SONAR-3949 Add sonar-findbugs-plugin

infinitest.args

@@ -0,0 +1 @@
+-Djava.awt.headless=true

pom.xml

@@ -0,0 +1,154 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+  <modelVersion>4.0.0</modelVersion>
+
+  <parent>
+    <groupId>org.codehaus.sonar-plugins.java</groupId>
+    <artifactId>java</artifactId>
+    <version>1.1-SNAPSHOT</version>
+  </parent>
+
+  <artifactId>sonar-findbugs-plugin</artifactId>
+  <packaging>sonar-plugin</packaging>
+
+  <name>Sonar Java :: Findbugs Plugin</name>
+  <description>FindBugs is a program that uses static analysis to look for bugs in Java code. It can detect a variety of common coding mistakes, including thread synchronization problems, misuse of API methods.</description>
+
+  <properties>
+    <findbugs.version>2.0.1</findbugs.version>
+  </properties>
+
+  <dependencies>
+    <!--
+    !!! ORDER OF DEPENDENCIES IS IMPORTANT !!!
+    FindBugs should be first
+    -->
+
+    <dependency>
+      <groupId>com.google.code.findbugs</groupId>
+      <artifactId>findbugs</artifactId>
+      <version>${findbugs.version}</version>
+      <exclusions>
+        <exclusion>
+          <groupId>jdom</groupId>
+          <artifactId>jdom</artifactId>
+        </exclusion>
+        <exclusion>
+          <groupId>xml-apis</groupId>
+          <artifactId>xml-apis</artifactId>
+        </exclusion>
+        <exclusion>
+          <groupId>xerces</groupId>
+          <artifactId>xercesImpl</artifactId>
+        </exclusion>
+        <exclusion>
+          <groupId>xom</groupId>
+          <artifactId>xom</artifactId>
+        </exclusion>
+      </exclusions>
+    </dependency>
+
+    <dependency>
+      <groupId>org.codehaus.sonar</groupId>
+      <artifactId>sonar-plugin-api</artifactId>
+      <scope>provided</scope>
+      <exclusions>
+        <!-- allows to package dom4j into plugin -->
+        <exclusion>
+          <groupId>dom4j</groupId>
+          <artifactId>dom4j</artifactId>
+        </exclusion>
+      </exclusions>
+    </dependency>
+
+    <!-- TODO http://jira.codehaus.org/browse/SONAR-2011
+    We need following dependency, otherwise we will receive compilation error
+    -->
+    <dependency>
+      <groupId>org.apache.maven</groupId>
+      <artifactId>maven-project</artifactId>
+      <version>2.0.7</version>
+      <scope>provided</scope>
+    </dependency>
+
+    <!-- unit tests -->
+    <dependency>
+      <groupId>org.codehaus.sonar</groupId>
+      <artifactId>sonar-testing-harness</artifactId>
+      <scope>test</scope>
+    </dependency>
+  </dependencies>
+
+  <build>
+    <resources>
+      <resource>
+        <directory>src/main/resources</directory>
+        <filtering>true</filtering>
+      </resource>
+    </resources>
+
+    <testResources>
+      <testResource>
+        <directory>${basedir}/src/main/resources</directory>
+      </testResource>
+      <testResource>
+        <directory>${basedir}/src/test/resources</directory>
+      </testResource>
+    </testResources>
+
+    <plugins>
+      <plugin>
+        <groupId>org.apache.maven.plugins</groupId>
+        <artifactId>maven-dependency-plugin</artifactId>
+        <executions>
+          <execution>
+            <id>copy-dependencies</id>
+            <phase>process-resources</phase>
+            <goals>
+              <goal>copy-dependencies</goal>
+            </goals>
+            <configuration>
+              <outputDirectory>${project.build.outputDirectory}</outputDirectory>
+              <includeArtifactIds>annotations,jsr305</includeArtifactIds>
+            </configuration>
+          </execution>
+        </executions>
+      </plugin>
+      <plugin>
+        <groupId>org.codehaus.sonar</groupId>
+        <artifactId>sonar-packaging-maven-plugin</artifactId>
+        <configuration>
+          <pluginName>Findbugs</pluginName>
+          <pluginDescription><![CDATA[Analyze Java code with <a href="http://findbugs.sourceforge.net/">Findbugs</a> ${findbugs.version}.]]></pluginDescription>
+          <pluginClass>org.sonar.plugins.findbugs.FindbugsPlugin</pluginClass>
+          <useChildFirstClassLoader>true</useChildFirstClassLoader>
+        </configuration>
+      </plugin>
+      <plugin>
+        <groupId>org.apache.maven.plugins</groupId>
+        <artifactId>maven-enforcer-plugin</artifactId>
+        <executions>
+          <execution>
+            <id>enforce-plugin-size</id>
+            <goals>
+              <goal>enforce</goal>
+            </goals>
+            <phase>verify</phase>
+            <configuration>
+              <rules>
+                <requireFilesSize>
+                  <maxsize>4800000</maxsize>
+                  <minsize>4600000</minsize>
+                  <files>
+                    <file>${project.build.directory}/${project.build.finalName}.jar</file>
+                  </files>
+                </requireFilesSize>
+              </rules>
+            </configuration>
+          </execution>
+        </executions>
+      </plugin>
+    </plugins>
+  </build>
+
+</project>

src/main/java/org/sonar/plugins/findbugs/FindbugsAntConverter.java

@@ -0,0 +1,72 @@
+/*
+ * Sonar Java
+ * Copyright (C) 2012 SonarSource
+ * [email protected]
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02
+ */
+package org.sonar.plugins.findbugs;
+
+import org.apache.commons.lang.StringUtils;
+import org.sonar.api.resources.Java;
+
+public final class FindbugsAntConverter {
+
+  private FindbugsAntConverter() {
+  }
+
+  /**
+   * Convert the exclusion ant pattern to a java regexp accepted by findbugs
+   * exclusion file
+   *
+   * @param exclusion ant pattern to convert
+   * @return Exclusion pattern for findbugs
+   */
+  public static String antToJavaRegexpConvertor(String exclusion) {
+    StringBuilder builder = new StringBuilder("~");
+    int offset = 0;
+    // First **/ or */ is optional
+    if (exclusion.startsWith("**/")) {
+      builder.append("(.*\\.)?");
+      offset += 3;
+    } else if (exclusion.startsWith("*/")) {
+      builder.append("([^\\\\^\\s]*\\.)?");
+      offset += 2;
+    }
+    for (String suffix : Java.SUFFIXES) {
+      exclusion = StringUtils.removeEndIgnoreCase(exclusion, "." + suffix);
+    }
+
+    char[] array = exclusion.toCharArray();
+    for (int i = offset; i < array.length; i++) {
+      char c = array[i];
+      if (c == '?') {
+        builder.append('.');
+      } else if (c == '*') {
+        if (i + 1 < array.length && array[i + 1] == '*') {
+          builder.append(".*");
+          i++;
+        } else {
+          builder.append("[^\\\\^\\s]*");
+        }
+      } else if (c == '/') {
+        builder.append("\\.");
+      } else {
+        builder.append(c);
+      }
+    }
+    return builder.toString();
+  }
+}

src/main/java/org/sonar/plugins/findbugs/FindbugsCategory.java

@@ -0,0 +1,46 @@
+/*
+ * Sonar Java
+ * Copyright (C) 2012 SonarSource
+ * [email protected]
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02
+ */
+package org.sonar.plugins.findbugs;
+
+import java.util.HashMap;
+import java.util.Map;
+
+public final class FindbugsCategory {
+  private static final Map<String, String> FINDBUGS_TO_SONAR = new HashMap<String, String>();
+
+  static {
+    FINDBUGS_TO_SONAR.put("BAD_PRACTICE", "Bad practice");
+    FINDBUGS_TO_SONAR.put("CORRECTNESS", "Correctness");
+    FINDBUGS_TO_SONAR.put("MT_CORRECTNESS", "Multithreaded correctness");
+    FINDBUGS_TO_SONAR.put("I18N", "Internationalization");
+    FINDBUGS_TO_SONAR.put("EXPERIMENTAL", "Experimental");
+    FINDBUGS_TO_SONAR.put("MALICIOUS_CODE", "Malicious code");
+    FINDBUGS_TO_SONAR.put("PERFORMANCE", "Performance");
+    FINDBUGS_TO_SONAR.put("SECURITY", "Security");
+    FINDBUGS_TO_SONAR.put("STYLE", "Style");
+  }
+
+  public static String findbugsToSonar(String findbugsCategKey) {
+    return FINDBUGS_TO_SONAR.get(findbugsCategKey);
+  }
+
+  private FindbugsCategory() {
+  }
+}