4

更新:我在 Fedora 21 上运行它。SonarQube - 5.0。SonarQube 亚军 - 2.4

UPDATE2:Findbugs v3.1,Java 插件 v2.8

UPDATE3:分析器在以下文件上失败:

import java.sql.Connection;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;

public class MyManager extends ParentManager {
    public MyManager(int id, int var1, int var2, int var3) {
        super(id, var1, var2, var3);
    }

    public void load() {
        Connection con = null;
        Statement st;
        ResultSet res;

        try {

            con = DatabaseManager.getDataSource().getConnection();
            st = con.createStatement();

            int currentId = 0;
            CurrentData currentData= null;

            res = st.executeQuery("SELECT subjects.subjectname" + " AS name, " +
                    " subjects.subjectcode AS code, " +
                    " groups.groupname AS gname, " +
                    " groups.groupID AS gID , " +
                    " subjects.sID AS sID, " +
                    " groups.isMain AS ismain   " +
                    " FROM joinGroup LEFT JOIN groups ON joinGroup.groupID=groups.groupID " +
                    " LEFT JOIN subjects ON subjects.sID=groups.sID " +
                    " WHERE joinGroup.sID=" + id + "  " +
                    " AND groups.var1" + var1 + " AND groups.var2=" + var2 + " " +
                    " ORDER BY name, subjects.subjectcode, subjects.sID ");
            while (res.next()) {
                if (currentId != res.getInt("sID")) {
                    currentData = new CurrentData();
                    data.subjects.add(currentData);
                    currentData.subjectName = res.getString("name");
                    currentData.subjectID = res.getInt("sID");
                }
                CurrentGroupData groupData = new CurrentGroupData();
                groupData.name = res.getString("gname");
                groupData.id = res.getInt("gID");
                currentId = res.getInt("sID");
                if (res.getBoolean("ismain")) {
                    assert currentData != null;
                    currentData.groupID = res.getInt("gID");
                }
                if (currentData != null) {
                    currentData.groups.add(groupData);
                }
            }

            loadSubjectsData(st, res);

        } catch (Exception exc) {
            Log.writeLog(ex);
        } finally {
            try {
                con.close();
            } catch (SQLException e) {
                Log.writeLog(e);
            }
        }
    }
}

我已经按照声纳网站上的教程安装了 SonarQube。我可以浏览到 localhost:9000 并显示起始页。然后我尝试通过命令分析项目:sonar-runner。它失败。运行 sonar-runner -X 显示以下内容:

> 错误:Sonar runner 执行期间出错 org.sonar.runner.impl.RunnerException:无法在 org.sonar.runner.impl.BatchLauncher$1.delegateExecution(BatchLauncher.java:91) 在 org.sonar.runner.impl 执行 Sonar .BatchLauncher$1.run(BatchLauncher.java:75) at java.security.AccessController.doPrivileged(Native Method) at org.sonar.runner.impl.BatchLauncher.doExecute(BatchLauncher.java:69) at org.sonar.runner。 impl.BatchLauncher.execute(BatchLauncher.java:50) 在 org.sonar.runner.api.EmbeddedRunner.doExecute(EmbeddedRunner.java:102) 在 org.sonar.runner.api.Runner.execute(Runner.java:100)在 org.sonar.runner.Main.executeTask(Main.java:70) 在 org.sonar.runner.Main.execute(Main.java:59) 在 org.sonar.runner.Main.main(Main.java:53 ) 引起:org.sonar.squidbridge.api.AnalysisException:SonarQube 无法分析 org.sonar.java.ast.AstScanner 的 org.sonar.java.ast.AstScanner.simpleScan(AstScanner.java:114) 的文件:'/path/to/my/file/MyFile.java' .scan(AstScanner.java:75) 在 org.sonar.java.JavaSquid.scanSources(JavaSquid.java:122) 在 org.sonar.java.JavaSquid.scan(JavaSquid.java:115) 在 org.sonar.plugins。 java.JavaSquidSensor.analysis(JavaSquidSensor.java:91) at org.sonar.batch.phases.SensorsExecutor.executeSensor(SensorsExecutor.java:79) at org.sonar.batch.phases.SensorsExecutor.execute(SensorsExecutor.java:70)在 org.sonar.batch.phases.PhaseExecutor.execute(PhaseExecutor.java:122) 在 org.sonar.batch.scan.ModuleScanContainer.doAfterStart(ModuleScanContainer.java:222) 在 org.sonar.api.platform.ComponentContainer.startComponents (组件容器.java:93) 在 org.sonar.api.platform.ComponentContainer.execute(ComponentContainer.java:78) 在 org.sonar.batch.scan.ProjectScanContainer.scan(ProjectScanContainer.java:235) 在 org.sonar.batch.scan.ProjectScanContainer .scanRecursively(ProjectScanContainer.java:230) 在 org.sonar.batch.scan.ProjectScanContainer.doAfterStart(ProjectScanContainer.java:223) 在 org.sonar.api.platform.ComponentContainer.startComponents(ComponentContainer.java:93) 在 org. sonar.api.platform.ComponentContainer.execute(ComponentContainer.java:78) 在 org.sonar.batch.scan.ScanTask.scan(ScanTask.java:65) 在 org.sonar.batch.scan.ScanTask.execute(ScanTask. java:52) 在 org.sonar.batch.bootstrap.TaskContainer.doAfterStart(TaskContainer.java:128) 在 org.sonar.api.platform.ComponentContainer.startComponents(ComponentContainer.java:93) 在 org.sonar.api.platform.ComponentContainer.execute(ComponentContainer.java:78) 在 org.sonar.batch.bootstrap.BootstrapContainer.executeTask(BootstrapContainer.java:171) 在 org.sonar.batch.bootstrapper.Batch .executeTask(Batch.java:95) 在 org.sonar.batch.bootstrapper.Batch.execute(Batch.java:67) 在 org.sonar.runner.batch.IsolatedLauncher.execute(IsolatedLauncher.java:48) 在太阳。 reflect.NativeMethodAccessorImpl.invoke0(Native Method) 在 sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) 在 sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) 在 java.lang.reflect.Method.invoke( Method.java:606) at org.sonar.runner.impl.BatchLauncher$1.delegateExecution(BatchLauncher.java:87) ... 9 更多原因:java.lang。NullPointerException 在 org.sonar.java.checks.AbstractInjectionChecker.isDynamicString(AbstractInjectionChecker.java:54) 在 org.sonar.java.checks.AbstractInjectionChecker.isIdentifierDynamicString(AbstractInjectionChecker.java:67)。 isDynamicString(AbstractInjectionChecker.java:49) at org.sonar.java.checks.AbstractInjectionChecker.isDynamicString(AbstractInjectionChecker.java:57) at org.sonar.java.checks.AbstractInjectionChecker.isDynamicString(AbstractInjectionChecker.java:49) at org.sonar .java.checks.AbstractInjectionChecker.isDynamicString(AbstractInjectionChecker.java:57) 在 org.sonar.java.checks.AbstractInjectionChecker.isDynamicString(AbstractInjectionChecker.java:49) 在 org.sonar.java.checks.AbstractInjectionChecker。isDynamicString(AbstractInjectionChecker.java:57) at org.sonar.java.checks.SQLInjectionCheck.visitNode(SQLInjectionCheck.java:48) at org.sonar.java.ast.visitors.SubscriptionVisitor.visit(SubscriptionVisitor.java:95) at org .sonar.java.ast.visitors.SubscriptionVisitor.visitChildren(SubscriptionVisitor.java:113) 在 org.sonar.java.ast.visitors.SubscriptionVisitor.visit(SubscriptionVisitor.java:97) 在 org.sonar.java.ast.visitors .SubscriptionVisitor.visitChildren(SubscriptionVisitor.java:113) at org.sonar.java.ast.visitors.SubscriptionVisitor.visit(SubscriptionVisitor.java:97) at org.sonar.java.ast.visitors.SubscriptionVisitor.visitChildren(SubscriptionVisitor.java :113) 在 org.sonar.java.ast.visitors 的 org.sonar.java.ast.visitors.SubscriptionVisitor.visit(SubscriptionVisitor.java:97)。SubscriptionVisitor.visitChildren(SubscriptionVisitor.java:113) at org.sonar.java.ast.visitors.SubscriptionVisitor.visit(SubscriptionVisitor.java:97) at org.sonar.java.ast.visitors.SubscriptionVisitor.visitChildren(SubscriptionVisitor.java: 113) 在 org.sonar.java.ast.visitors.SubscriptionVisitor.visitChildren(SubscriptionVisitor.java:113) 在 org.sonar.java 的 org.sonar.java.ast.visitors.SubscriptionVisitor.visit(SubscriptionVisitor.java:97) .ast.visitors.SubscriptionVisitor.visit(SubscriptionVisitor.java:97) at org.sonar.java.ast.visitors.SubscriptionVisitor.visitChildren(SubscriptionVisitor.java:113) at org.sonar.java.ast.visitors.SubscriptionVisitor.visit (SubscriptionVisitor.java:97) 在 org.sonar.java.ast.visitors.SubscriptionVisitor.visitChildren(SubscriptionVisitor.java:113) 在 org.sonar.java。ast.visitors.SubscriptionVisitor.visit(SubscriptionVisitor.java:97) at org.sonar.java.ast.visitors.SubscriptionVisitor.scanTree(SubscriptionVisitor.java:73) at org.sonar.java.ast.visitors.SubscriptionVisitor.scanFile( SubscriptionVisitor.java:67) at org.sonar.java.model.VisitorBridge.visitFile(VisitorBridge.java:122) at com.sonar.sslr.impl.ast.AstWalker.walkAndVisit(AstWalker.java:67) at org.sonar .java.ast.AstScanner.simpleScan(AstScanner.java:107) ... 38 更多 >sonar.sslr.impl.ast.AstWalker.walkAndVisit(AstWalker.java:67) at org.sonar.java.ast.AstScanner.simpleScan(AstScanner.java:107) ... 38 更多 >sonar.sslr.impl.ast.AstWalker.walkAndVisit(AstWalker.java:67) at org.sonar.java.ast.AstScanner.simpleScan(AstScanner.java:107) ... 38 更多 >

没有做任何“异国情调”的事情,只是按照这样的官方教程:http: //docs.sonarqube.org/display/SONAR/Analyzing+with+SonarQube+Runner

我在本地运行它。有任何想法吗?

谢谢

4

2 回答 2

3

ReturnEmptyArrayyNotNullCheck 遇到了类似的问题。作为一种解决方法,我在 sonarqube web gui 中禁用了该规则。以管理员身份登录。单击顶部菜单中的规则。搜索 SQL 或 Inject 或任何其他词以查找您认为导致分析失败的规则。然后选择规则并在附加到项目的质量配置文件中禁用它。当然,在所有附加项目中,这条规则将被完全忽略。

于 2015-03-24T16:00:49.827 回答
-1

我没有解决方案,但遇到了同样的问题,并在声纳网站上找到了这个参考,这可能是你遇到的同样的问题吗?

http://sonarqube.15.x6.nabble.com/NullPointerException-analysing-file-with-SQLInjectionCheck-td5032155.html(滚动到最后)

于 2015-03-11T21:40:56.043 回答