- Python 3.x
- Python 2.x
Discover and update the Python-specific properties in Administration > General Settings > Python.
The Python analyzer parses the source code, creates an abstract syntax tree (AST), and then walks through the entire tree. A coding rule is a visitor that is able to visit nodes from this AST.
As soon as the coding rule visits a node, it can navigate its children and log issues if necessary.
Custom rules for Python can be added by writing a SonarQube Plugin and using Python analyzer APIs. Here are the steps to follow:
- Create a standard SonarQube plugin project.
- Attach this plugin to the SonarQube Python analyzer through the
- Add the dependency to the Python analyzer.
- Add the following line in the sonar-packaging-maven-plugin configuration.
- Implement the following extension points:
- Declare the RulesDefinition as an extension in the Plugin extension point.
- Create a class that will hold the implementation of the rule, it should:
- define the rule name, key, tags, etc. with Java annotations.
- declare this class in the
A sample plugin can be found here: python-custom-rules to help you get started.
To explore a part of the AST, override a method from
PythonVisitorCheck. For example, if you want to explore "if statement" nodes, override the
visitIfStatement method that will be called each time an ifStatement node is encountered in the AST.
When overriding a visit method, you must call the super method in order to allow the visitor to visit the children of the node.
To explore a part of the AST, override
PythonSubscriptionCheck#initialize and call
SubscriptionCheck.Context#registerSyntaxNodeConsumer with the
Tree#Kind of node you want to visit. For example, if you want to explore "if statement", you should register to the kind
Tree#Kind#IF_STATEMENT and then provide a lambda that will consume a
SubscriptionContext to act on such nodes.
You can use the
PythonCheckVerifier#verify method to test custom checks. Don't forget to add the testkit dependency to access this class from your project:
You should end each line having an issue with a comment in the following form:
Comment syntax is described here.
- Importing external issues (Pylint, Bandit, Flake8)
- Test coverage and execution (the Coverage tool provided by Ned Batchelder, Nose, pytest)
Check the issue tracker for this language.
© 2008-2023, SonarSource S.A, Switzerland. Except where otherwise noted, content in this space is licensed under a Creative Commons Attribution-NonCommercial 3.0 United States License. SONARQUBE is a trademark of SonarSource SA. All other trademarks and copyrights are the property of their respective owners.