SonarSource · guillaume-dequenne · Jul 16, 2020 · Jul 15, 2020
diff --git a/...ugin/it-python-plugin-test/src/test/java/com/sonar/python/it/plugin/BanditReportTest.java b/...ugin/it-python-plugin-test/src/test/java/com/sonar/python/it/plugin/BanditReportTest.java
@@ -50,19 +50,14 @@ public void import_report() {
         .setProjectDir(new File("projects/bandit_project")));
 
     List<Issues.Issue> issues = issues();
-    boolean externalIssuesSupported = ORCHESTRATOR.getServer().version().isGreaterThanOrEquals(7, 2);
-    if (externalIssuesSupported) {
-      assertThat(issues).hasSize(1);
-      Issues.Issue issue = issues.get(0);
-      assertThat(issue.getComponent()).isEqualTo("bandit_project:src/file1.py");
-      assertThat(issue.getRule()).isEqualTo("external_bandit:B107");
-      assertThat(issue.getMessage()).isEqualTo("Possible hardcoded password: 'secret'");
-      assertThat(issue.getType()).isEqualTo(Common.RuleType.VULNERABILITY);
-      assertThat(issue.getSeverity()).isEqualTo(Common.Severity.MINOR);
-      assertThat(issue.getEffort()).isEqualTo("5min");
-    } else {
-      assertThat(issues).hasSize(0);
-    }
+    assertThat(issues).hasSize(1);
+    Issues.Issue issue = issues.get(0);
+    assertThat(issue.getComponent()).isEqualTo("bandit_project:src/file1.py");
+    assertThat(issue.getRule()).isEqualTo("external_bandit:B107");
+    assertThat(issue.getMessage()).isEqualTo("Possible hardcoded password: 'secret'");
+    assertThat(issue.getType()).isEqualTo(Common.RuleType.VULNERABILITY);
+    assertThat(issue.getSeverity()).isEqualTo(Common.Severity.MINOR);
+    assertThat(issue.getEffort()).isEqualTo("5min");
   }
 
   private static List<Issues.Issue> issues() {

diff --git a/sonar-python-plugin/src/main/java/org/sonar/plugins/python/PythonPlugin.java b/sonar-python-plugin/src/main/java/org/sonar/plugins/python/PythonPlugin.java
@@ -25,7 +25,6 @@
 import org.sonar.api.SonarRuntime;
 import org.sonar.api.config.PropertyDefinition;
 import org.sonar.api.resources.Qualifiers;
-import org.sonar.api.utils.Version;
 import org.sonar.plugins.python.bandit.BanditRulesDefinition;
 import org.sonar.plugins.python.bandit.BanditSensor;
 import org.sonar.plugins.python.coverage.PythonCoverageSensor;
@@ -44,7 +43,6 @@ public class PythonPlugin implements Plugin {
   private static final String GENERAL = "General";
   private static final String TEST_AND_COVERAGE = "Tests and Coverage";
   private static final String EXTERNAL_ANALYZERS_CATEGORY = "External Analyzers";
-  private static final String PYLINT = "Pylint";
   private static final String DEPRECATED_PREFIX = "DEPRECATED : Use " + PythonCoverageSensor.REPORT_PATHS_KEY + " instead. ";
 
   public static final String FILE_SUFFIXES_KEY = "sonar.python.file.suffixes";
@@ -135,20 +133,16 @@ private static void addXUnitExtensions(Context context) {
   }
 
   private static void addBanditExtensions(Context context) {
-    context.addExtension(BanditSensor.class);
-    boolean externalIssuesSupported = context.getSonarQubeVersion().isGreaterThanOrEqual(Version.create(7, 2));
-    if (externalIssuesSupported) {
-      context.addExtensions(
-        PropertyDefinition.builder(BanditSensor.REPORT_PATH_KEY)
-          .name("Bandit Report Files")
-          .description("Paths (absolute or relative) to json files with Bandit issues.")
-          .category(EXTERNAL_ANALYZERS_CATEGORY)
-          .subCategory(PYTHON_CATEGORY)
-          .onQualifiers(Qualifiers.PROJECT)
-          .multiValues(true)
-          .build(),
-        BanditRulesDefinition.class);
-    }
+    context.addExtensions(BanditSensor.class,
+      PropertyDefinition.builder(BanditSensor.REPORT_PATH_KEY)
+        .name("Bandit Report Files")
+        .description("Paths (absolute or relative) to json files with Bandit issues.")
+        .category(EXTERNAL_ANALYZERS_CATEGORY)
+        .subCategory(PYTHON_CATEGORY)
+        .onQualifiers(Qualifiers.PROJECT)
+        .multiValues(true)
+        .build(),
+      BanditRulesDefinition.class);
   }
 
   private static void addPylintExtensions(Context context) {

diff --git a/sonar-python-plugin/src/main/java/org/sonar/plugins/python/bandit/BanditSensor.java b/sonar-python-plugin/src/main/java/org/sonar/plugins/python/bandit/BanditSensor.java
@@ -55,12 +55,11 @@ public class BanditSensor extends ExternalIssuesSensor {
   protected void importReport(File reportPath, SensorContext context, Set<String> unresolvedInputFiles) throws IOException, ParseException {
     InputStream in = new FileInputStream(reportPath);
     LOG.info("Importing {}", reportPath);
-    boolean engineIdIsSupported = context.getSonarQubeVersion().isGreaterThanOrEqual(Version.create(7, 4));
-    BanditJsonReportReader.read(in, issue -> saveIssue(context, issue, unresolvedInputFiles, engineIdIsSupported));
+    BanditJsonReportReader.read(in, issue -> saveIssue(context, issue, unresolvedInputFiles));
   }
 
 
-  private static void saveIssue(SensorContext context, Issue issue, Set<String> unresolvedInputFiles, boolean engineIdIsSupported) {
+  private static void saveIssue(SensorContext context, Issue issue, Set<String> unresolvedInputFiles) {
     if (isEmpty(issue.ruleKey) || isEmpty(issue.filePath) || isEmpty(issue.message)) {
       LOG.debug("Missing information for ruleKey:'{}', filePath:'{}', message:'{}'", issue.ruleKey, issue.filePath, issue.message);
       return;
@@ -87,15 +86,8 @@ private static void saveIssue(SensorContext context, Issue issue, Set<String> un
     }
 
     newExternalIssue.at(primaryLocation);
-
-    if (engineIdIsSupported) {
-      newExternalIssue.engineId(LINTER_KEY).ruleId(issue.ruleKey);
-    } else {
-      // Call the deprecated "forRule" method to support SQ 7.2
-      newExternalIssue.forRule(RuleKey.of(LINTER_KEY, issue.ruleKey));
-    }
-
-    newExternalIssue.save();
+    newExternalIssue.engineId(LINTER_KEY);
+    newExternalIssue.ruleId(issue.ruleKey).save();
   }
 
   private static Severity toSonarQubeSeverity(String severity, String confidence) {