SonarGo is a SonarQube code analyzer for the Go language.
- Rules for detecting bugs, vulnerabilities and code smells.
- Metrics (Cognitive complexity, NCLOC, ...)
- Display of code coverage
- Duplication detection
Note: The SonarGo plugin is not compatible with the GoLang community plugin. If you are using it, you need to uninstall it to test SonarGo.
Run:
./gradlew build
Run build with ruling:
git submodule update --init # first time
ruling=true ./gradlew build --info --no-daemon
Run plugin integration tests:
./gradlew integrationTest --info
This SonarQube plugin uses an intermediate representation format to provide issues and metrics on a Go project. The intermediate format is a json file representing an UAST (Universal Abstract Syntax Tree).
Universal Abstract Syntax Tree - Reference Documentation
Uast node is defined by class UastNode. Package helpers contains convenient classes to work with the tree.
Two modules are responsible for the source code conversion into a json UAST:
- uast-generator-go Use the native Go parser and convert the AST tree into an UAST
- uast-generator-java Use the sonar-java parser to produce UAST, just here to ensure that the UAST can support several programming languages.
Language agnostic rule engine module
- common-rule-engine Rule engine with rules based on UAST
The SonarQube Go analyzer plugin
- sonar-go-plugin SonarQube plugin using uast-generator-go and common-rule-engine to provide rules and metrics for Go language
Generate license headers for non-Go files with the command:
./gradlew licenseFormat
The license plugins doesn't work for Go files. At the moment we create/edit them manually.
When doing so, make sure to add a blank line after the license header, otherwise go doc
will treat it as documentation string. To verify that no unintended documentation was added,
run go doc inside uast-generator-go.
Copyright 2018-2018 SonarSource.
Licensed under the GNU Lesser General Public License, Version 3.0