement custom rules for Java, it is regularly updated.
  • Example project.
  • For rules implementation examples, you can directly look into the rules of the Java analyzer itself, it contains hundreds of examples (just make sure to use only what is provided in the public API).
  • For documentation of the API, you can directly look at the Java doc of the classes.
  • For the API changes in the new versions, have a look here.

As far as I know, the Custom rules 101 linked before is the most complete guide available, it should contain everything to get you started. If you have more specific questions, feel free to ask them here.


Thanks Quentin,
for this details information. I already went through the information you shared.
But Will look at once again to cross check everything you mentioned.

And How do i know that, what public API is provided and what not?

As mentioned in the guide:

When writing custom Java rules, you can only use classes from package org.sonar.plugins.java.api .

Thanks for information Quentin. Finally i am able to use api sonar plugin java api. and writing rule.
Even i also found great video content on this on youtube - on custom java rule, which helps me a lot to understand backgound details.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.