GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → stepstone-tech → sonar-coldfusion

stepstone-tech / sonar-coldfusion

Licence: Apache-2.0 license
SonarQube ColdFusion Analyzer

Programming Languages

java
68154 projects - #9 most used programming language
ColdFusion
112 projects

Labels

static-code-analysiscoldfusionsonarqube-plugin

Projects that are alternatives of or similar to sonar-coldfusion

Cflint
Static code analysis for CFML (a linter)
Stars: ✭ 156 (+524%)
Mutual labels:  static-code-analysis, coldfusion
sonar-puppet
SonarQube plugin for Puppet code.
Stars: ✭ 27 (+8%)
Mutual labels:  sonarqube-plugin
Vue Eslint Parser
The ESLint custom parser for `.vue` files.
Stars: ✭ 238 (+852%)
Mutual labels:  static-code-analysis
duplex
Duplicate code finder for Elixir
Stars: ✭ 20 (-20%)
Mutual labels:  static-code-analysis
Dg
[LLVM Static Slicer] Various program analyses, construction of dependence graphs and program slicing of LLVM bitcode.
Stars: ✭ 242 (+868%)
Mutual labels:  static-code-analysis
bolthttp
A HTTP Client for CFML
Stars: ✭ 28 (+12%)
Mutual labels:  coldfusion
Progpilot
A static analysis tool for security
Stars: ✭ 226 (+804%)
Mutual labels:  static-code-analysis
fiasko bro
Yet another static python code validator
Stars: ✭ 27 (+8%)
Mutual labels:  static-code-analysis
messaging-polyglot
RabbitMQ Messaging Polyglot with Java, ColdFusion, CommandBox, Groovy and more
Stars: ✭ 18 (-28%)
Mutual labels:  coldfusion
tryceratops
A linter to prevent exception handling antipatterns in Python (limited only for those who like dinosaurs).
Stars: ✭ 381 (+1424%)
Mutual labels:  static-code-analysis
memcheck-cover
An HTML generator for Valgrind's Memcheck tool
Stars: ✭ 30 (+20%)
Mutual labels:  static-code-analysis
Warnings Ng Plugin
Jenkins Warnings Plugin - Next Generation
Stars: ✭ 248 (+892%)
Mutual labels:  static-code-analysis
healthier
🧘‍♀️ Healthier is an opinionated style agnostic code linter – a friendly companion to Prettier
Stars: ✭ 78 (+212%)
Mutual labels:  static-code-analysis
Eslint Plugin Markdown
Lint JavaScript code blocks in Markdown documents
Stars: ✭ 242 (+868%)
Mutual labels:  static-code-analysis
cf-mailchimp
ColdFusion wrapper for the MailChimp 3.0 API
Stars: ✭ 17 (-32%)
Mutual labels:  coldfusion
Revive
🔥 ~6x faster, stricter, configurable, extensible, and beautiful drop-in replacement for golint
Stars: ✭ 3,139 (+12456%)
Mutual labels:  static-code-analysis
cmd-call-graph
A simple tool to generate a call graph for calls within Windows CMD (batch) files.
Stars: ✭ 37 (+48%)
Mutual labels:  static-code-analysis
coldfusion-10-11-xss
Proof of Concept code for CVE-2015-0345 (APSB15-07)
Stars: ✭ 22 (-12%)
Mutual labels:  coldfusion
stm app
This software engineer profile builder turns your code into a detailed list of skills for an online directory of software developers.
Stars: ✭ 23 (-8%)
Mutual labels:  static-code-analysis
lints
Lint all your JavaScript, CSS, HTML, Markdown and Dockerfiles with a single command
Stars: ✭ 14 (-44%)
Mutual labels:  static-code-analysis
View All Similar Projects ➔

SonarQube ColdFusion Plugin

CI Quality Gate Status Coverage

A SonarQube plugin for analyzing ColdFusion code, based on the CFLint library.

Installation

  1. Download the JAR file from the releases section or build it yourself by cloning the code and running mvn install.
  2. Copy sonar-coldfusion-plugin-{version}.jar to <sonarqube dir>/extensions/plugins.
  3. Restart SonarQube.

Compatibility

SonarQube Version Plugin Version
9.0 - 9.1 2.2.0
7.6 - 8.9 2.1.1
5.6 - 7.5 1.5.0

Running

Follow the instructions for analyzing code with SonarQube Scanner. The ColdFusion plugin will automatically discover and analyze .cfc and .cfm files.

Parameters tuning

If you encounter log output indicating, that the Compute Engine of SonarQube has insufficient memory, similar to:

2016.06.22 16:17:43 INFO  ce[o.s.s.c.t.CeWorkerCallableImpl] Execute task | project=ApplyNowModule | type=REPORT | id=AVV4eUIgcn4uboqEX1C3
java.lang.OutOfMemoryError: GC overhead limit exceeded
Dumping heap to java_pid8400.hprof ...
Heap dump file created [565019912 bytes in 6.373 secs]

you'll need to increase heap memory on the server, in <sonarqube dir>/conf/sonar.properties:

sonar.ce.javaOpts=-Xmx2g -Xms128m -XX:+HeapDumpOnOutOfMemoryError

2GB might be enough, or perhaps your code base warrants more.

Building

Run Maven goal

mvn clean package

Releasing

Setup Maven settings.xml with

  <servers>
    <server>
        <id>github</id>
        <privateKey>yourprivatekey</privateKey>
    </server>
  </servers>

Run Maven goal

mvn clean package de.jutzig:github-release-plugin:1.3.0:release

This will build the plugin jar file, create a release and a tag on github and upload the artifact to the repo.

Contributors

Many thanks for the people, who created or improved this project:

  • Tomek Stec
  • Michał Paluchowski
  • Nicolas Bihan
  • Gareth Edwards

License

Copyright 2016-2019 StepStone GmbH and contributors

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].