I am using sonar.version 6.3 and java.plugin.version 4.12.x and I am currently writing some custom rules to analyze my project java files via SonarQube/SonarLint and I have problems with the following scenario:
My goal is to report all Class.forName("path.to.the.Clazz") occurances in which the Clazz implements a specific interface or has a specific annotation with SonarLint.
So I did the following: I invoked Class.forName("path.to.the.Clazz") and checked whether Clazz meet my reporting requirements via reflection or lambda factory. All tests were passed and maven built the custom plugin.
Lets say I want to detect @Table instances which are created via reflection. When analyzing for example the following
package test;
import javax.persistence.Table;
@Table
class TableT {}
public class ReflectionTest {
public static void main(String[] args) throws ClassNotFoundException {
Class<?> aClass = Class.forName("test.TableT");
}
}
the rule will not detect Class.forName("test.TableT"). This is because when my rule calls Class.forName("test.TableT") the TableT class is not actually found by the ClassLoader which I understand.
So I guess reflection is the wrong approach here.
How can I detect such a scenario?
I would not want to provide the code of test.TableT as a dependency in Maven I rather would want to take it dynamically from the project I analyse with SonarLint in my IDE. I also would want to keep it IDE independent.
Regards,
trin
Aucun commentaire:
Enregistrer un commentaire