Drop deprecated RulesDefinitionXmlLoader (#550)

* deps: drop deprecated RulesDefinitionXmlLoader - RulesDefinitionXmlLoader is deprecated and will be dropped in SQ 10 - RulesDefinitionXmlLoader does not populate the OWASP categories and can't be extended (see #392) - Loading/unloading the plugins dynamically from jar files leads to file leaks because SpotBugs does not close the classloaders (solves #128) - The Groovy scripts seem to need some fixes to work with Groovy 4 * deps: removed usage of dependencies no longer provided The sonar-java-plugin is provided by the SonarQube server but not its transient dependencies - Removed usage of Guava - Replaced commons-lang usage by commons-lang3
spotbugs · May 26, 2022 · e1ab079 · e1ab079
1 parent a2c0eeb
commit e1ab079
Show file tree

Hide file tree

Showing 50 changed files with 989 additions and 836 deletions.
diff --git a/pom.xml b/pom.xml
@@ -84,19 +84,6 @@
  </exclusions>
  </dependency>
 
-
- <dependency>
- <groupId>org.sonarsource.sslr-squid-bridge</groupId>
- <artifactId>sslr-squid-bridge</artifactId>
- <version>2.7.0.377</version>
- <exclusions>
- <exclusion>
- <groupId>org.codehaus.sonar</groupId>
- <artifactId>sonar-plugin-api</artifactId>
- </exclusion>
- </exclusions>
- </dependency>
-
  <dependency>
  <groupId>org.slf4j</groupId>
  <artifactId>slf4j-api</artifactId>
@@ -114,14 +101,12 @@
  <groupId>com.mebigfatguy.sb-contrib</groupId>
  <artifactId>sb-contrib</artifactId>
  <version>${sbcontrib.version}</version>
- <scope>provided</scope>
  </dependency>
 
  <dependency>
  <groupId>com.h3xstream.findsecbugs</groupId>
  <artifactId>findsecbugs-plugin</artifactId>
  <version>${findsecbugs.version}</version>
- <scope>provided</scope>
  </dependency>
 
  <dependency>
@@ -189,6 +174,13 @@
  <scope>test</scope>
  </dependency>
 
+ <dependency>
+ <groupId>org.picocontainer</groupId>
+ <artifactId>picocontainer</artifactId>
+ <version>2.15</version>
+ <scope>test</scope>
+ </dependency>
+
  <dependency>
  <groupId>org.sonarsource.orchestrator</groupId>
  <artifactId>sonar-orchestrator</artifactId>
@@ -359,25 +351,6 @@
  </executions>
  </plugin>
 
-
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-dependency-plugin</artifactId>
- <executions>
- <execution>
- <id>copy-dependencies</id>
- <phase>process-resources</phase>
- <goals>
- <goal>copy-dependencies</goal>
- </goals>
- <configuration>
- <stripVersion>true</stripVersion>
- <outputDirectory>${project.build.outputDirectory}</outputDirectory>
- <includeArtifactIds>annotations,jsr305,sb-contrib,findsecbugs-plugin</includeArtifactIds>
- </configuration>
- </execution>
- </executions>
- </plugin>
  <plugin>
  <groupId>org.sonarsource.sonar-packaging-maven-plugin</groupId>
  <artifactId>sonar-packaging-maven-plugin</artifactId>

diff --git a/src/main/java/org/sonar/plugins/findbugs/FindbugsConfiguration.java b/src/main/java/org/sonar/plugins/findbugs/FindbugsConfiguration.java
@@ -19,19 +19,18 @@
  */
 package org.sonar.plugins.findbugs;
 
-import com.google.common.collect.ImmutableList;
-import com.google.common.collect.Lists;
 import com.thoughtworks.xstream.XStream;
 
 import edu.umd.cs.findbugs.ClassScreener;
 import edu.umd.cs.findbugs.Project;
 import java.io.File;
 import java.io.IOException;
-import java.io.InputStream;
 import java.io.StringWriter;
 import java.io.Writer;
 import java.nio.charset.StandardCharsets;
 import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collections;
 import java.util.LinkedList;
 import java.util.List;
 import java.util.Optional;
@@ -44,9 +43,8 @@
 import javax.annotation.Nullable;
 
 import org.apache.commons.io.FileUtils;
-import org.apache.commons.lang.StringUtils;
+import org.apache.commons.lang3.StringUtils;
 import org.sonar.api.PropertyType;
-import org.sonar.api.Startable;
 import org.sonar.api.batch.ScannerSide;
 import org.sonar.api.batch.fs.FilePredicates;
 import org.sonar.api.batch.fs.FileSystem;
@@ -71,7 +69,7 @@
 import static java.lang.String.format;
 
 @ScannerSide
-public class FindbugsConfiguration implements Startable {
+public class FindbugsConfiguration {
 
  private static final Logger LOG = Loggers.get(FindbugsConfiguration.class);
  private static final Pattern JSP_FILE_NAME_PATTERN = Pattern.compile(".*_jsp[\\$0-9]*\\.class");
@@ -125,12 +123,6 @@ public void initializeFindbugsProject(Project findbugsProject) throws IOExceptio
  }
  }
 
- copyLibs();
- if (annotationsLib != null) {
- // Findbugs dependencies are packaged by Maven. They are not available during execution of unit tests.
- findbugsProject.addAuxClasspathEntry(annotationsLib.getCanonicalPath());
- findbugsProject.addAuxClasspathEntry(jsr305Lib.getCanonicalPath());
- }
  findbugsProject.setCurrentWorkingDirectory(fileSystem.workDir());
  }
 
@@ -338,7 +330,7 @@ public static List<File> scanForAdditionalClasses(File folder, Predicate<File> f
  }
 
  List<File> getExcludesFilters() {
- List<File> result = Lists.newArrayList();
+ List<File> result = new ArrayList<>();
  PathResolver pathResolver = new PathResolver();
  String[] filters = config.getStringArray(FindbugsConstants.EXCLUDES_FILTERS_PROPERTY);
  for (String excludesFilterPath : filters) {
@@ -370,75 +362,9 @@ public boolean isAllowUncompiledCode() {
  return config.getBoolean(FindbugsConstants.ALLOW_UNCOMPILED_CODE).orElse(FindbugsConstants.ALLOW_UNCOMPILED_CODE_VALUE);
  }
 
- private File jsr305Lib;
- private File annotationsLib;
- private File fbContrib;
- private File findSecBugs;
-
- public void copyLibs() {
- if (jsr305Lib == null) {
- jsr305Lib = copyLib("/jsr305.jar");
- }
- if (annotationsLib == null) {
- annotationsLib = copyLib("/annotations.jar");
- }
- if (fbContrib == null) {
- fbContrib = copyLib("/sb-contrib.jar");
- }
- if (findSecBugs == null) {
- findSecBugs = copyLib("/findsecbugs-plugin.jar");
- }
- }
-
- @Override
- public void start() {
- // do nothing
- }
-
- /**
- * Invoked by PicoContainer to remove temporary files.
- */
- @SuppressWarnings("RV_RETURN_VALUE_IGNORED_BAD_PRACTICE")
- @Override
- public void stop() {
- if (jsr305Lib != null) {
- jsr305Lib.delete();
- }
- if (annotationsLib != null) {
- annotationsLib.delete();
- }
- if (fbContrib != null) {
- fbContrib.delete();
- }
-
- if (findSecBugs != null) {
- findSecBugs.delete();
- }
- }
-
- private File copyLib(String name) {
- try (InputStream input = getClass().getResourceAsStream(name)) {
- File dir = new File(fileSystem.workDir(), "findbugs");
- FileUtils.forceMkdir(dir);
- File target = new File(dir, name);
- FileUtils.copyInputStreamToFile(input, target);
- return target;
- } catch (IOException e) {
- throw new IllegalStateException("Fail to extract Findbugs dependency", e);
- }
- }
-
- public File getFbContribJar() {
- return fbContrib;
- }
-
- public File getFindSecBugsJar() {
- return findSecBugs;
- }
-
  public static List<PropertyDefinition> getPropertyDefinitions() {
  String subCategory = "FindBugs";
- return ImmutableList.of(
+ return Collections.unmodifiableList(Arrays.asList(
  PropertyDefinition.builder(FindbugsConstants.EFFORT_PROPERTY)
  .defaultValue(FindbugsConstants.EFFORT_DEFAULT_VALUE)
  .category(Java.KEY)
@@ -500,7 +426,7 @@ public static List<PropertyDefinition> getPropertyDefinitions() {
  .description("To analyze only the given files (in FQCN, comma separted) / package patterns")
  .type(PropertyType.STRING)
  .build() 
- );
+ ));
  }
 
 }