diff --git a/.cirrus.yml b/.cirrus.yml index 9ef4e78323f..72b1d39a8c9 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -1,4 +1,7 @@ env: + CIRRUS_VAULT_URL: https://vault.sonar.build:8200 + CIRRUS_VAULT_AUTH_PATH: jwt-cirrusci + CIRRUS_VAULT_ROLE: cirrusci-${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME} ARTIFACTORY_URL: VAULT[development/kv/data/repox data.url] ARTIFACTORY_PRIVATE_USERNAME: vault-${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-private-reader ARTIFACTORY_PRIVATE_PASSWORD: VAULT[development/artifactory/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-private-reader access_token] @@ -22,7 +25,6 @@ env: CIRRUS_CLONE_DEPTH: 50 container_definition: &CONTAINER_DEFINITION - image: ${CIRRUS_AWS_ACCOUNT}.dkr.ecr.eu-central-1.amazonaws.com/base:j11-latest cluster_name: ${CIRRUS_CLUSTER_NAME} region: eu-central-1 namespace: default @@ -34,13 +36,11 @@ container_definition: &CONTAINER_DEFINITION - m4.4xlarge # 2.4 GHz Intel Xeon E5-2676 v3** Processor, 16 vCPU, 64 GiB Memory win_vm_definition: &WINDOWS_VM_DEFINITION - ec2_instance: - experimental: true # see https://github.com/cirruslabs/cirrus-ci-docs/issues/1051 - image: base-windows-jdk17-v* - platform: windows - region: eu-central-1 - type: c5.4xlarge # 3.6 GHz (3.9GHz single core) Intel Xeon Scalable Processor, 16 vCPU, 32 GiB Memory - subnet_id: ${CIRRUS_AWS_SUBNET} + experimental: true # see https://github.com/cirruslabs/cirrus-ci-docs/issues/1051 + platform: windows + region: eu-central-1 + type: c5.4xlarge # 3.6 GHz (3.9GHz single core) Intel Xeon Scalable Processor, 16 vCPU, 32 GiB Memory + subnet_id: ${CIRRUS_AWS_SUBNET} only_sonarsource_qa: &ONLY_SONARSOURCE_QA only_if: $CIRRUS_USER_COLLABORATOR == 'true' && $CIRRUS_TAG == "" && ($CIRRUS_PR != "" || $CIRRUS_BRANCH == "master" || $CIRRUS_BRANCH =~ "branch-.*" || $CIRRUS_BRANCH =~ "dogfood-on-.*") @@ -48,7 +48,7 @@ only_sonarsource_qa: &ONLY_SONARSOURCE_QA common_build_definition: &COMMON_BUILD_DEFINITION eks_container: <<: *CONTAINER_DEFINITION - image: ${CIRRUS_AWS_ACCOUNT}.dkr.ecr.eu-central-1.amazonaws.com/base:j19-latest + image: ${CIRRUS_AWS_ACCOUNT}.dkr.ecr.eu-central-1.amazonaws.com/base:j21-latest cpu: 4 memory: 4G env: @@ -82,6 +82,7 @@ ws_scan_task: <<: *ONLY_SONARSOURCE_QA eks_container: <<: *CONTAINER_DEFINITION + image: ${CIRRUS_AWS_ACCOUNT}.dkr.ecr.eu-central-1.amazonaws.com/base:j17-latest cpu: 4 memory: 4G # run only on master and long-term branches @@ -101,7 +102,9 @@ ws_scan_task: path: "whitesource/**/*" qa_os_win_task: - <<: *WINDOWS_VM_DEFINITION + ec2_instance: + image: base-windows-jdk21-v* + <<: *WINDOWS_VM_DEFINITION maven_cache: folder: ${CIRRUS_WORKING_DIR}/.m2/repository build_script: @@ -140,7 +143,7 @@ sanity_task: <<: *ONLY_SONARSOURCE_QA eks_container: <<: *CONTAINER_DEFINITION - image: ${CIRRUS_AWS_ACCOUNT}.dkr.ecr.eu-central-1.amazonaws.com/base:j17-latest + image: ${CIRRUS_AWS_ACCOUNT}.dkr.ecr.eu-central-1.amazonaws.com/base:j21-latest cpu: 4 memory: 2G maven_cache: @@ -184,7 +187,9 @@ ruling_win_task: depends_on: - build <<: *ONLY_SONARSOURCE_QA - <<: *WINDOWS_VM_DEFINITION + ec2_instance: + image: base-windows-jdk17-v* + <<: *WINDOWS_VM_DEFINITION maven_cache: folder: ${CIRRUS_WORKING_DIR}/.m2/repository env: @@ -207,7 +212,15 @@ autoscan_task: <<: *ONLY_SONARSOURCE_QA eks_container: <<: *CONTAINER_DEFINITION - image: ${CIRRUS_AWS_ACCOUNT}.dkr.ecr.eu-central-1.amazonaws.com/base:j17-latest + # For now, this autoscan_task need to execute two mvn commands: + # * The build of java-checks-test-sources module which requires Java 21. + # * The tests using Orchestrator and SonarQube that, for now, fail to work using Java 21 + # This is why we have a local Dockerfile that provide the 2 versions of Java, 17 and 21. + dockerfile: .cirrus/Dockerfile.jdk17And21 + builder_role: cirrus-builder + builder_image: docker-builder-v* + builder_instance_type: t3.small + builder_subnet_id: ${CIRRUS_AWS_SUBNET} cpu: 14 memory: 6G maven_cache: @@ -215,7 +228,7 @@ autoscan_task: autoscan_script: - source cirrus-env QA - source set_maven_build_version $BUILD_NUMBER - - mvn clean compile --projects java-checks-test-sources --also-make-dependents + - JAVA_HOME="${JAVA_21_HOME}" mvn clean compile --projects java-checks-test-sources --also-make-dependents - cd its/autoscan - mvn clean package --batch-mode --errors --show-version --activate-profiles it-autoscan -Dsonar.runtimeVersion=LATEST_RELEASE[9.9] -Dmaven.test.redirectTestOutputToFile=false -Dparallel=methods -DuseUnlimitedThreads=true cleanup_before_cache_script: cleanup_maven_repository @@ -237,6 +250,7 @@ promote_task: <<: *ONLY_SONARSOURCE_QA eks_container: <<: *CONTAINER_DEFINITION + image: ${CIRRUS_AWS_ACCOUNT}.dkr.ecr.eu-central-1.amazonaws.com/base:j17-latest cpu: 2 memory: 1G env: diff --git a/.cirrus/Dockerfile.jdk17And21 b/.cirrus/Dockerfile.jdk17And21 new file mode 100644 index 00000000000..e22cd3a37c3 --- /dev/null +++ b/.cirrus/Dockerfile.jdk17And21 @@ -0,0 +1,58 @@ +ARG CIRRUS_AWS_ACCOUNT=275878209202 +FROM ${CIRRUS_AWS_ACCOUNT}.dkr.ecr.eu-central-1.amazonaws.com/base:j17-latest + +LABEL maintainer="JVM Squad at SonarSource" + +USER root + +ENV DEBIAN_FRONTEND=noninteractive + +# The current image is `FROM public.ecr.aws/docker/library/eclipse-temurin:17-jammy` +# Use a similar method to install Java 21 copied from https://github.com/adoptium/containers/blob/main/21/jdk/ubuntu/jammy/Dockerfile + +ENV JAVA_21_HOME /opt/java/openjdk21 +ENV JAVA_21_VERSION jdk-21.0.2+13 + +RUN set -eux; \ + ARCH="$(dpkg --print-architecture)"; \ + case "${ARCH}" in \ + aarch64|arm64) \ + ESUM='3ce6a2b357e2ef45fd6b53d6587aa05bfec7771e7fb982f2c964f6b771b7526a'; \ + BINARY_URL='https://github.com/adoptium/temurin21-binaries/releases/download/jdk-21.0.2%2B13/OpenJDK21U-jdk_aarch64_linux_hotspot_21.0.2_13.tar.gz'; \ + ;; \ + amd64|i386:x86-64) \ + ESUM='454bebb2c9fe48d981341461ffb6bf1017c7b7c6e15c6b0c29b959194ba3aaa5'; \ + BINARY_URL='https://github.com/adoptium/temurin21-binaries/releases/download/jdk-21.0.2%2B13/OpenJDK21U-jdk_x64_linux_hotspot_21.0.2_13.tar.gz'; \ + ;; \ + ppc64el|powerpc:common64) \ + ESUM='d08de863499d8851811c893e8915828f2cd8eb67ed9e29432a6b4e222d80a12f'; \ + BINARY_URL='https://github.com/adoptium/temurin21-binaries/releases/download/jdk-21.0.2%2B13/OpenJDK21U-jdk_ppc64le_linux_hotspot_21.0.2_13.tar.gz'; \ + ;; \ + s390x|s390:64-bit) \ + ESUM='0d5676c50821e0d0b951bf3ffd717e7a13be2a89d8848a5c13b4aedc6f982c78'; \ + BINARY_URL='https://github.com/adoptium/temurin21-binaries/releases/download/jdk-21.0.2%2B13/OpenJDK21U-jdk_s390x_linux_hotspot_21.0.2_13.tar.gz'; \ + ;; \ + *) \ + echo "Unsupported arch: ${ARCH}"; \ + exit 1; \ + ;; \ + esac; \ + wget --progress=dot:giga -O /tmp/openjdk.tar.gz ${BINARY_URL}; \ + echo "${ESUM} */tmp/openjdk.tar.gz" | sha256sum -c -; \ + mkdir -p "$JAVA_21_HOME"; \ + tar --extract \ + --file /tmp/openjdk.tar.gz \ + --directory "$JAVA_21_HOME" \ + --strip-components 1 \ + --no-same-owner \ + ; \ + rm -f /tmp/openjdk.tar.gz ${JAVA_21_HOME}/lib/src.zip; \ + # https://github.com/docker-library/openjdk/issues/331#issuecomment-498834472 + find "$JAVA_21_HOME/lib" -name '*.so' -exec dirname '{}' ';' | sort -u > /etc/ld.so.conf.d/docker-openjdk.conf; \ + ldconfig; \ + # https://github.com/docker-library/openjdk/issues/212#issuecomment-420979840 + # https://openjdk.java.net/jeps/341 + java -Xshare:dump; + +USER sonarsource +WORKDIR /home/sonarsource diff --git a/README.md b/README.md index 2ae2f786cfd..45bf2c34066 100644 --- a/README.md +++ b/README.md @@ -55,7 +55,9 @@ To run tests locally follow these instructions. ### Java versions -You need `Java 17` to build the project and run the Integration Tests (ITs). +You need `Java 21` to build the project and `Java 17` run the Integration Tests (ITs). +* `Java 17` can be used to build and test all modules except under `java-checks-test-sources` that requires `Java 21`. +* `Java 21` can be used to build and test all modules except under `its` that requires `Java 17` because of SQ imcompatibility. ### Build the Project and Run Unit Tests diff --git a/its/autoscan/src/test/java/org/sonar/java/it/AutoScanTest.java b/its/autoscan/src/test/java/org/sonar/java/it/AutoScanTest.java index 98cb62881f0..b2cb90f4f9b 100644 --- a/its/autoscan/src/test/java/org/sonar/java/it/AutoScanTest.java +++ b/its/autoscan/src/test/java/org/sonar/java/it/AutoScanTest.java @@ -122,9 +122,9 @@ public void javaCheckTestSources() throws Exception { .setProjectName(PROJECT_NAME) .setProjectVersion("0.1.0-SNAPSHOT") .setSourceEncoding("UTF-8") - .setSourceDirs("aws/src/main/java/,default/src/main/java/") + .setSourceDirs("aws/src/main/java/,default/src/main/java/,java-17/src/main/java/") .setTestDirs("default/src/test/java/") - .setProperty("sonar.java.source", "17") + .setProperty("sonar.java.source", "21") // common properties .setProperty("sonar.cpd.exclusions", "**/*") .setProperty("sonar.skipPackageDesign", "true") @@ -198,7 +198,7 @@ public void javaCheckTestSources() throws Exception { softly.assertThat(newDiffs).containsExactlyInAnyOrderElementsOf(knownDiffs.values()); softly.assertThat(newTotal).isEqualTo(knownTotal); softly.assertThat(rulesCausingFPs).hasSize(7); - softly.assertThat(rulesNotReporting).hasSize(7); + softly.assertThat(rulesNotReporting).hasSize(6); /** * 4. Check total number of differences (FPs + FNs) diff --git a/its/autoscan/src/test/resources/autoscan/diffs/diff_S100.json b/its/autoscan/src/test/resources/autoscan/diffs/diff_S100.json index 714575221f6..47e093163c2 100644 --- a/its/autoscan/src/test/resources/autoscan/diffs/diff_S100.json +++ b/its/autoscan/src/test/resources/autoscan/diffs/diff_S100.json @@ -1,6 +1,6 @@ { "ruleKey": "S100", "hasTruePositives": true, - "falseNegatives": 0, + "falseNegatives": 1, "falsePositives": 2 -} \ No newline at end of file +} diff --git a/its/autoscan/src/test/resources/autoscan/diffs/diff_S3014.json b/its/autoscan/src/test/resources/autoscan/diffs/diff_S3014.json index e1ae2838924..d6b37d740bd 100644 --- a/its/autoscan/src/test/resources/autoscan/diffs/diff_S3014.json +++ b/its/autoscan/src/test/resources/autoscan/diffs/diff_S3014.json @@ -1,6 +1,6 @@ { "ruleKey": "S3014", "hasTruePositives": true, - "falseNegatives": 0, + "falseNegatives": 1, "falsePositives": 0 -} \ No newline at end of file +} diff --git a/its/autoscan/src/test/resources/autoscan/diffs/diff_S5738.json b/its/autoscan/src/test/resources/autoscan/diffs/diff_S5738.json index 63742a8877b..4e20fbc52d1 100644 --- a/its/autoscan/src/test/resources/autoscan/diffs/diff_S5738.json +++ b/its/autoscan/src/test/resources/autoscan/diffs/diff_S5738.json @@ -1,6 +1,6 @@ { "ruleKey": "S5738", "hasTruePositives": true, - "falseNegatives": 0, + "falseNegatives": 1, "falsePositives": 0 -} \ No newline at end of file +} diff --git a/its/autoscan/src/test/resources/autoscan/diffs/diff_S6485.json b/its/autoscan/src/test/resources/autoscan/diffs/diff_S6485.json index 947bf3cdeda..cf0273bb3bb 100644 --- a/its/autoscan/src/test/resources/autoscan/diffs/diff_S6485.json +++ b/its/autoscan/src/test/resources/autoscan/diffs/diff_S6485.json @@ -1,6 +1,6 @@ { "ruleKey": "S6485", - "hasTruePositives": false, + "hasTruePositives": true, "falseNegatives": 0, "falsePositives": 0 -} \ No newline at end of file +} diff --git a/java-checks-test-sources/README.md b/java-checks-test-sources/README.md index ae5b1f9631c..439e2c129ec 100644 --- a/java-checks-test-sources/README.md +++ b/java-checks-test-sources/README.md @@ -2,7 +2,7 @@ SonarQube Java Analyzer - Rules Testing Sources ======= This project is used as input for unit tests of our rules and our ITs. -The project requirs JDK 17. +The project requires JDK 21. To analyze it with a **local instance of SonarQube** up and running, use the following command from its root: ``` diff --git a/java-checks-test-sources/aws/pom.xml b/java-checks-test-sources/aws/pom.xml index 044a2ce743a..f14b0b4b581 100644 --- a/java-checks-test-sources/aws/pom.xml +++ b/java-checks-test-sources/aws/pom.xml @@ -51,7 +51,7 @@ org.projectlombok lombok - 1.18.20 + 1.18.30 jar provided @@ -117,9 +117,9 @@ org.apache.maven.plugins maven-compiler-plugin - 17 - 17 - 17 + 21 + 21 + 21 diff --git a/java-checks-test-sources/default/pom.xml b/java-checks-test-sources/default/pom.xml index 3d94fa48d56..e64f6777fd4 100644 --- a/java-checks-test-sources/default/pom.xml +++ b/java-checks-test-sources/default/pom.xml @@ -372,7 +372,7 @@ org.projectlombok lombok - 1.18.20 + 1.18.30 jar provided @@ -982,9 +982,9 @@ org.apache.maven.plugins maven-compiler-plugin - 17 - 17 - 17 + 21 + 21 + 21 diff --git a/java-checks-test-sources/default/sonar-project-no-binaries.properties b/java-checks-test-sources/default/sonar-project-no-binaries.properties index 3347507ea1c..1c102549c9e 100644 --- a/java-checks-test-sources/default/sonar-project-no-binaries.properties +++ b/java-checks-test-sources/default/sonar-project-no-binaries.properties @@ -9,7 +9,7 @@ sonar.cpd.exclusions=**/* sonar.sources=src/main/java/ sonar.tests=src/test/java/ -sonar.java.source=17 +sonar.java.source=21 # Wrong on purpose - the project could be compiled (with maven) and provide binaries sonar.java.binaries=dummy-binaries/ diff --git a/java-checks-test-sources/default/sonar-project-with-binaries.properties b/java-checks-test-sources/default/sonar-project-with-binaries.properties index 913446fb789..e7d60566c66 100644 --- a/java-checks-test-sources/default/sonar-project-with-binaries.properties +++ b/java-checks-test-sources/default/sonar-project-with-binaries.properties @@ -9,7 +9,7 @@ sonar.cpd.exclusions=**/* sonar.sources=src/main/java/ sonar.tests=src/test/java/ -sonar.java.source=17 +sonar.java.source=21 # The project should be compiled with maven at least once to have this working sonar.java.binaries=target/classes diff --git a/java-checks-test-sources/default/src/main/java/checks/DisallowedThreadGroupCheck.java b/java-checks-test-sources/default/src/main/java/checks/DisallowedThreadGroupCheck.java index eaed18010e2..713dfff0539 100644 --- a/java-checks-test-sources/default/src/main/java/checks/DisallowedThreadGroupCheck.java +++ b/java-checks-test-sources/default/src/main/java/checks/DisallowedThreadGroupCheck.java @@ -16,7 +16,6 @@ void foo( tg.activeCount(); // Compliant - not following method invocation, only declarations of ThreadGroup tg.activeGroupCount(); // Compliant - tg.allowThreadSuspension(true); // Compliant getThreadGroup().checkAccess(); // Compliant tg.destroy(); // Compliant tg.enumerate(new Thread[0]); // Compliant diff --git a/java-checks-test-sources/java-17/pom.xml b/java-checks-test-sources/java-17/pom.xml new file mode 100644 index 00000000000..9150b2d9387 --- /dev/null +++ b/java-checks-test-sources/java-17/pom.xml @@ -0,0 +1,121 @@ + + + 4.0.0 + + + org.sonarsource.java + java-checks-test-sources + 7.31.0-SNAPSHOT + + + java-17 + + SonarQube Java :: Checks Test Sources :: Java 17 + + + true + true + true + true + + + + + + + + + analyze-tests + + false + + + + + + + + org.apache.maven.plugins + maven-compiler-plugin + + 17 + 17 + 17 + + + + org.apache.maven.plugins + maven-surefire-plugin + + --enable-preview + + + + org.simplify4u.plugins + sign-maven-plugin + + + sign-artifacts + none + + + + + maven-jar-plugin + + + default-jar + none + + + + + maven-source-plugin + + + attach-sources + none + + + + + maven-javadoc-plugin + + + attach-javadocs + none + + + + + maven-install-plugin + + + default-install + none + + + + + com.mycila + license-maven-plugin + + + src/main/java/** + src/test/java/** + + + + + + + diff --git a/java-checks-test-sources/java-17/src/main/java/checks/DisallowedThreadGroupCheck.java b/java-checks-test-sources/java-17/src/main/java/checks/DisallowedThreadGroupCheck.java new file mode 100644 index 00000000000..e184530764b --- /dev/null +++ b/java-checks-test-sources/java-17/src/main/java/checks/DisallowedThreadGroupCheck.java @@ -0,0 +1,7 @@ +package checks; + +abstract class DisallowedThreadGroupCheck { + void method_removed_in_java_21(ThreadGroup tg) { // Noncompliant + tg.allowThreadSuspension(true); // Compliant, Note: the "allowThreadSuspension" has been removed in Java 21 + } +} diff --git a/java-checks-test-sources/pom.xml b/java-checks-test-sources/pom.xml index 28fb5ad4a22..46c35f6c906 100644 --- a/java-checks-test-sources/pom.xml +++ b/java-checks-test-sources/pom.xml @@ -18,6 +18,7 @@ aws default + java-17 test-classpath-reader diff --git a/java-checks-test-sources/test-classpath-reader/pom.xml b/java-checks-test-sources/test-classpath-reader/pom.xml index d6e739e20cd..503d4eac570 100644 --- a/java-checks-test-sources/test-classpath-reader/pom.xml +++ b/java-checks-test-sources/test-classpath-reader/pom.xml @@ -28,5 +28,17 @@ test - + + + + org.apache.maven.plugins + maven-compiler-plugin + + 17 + 17 + 17 + + + + diff --git a/java-checks-testkit/src/main/java/org/sonar/java/checks/verifier/TestUtils.java b/java-checks-testkit/src/main/java/org/sonar/java/checks/verifier/TestUtils.java index b6b3497f158..5f99b9a6b43 100644 --- a/java-checks-testkit/src/main/java/org/sonar/java/checks/verifier/TestUtils.java +++ b/java-checks-testkit/src/main/java/org/sonar/java/checks/verifier/TestUtils.java @@ -27,6 +27,7 @@ public class TestUtils { public static final String DEFAULT_MODULE = "default"; + public static final String JAVA_17_MODULE = "java-17"; private static final String PROJECT_LOCATION = "../java-checks-test-sources/"; diff --git a/java-checks/src/test/java/org/sonar/java/checks/DisallowedThreadGroupCheckTest.java b/java-checks/src/test/java/org/sonar/java/checks/DisallowedThreadGroupCheckTest.java index 89d5bd99eca..a6c6b1f75a9 100644 --- a/java-checks/src/test/java/org/sonar/java/checks/DisallowedThreadGroupCheckTest.java +++ b/java-checks/src/test/java/org/sonar/java/checks/DisallowedThreadGroupCheckTest.java @@ -22,7 +22,9 @@ import org.junit.jupiter.api.Test; import org.sonar.java.checks.verifier.CheckVerifier; +import static org.sonar.java.checks.verifier.TestUtils.JAVA_17_MODULE; import static org.sonar.java.checks.verifier.TestUtils.mainCodeSourcesPath; +import static org.sonar.java.checks.verifier.TestUtils.mainCodeSourcesPathInModule; class DisallowedThreadGroupCheckTest { @@ -42,4 +44,14 @@ void no_issue_without_semantic() { .withoutSemantic() .verifyNoIssues(); } + + @Test + void test_java_api_methods_removed_in_java_21() { + CheckVerifier.newVerifier() + .withJavaVersion(17) + .onFile(mainCodeSourcesPathInModule(JAVA_17_MODULE, "checks/DisallowedThreadGroupCheck.java")) + .withCheck(new DisallowedThreadGroupCheck()) + .verifyIssues(); + } + } diff --git a/java-frontend/src/test/java/org/sonar/java/model/JUtilsTest.java b/java-frontend/src/test/java/org/sonar/java/model/JUtilsTest.java index 3b939d7a868..2912c84409b 100644 --- a/java-frontend/src/test/java/org/sonar/java/model/JUtilsTest.java +++ b/java-frontend/src/test/java/org/sonar/java/model/JUtilsTest.java @@ -433,8 +433,16 @@ void unresolved_types_are_also_part_of_supertypes() { void supertypes_are_called_in_all_hierarchy() { ClassTreeImpl b = nthClass(cu, 1); Set superTypes = b.symbol().superTypes(); - assertThat(superTypes).hasSize(7); - assertThat(superTypes.stream().map(Type::name)).containsOnly("C", "Object", "Serializable", "Unknown", "List", "Collection", "Iterable"); + + if (Runtime.version().feature()>=21) { + assertThat(superTypes).hasSize(8); + assertThat(superTypes.stream().map(Type::name)).containsOnly("C", "Object", "Serializable", + "Unknown", "List", "Collection", "SequencedCollection", "Iterable"); + } else { + assertThat(superTypes).hasSize(7); + assertThat(superTypes.stream().map(Type::name)).containsOnly("C", "Object", "Serializable", + "Unknown", "List", "Collection", "Iterable"); + } } } @@ -801,7 +809,7 @@ void direct_supertypes_is_generaly_a_subset_of_all_supertypes() { assertThat(directSuperTypes).hasSize(2); assertThat(directSuperTypes.stream().map(Type::name)).containsOnly("C", "List"); assertThat(allSuperTypes) - .hasSize(7) + .hasSizeBetween(7, 8) .containsAll(directSuperTypes); } } diff --git a/pom.xml b/pom.xml index 9f1d58eb5fa..001e149af79 100644 --- a/pom.xml +++ b/pom.xml @@ -100,8 +100,8 @@ ${project.groupId}:sonar-java-plugin:jar - - 0.8.10 + + 0.8.11 diff --git a/sonar-java-plugin/src/main/resources/static/documentation.md b/sonar-java-plugin/src/main/resources/static/documentation.md index ee353ce5ed6..b6392a69ab8 100644 --- a/sonar-java-plugin/src/main/resources/static/documentation.md +++ b/sonar-java-plugin/src/main/resources/static/documentation.md @@ -38,20 +38,20 @@ Key | Value ## Project's specific JDK In some situations, you might have to analyze a project built with a different version of Java than the one executing the analysis. -The most common case is to run the analysis with **Java 11**, while the project itself uses **Java 8** or before for its build. +The most common case is to run the analysis with **Java 17**, while the project itself uses **Java 11** or before for its build. If this is your case, you will need to set the `sonar.java.jdkHome` property manually to point the appropriate JDK (see below). By doing this you will specify which JDK classes the analyzer must refer to during the analysis. Not setting this property, while it would have been required, usually leads to inconsistent or even impossible to fix issues being reported, especially in relation with native JDK classes. When setting `sonar.java.jdkHome`, you need to provide the path to the JDK directory used by the project being analyzed, if different from the Java runtime executing the analysis. -For example, for a Java 8 project, by setting it as follows: `sonar.java.jdkHome=/usr/lib/jvm/jdk1.8.0_211` +For example, for a Java 11 project, by setting it as follows: `sonar.java.jdkHome=/usr/lib/jvm/jdk11.0.22` ```bash -# Here maven uses the default version of Java on the system but we specify that we want to analyze a Java 8 project. +# Here maven uses the default version of Java on the system but we specify that we want to analyze a Java 11 project. mvn clean verify sonar:sonar \ # other analysis parameters - -Dsonar.java.jdkHome=/usr/lib/jvm/java-8-openjdk/ + -Dsonar.java.jdkHome=/usr/lib/jvm/jdk11.0.22/ # other analysis parameters ``` This option can of course be added to your `sonar.properties` configuration. @@ -67,15 +67,15 @@ If you need to deactivate a rule (or all rules) for an entire file, then [issue Java analysis is able to react to the java version used for sources. This feature allows the deactivation of rules that target higher versions of Java than the one in use in the project so that false positives aren't generated from irrelevant rules. -The feature relies entirely on the `sonar.java.source` property, which is automatically filled by most of the scanners used for analyses (Maven, Gradle). Java version-specific rules are not disabled when `sonar.java.source` is not provided. Concretely, rules which are designed to target specific java versions (tagged "java7" or "java8") are activated by default in the Sonar Way Java profile. From a user perspective, the feature is fully automatic, but it means that you probably want your projects to be correctly configured. +The feature relies entirely on the `sonar.java.source` property, which is automatically filled by most of the scanners used for analyses (Maven, Gradle). Java version-specific rules are not disabled when `sonar.java.source` is not provided. Concretely, rules which are designed to target specific java versions (tagged "java8" or "java11") are activated by default in the Sonar Way Java profile. From a user perspective, the feature is fully automatic, but it means that you probably want your projects to be correctly configured. When using SonarScanner to perform analyses of project, the property `sonar.java.source` can to be set manually in `sonar-project.properties`. Accepted formats are: * "1.X" (for instance 1.6 for java 6, 1.7 for java 7, 1.8 for java 8, etc.) -* "X" (for instance 7 for java 7, 8 for java 8, etc. ) +* "X" (for instance 8 for java 8, 11 for java 11, etc. ) -Example: `sonar.java.source=1.6` +Example: `sonar.java.source=11` -If the property is provided, the analysis will take the source version into account, and execute related rules accordingly. At run time, each of these rules will be executed – or not – depending of the Java version used by sources within the project. For instance, on a correctly configured project built with Java 6, rules targeting Java 7 and Java 8 will never raise issues, even though they are enabled in the associated rule profile. +If the property is provided, the analysis will take the source version into account, and execute related rules accordingly. At run time, each of these rules will be executed – or not – depending upon the Java version used by sources within the project. For instance, on a correctly configured project built with Java 11, rules targeting Java 17 and Java 21 will never raise issues, even though they are enabled in the associated rule profile. ## Batch mode settings @@ -144,6 +144,9 @@ The tutorial [Writing Custom Java Rules 101](https://redirect.sonarsource.com/do #### **7.31** +**Breaking** +Now the Java analyzer requires `Java 17` to run. + Methods `org.sonar.plugins.java.api.IssuableSubscriptionVisitor#scanFile()` and `org.sonar.plugins.java.api.IssuableSubscriptionVisitor#scanTree()` are now deprecated and can not be overriden anymore. This change **break compile time compatibility** with any custom rules implementing any of these methods and will require update of custom rules plugin. Note that if the overrides were used as an attempt to clean rule state, it was never called and most probably the source of a memory leak. While we strongly adivse against having statefull rules, if the state of a class need to be cleaned, use methods `org.sonar.plugins.java.api.IssuableSubscriptionVisitor#setContext()` (called prior to the exploration of a file) or `org.sonar.plugins.java.api.IssuableSubscriptionVisitor#leaveFile()` (after ending the exploration of a file).