Sonar

Create a rules engine to check project dependencies

Details

  • Type: New Feature New Feature
  • Status: Open Open
  • Priority: Major Major
  • Resolution: Unresolved
  • Affects Version/s: None
  • Fix Version/s: None
  • Component/s: Dependencies, Rules
  • Labels:
    None
  • Number of attachments :
    0

Description

Imagine something equivalent to Macker or Architecture Rules that doesn't work at classes or packages level but at Maven projects level.

We could implements rules like :

  • No project can depends on Log4j version 1.1 or less
  • A WAR project must not embed the servlet API
  • No project can declare a parent pom ("mygroupid", "myartifactid") whose version is X.Y or less

Issue Links

is related to

New Feature - A new feature of the product, which has yet to be developed. SONARJAVA-58 New rule to detect usage of user-defined "dangerous" methods

  • Major - Major loss of function.
  • Open - The issue is open and ready for the assignee to start work on it.

Activity

Ascending order - Click to sort in descending order
Freddy Mallet made changes -
Field Original Value New Value
Project Sonar Plugins [ 11911 ] Sonar [ 11694 ]
Key SONARPLUGINS-41 SONAR-3835
Freddy Mallet made changes -
Summary Create a rules engine to check Maven project dependencies Create a rules engine to check project dependencies
Component/s Dependencies [ 14728 ]
Component/s Rules [ 14724 ]
Evgeny Mandrikov made changes -
Link This issue is related to SONAR-3842 [ SONAR-3842 ]

People

  • Assignee:
    Unassigned
    Reporter:
    Freddy Mallet
Vote (3)
Watch (2)

Dates

  • Created:
    Updated: