net.sourceforge.pmd.renderers.SarifRenderer Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of pmd-core Show documentation
Show all versions of pmd-core Show documentation
PMD is an extensible multilanguage static code analyzer. It finds common programming flaws like unused variables,
empty catch blocks, unnecessary object creation, and so forth. It's mainly concerned with Java and
Apex, but supports 16 other languages. It comes with 400+ built-in rules. It can be
extended with custom rules. It uses JavaCC and Antlr to parse source files into abstract syntax trees
(AST) and runs rules against them to find violations. Rules can be written in Java or using a XPath query.
Currently, PMD supports Java, JavaScript, Salesforce.com Apex and Visualforce,
Kotlin, Swift, Modelica, PLSQL, Apache Velocity, JSP, WSDL, Maven POM, HTML, XML and XSL.
Scala is supported, but there are currently no Scala rules available.
Additionally, it includes CPD, the copy-paste-detector. CPD finds duplicated code in
Coco, C/C++, C#, Dart, Fortran, Gherkin, Go, Groovy, HTML, Java, JavaScript, JSP, Julia, Kotlin,
Lua, Matlab, Modelica, Objective-C, Perl, PHP, PLSQL, Python, Ruby, Salesforce.com Apex and
Visualforce, Scala, Swift, T-SQL, Typescript, Apache Velocity, WSDL, XML and XSL.
/*
* BSD-style license; for more info see http://pmd.sourceforge.net/license.html
*/
package net.sourceforge.pmd.renderers;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.Iterator;
import net.sourceforge.pmd.internal.util.IOUtil;
import net.sourceforge.pmd.renderers.internal.sarif.SarifLog;
import net.sourceforge.pmd.renderers.internal.sarif.SarifLogBuilder;
import net.sourceforge.pmd.reporting.Report;
import net.sourceforge.pmd.reporting.RuleViolation;
import com.google.gson.Gson;
import com.google.gson.GsonBuilder;
public class SarifRenderer extends AbstractIncrementingRenderer {
public static final String NAME = "sarif";
private static final String DEFAULT_DESCRIPTION = "Static Analysis Results Interchange Format (SARIF)";
private static final String DEFAULT_FILE_EXTENSION = "sarif.json";
private final Gson gson = new GsonBuilder()
.disableHtmlEscaping()
.setPrettyPrinting()
.create();
private SarifLogBuilder sarifLogBuilder;
public SarifRenderer() {
super(NAME, DEFAULT_DESCRIPTION);
}
@Override
public String defaultFileExtension() {
return DEFAULT_FILE_EXTENSION;
}
@Override
public void start() throws IOException {
sarifLogBuilder = SarifLogBuilder.sarifLogBuilder();
}
@Override
public void renderFileViolations(Iterator violations) throws IOException {
while (violations.hasNext()) {
final RuleViolation violation = violations.next();
sarifLogBuilder.add(violation);
}
}
@Override
public void end() throws IOException {
addErrors();
writeLog();
}
private void addErrors() {
for (Report.ProcessingError error : this.errors) {
sarifLogBuilder.addRunTimeError(error);
}
for (Report.ConfigurationError error: this.configErrors) {
sarifLogBuilder.addConfigurationError(error);
}
}
private void writeLog() throws IOException {
final SarifLog sarifLog = sarifLogBuilder.build();
final String json = gson.toJson(sarifLog);
writer.write(json);
writer.println();
}
@Override
public void setReportFile(String reportFilename) {
this.setWriter(IOUtil.createWriter(StandardCharsets.UTF_8, reportFilename));
}
}