Python
Python analysis is available starting in all editions of SonarQube.
Supported versions
Python 3.x
Python 2.x
Language-specific properties
Discover and update the Python-specific Analysis parameters in Administration > General Settings > Python.
Custom rules
Overview
The Python analyzer parses the source code, creates an abstract syntax tree (AST), and then walks through the entire tree. A coding rule is a visitor that is able to visit nodes from this AST.
As soon as the coding rule visits a node, it can navigate its children and log issues if necessary.
Writing a plugin
Custom rules for Python can be added by writing a SonarQube Plugin and using Python analyzer APIs. Here are the steps to follow:
Create a SonarQube plugin
Create a standard SonarQube plugin project.
Attach this plugin to the SonarQube Python analyzer through the
pom.xml
:Add the dependency to the Python analyzer.
Add the following line in the sonar-packaging-maven-plugin configuration.
<requirePlugins>python:2.0-SNAPSHOT</requirePlugin>
Implement the following extension points:
RulesDefinition and PythonCustomRuleRepository, which can be implemented by a single class, to declare your custom rules.
Declare the RulesDefinition as an extension in the Plugin extension point.
Implement a rule
Create a class that will hold the implementation of the rule, it should:
extend
PythonVisitorCheck
orPythonSubscriptionCheck
.define the rule name, key, tags, etc. with Java annotations.
declare this class in the
RulesDefinition
.
Example plugin
A sample plugin can be found here: python-custom-rules to help you get started.
Implementation details
Using PythonVisitorCheck
To explore a part of the AST, override a method from PythonVisitorCheck
. For example, if you want to explore "if statement" nodes, override the visitIfStatement
method that will be called each time an ifStatement node is encountered in the AST.
When overriding a visit method, you must call the super method in order to allow the visitor to visit the children of the node.
Using PythonSubscriptionCheck
To explore a part of the AST, override PythonSubscriptionCheck#initialize
and call SubscriptionCheck.Context#registerSyntaxNodeConsumer
with the Tree#Kind
of node you want to visit. For example, if you want to explore "if statement", you should register to the kind Tree#Kind#IF_STATEMENT
and then provide a lambda that will consume a SubscriptionContext
to act on such nodes.
Create issues
From the check, an issue can be created by calling the SubscriptionContext#addIssue
method or a PythonVisitorCheck
#addIssue
method.
Testing checks
You can use the PythonCheckVerifier#verify
method to test custom checks. Don’t forget to add the testkit dependency to access this class from your project:
<dependency>
<groupId>org.sonarsource.python</groupId>
<artifactId>python-checks-testkit</artifactId>
<version>${project.version}</version>
<scope>test</scope>
</dependency>
You should end each line having an issue with a comment in the following form:
# Noncompliant {{Message}}
Comment syntax is described here.
Related Pages
Test coverage and execution (the Coverage tool provided by Ned Batchelder, Nose, pytest)
Issue tracker
Check the issue tracker for this language.
Last updated
Was this helpful?