-
Notifications
You must be signed in to change notification settings - Fork 130
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Need updated version to use with Sonarqube 6.0 #21
Comments
Not surprised it doesn't work in 6 considering it just came out and there are many things being refactored. Try using the plugin in the latest LTS release, currently 5.6.1. It should work flawlessly. I'll need to investigate why the plugin doesn't work in 6 and wait for 6.1 or 6.2 to be released why we're waiting for things to stabilize. Same thing happened with the jump to 5. I'm sure other plugin authors are facing similar issues as well. |
Hello, Thanks! |
SonarSource is in the middle of major refactoring which is typical of their non-LTS releases. The dashboard functionality has been removed from Sonar but it's replacement has not yet been implemented. So there's nothing we can do at the moment and every plugin that utilizes custom widgets is affected, not just this project. As soon as an 6.x LTS release is available, we'l publish a version of the plugin compatible with that branch. But for the time being, things are changing too much and 6.x doesn't have the necessary functionality to support this and many other plugins. |
Hey Steve, thanks for responding! I understand that you only want to target LTS-Versions since SonarSource is still refactoring like crazy. Still, the 6.x version has a lot to offer, so I ported the plugin to the new version until you get to do the "official" update :-) I did send you a pull request with the required changes, but fully understand if you won't merge it, since there are a lot of changes in there - the plugin hasn't been touched for a while and sonar requires lot's of minor changes to even get the build back up running with the latest sonarsource-parent. I tested this with sonarqube 6.2. If anyone else want's to give it a try, here is a binary: |
Thanks for providing a 1.1.0-SNAPSHOT. Tried to fix it myself for sonarqube 6.1, pethers@d9f52db but didn't get any report. Will test https://github.com/gtudan/dependency-check-sonar-plugin/releases/download/1.1.0/sonar-dependency-check-plugin-1.1.0-SNAPSHOT.jar with Sonarqube 6.1 . |
@gtudan Thanks for the PR. SQ 6.3 is suppose to contain the replacement for customer dashboards and widgets, so the PR comes at a good time considering 6.3 is nearly complete. I will likely not merge it into master but rather a dev branch which will be unstable until 6.x LTS is released. Although I have not tried the RC versions of 6.3, the way it was described seems to be highly disappointing since the metrics will now be on their own page completely independent from aggregate data. Hopefully I'm wrong. We shall see. |
@gtutan your snapshot worked on sonarqube 6.1 , runs on https://www.hack23.com/sonar/ . |
@pethers Great, nice to see it's working! @stevespringett yeah, I followed the discussion there. Custom dashboards seem to be very important for many of the sonar users and it's a shame Sonarsource just dropped them without any replacement in sight. I'm not sure what they have in mind for 6.3 but the announcement doesn't sound like it's going to be a drop in replacement. That said, I don't think this is a dealbreaker for the dependency-check-plugin. I'm quiet fine with the plugin just creating the issues. The measures are still there and it's pretty easy to incorporate them in a 3rd party dashboard like dashing through the API. |
Closing issue. A binary version of the plugin compatible with 6.3 and higher will be pushed out in the next day or two. |
I am trying to use this plugin in Sonhrqube 6.0 which uses the new API org.sonarsource.sonarqube
sonar-plugin-api
6.0
and the new builder
org.sonarsource.sonar-packaging-maven-plugin sonar-packaging-maven-plugin 1.17 true com.mycompany.sonar.reference.ExamplePluginEverything has changed so much that I don't really know where to start. I tried installing it as is but, I see no results or errors in the logs. I am running the Dependency check from Maven inside of Bamboo which produces the correct xml file, in the target folder. The problem seems to be in the sonar application. I installed the jar file in sonar/extensions/plugins and then modified sonar/conf/sonar.properties file to include the sonar.dependencyCheck.reportPath={direct path to xml file} with no results. I concluded that it must be a version problem.
The text was updated successfully, but these errors were encountered: