Skip to content
Report static code analysis to Bitbucket Server
Java Shell
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
gradle/wrapper
src/main/java/se/bjurr/violations/main
.gitignore
.travis.yml
CHANGELOG.md
ISSUE_TEMPLATE
LICENSE
README.md
bitbucket-server-comment.png
build.gradle
gradle.properties
gradlew
gradlew.bat
package.json.orig
publish-npm.sh
release.sh

README.md

Violation Comments To Bitbucket Server Command Line

Build Status Bintray NPM

Report static code analysis to Bitbucket Server. It uses the Violations Lib.

Bitbucket Server Comment

The runnable can be found in NPM.

Run it with:

npx violation-comments-to-bitbucket-server-command-line \
 -pat TOKENHERE \
 -pk PROJECT_KEY \
 -rs REPO_SLUT \
 -prid 1234 \
 -v "CHECKSTYLE" "." ".*checkstyle/main\.xml$" "Checkstyle" \
 -v "JSHINT" "." ".*jshint/report\.xml$" "JSHint"

You must perform the merge before build. If you don't perform the merge, the reported violations will refer to other lines then those in the pull request. The merge can be done with a shell script like this.

echo ---
echo --- Merging from $FROM in $FROMREPO to $TO in $TOREPO
echo ---
git clone $TOREPO
cd *
git reset --hard $TO
git status
git remote add from $FROMREPO
git fetch from
git merge $FROM
git --no-pager log --max-count=10 --graph --abbrev-commit

Your build command here!

Example of supported reports are available here.

A number of parsers have been implemented. Some parsers can parse output from several reporters.

Reporter Parser Notes
ARM-GCC CLANG
AndroidLint ANDROIDLINT
AnsibleLint FLAKE8 With -p
Bandit CLANG With bandit -r examples/ -f custom -o bandit.out --msg-template "{abspath}:{line}: {severity}: {test_id}: {msg}"
CLang CLANG
CPD CPD
CPPCheck CPPCHECK
CPPLint CPPLINT
CSSLint CSSLINT
Checkstyle CHECKSTYLE
CodeNarc CODENARC
Detekt CHECKSTYLE With --output-format xml.
DocFX DOCFX
Doxygen CLANG
ERB CLANG With erb -P -x -T '-' "${it}" | ruby -c 2>&1 >/dev/null | grep '^-' | sed -E 's/^-([a-zA-Z0-9:]+)/${filename}\1 ERROR:/p' > erbfiles.out.
ESLint CHECKSTYLE With format: 'checkstyle'.
Findbugs FINDBUGS
Flake8 FLAKE8
FxCop FXCOP
GCC CLANG
Gendarme GENDARME
GoLint GOLINT
GoVet GOLINT Same format as GoLint.
GolangCI-Lint CHECKSTYLE With --out-format=checkstyle.
GoogleErrorProne GOOGLEERRORPRONE
IAR IAR With --no_wrap_diagnostics
Infer PMD Facebook Infer. With --pmd-xml.
JCReport JCREPORT
JSHint JSLINT With --reporter=jslint or the CHECKSTYLE parser with --reporter=checkstyle
JUnit JUNIT
KTLint CHECKSTYLE
Klocwork KLOCWORK
KotlinGradle KOTLINGRADLE Output from Kotlin Gradle Plugin.
KotlinMaven KOTLINMAVEN Output from Kotlin Maven Plugin.
Lint LINT A common XML format, used by different linters.
MSCpp MSCPP
Mccabe FLAKE8
MyPy MYPY
NullAway GOOGLEERRORPRONE Same format as Google Error Prone.
PCLint PCLINT PC-Lint using the same output format as the Jenkins warnings plugin, details here
PHPCS CHECKSTYLE With phpcs api.php --report=checkstyle.
PHPPMD PMD With phpmd api.php xml ruleset.xml.
PMD PMD
Pep8 FLAKE8
PerlCritic PERLCRITIC
PiTest PITEST
Puppet-Lint CLANG With -log-format %{fullpath}:%{line}:%{column}: %{kind}: %{message}
PyDocStyle PYDOCSTYLE
PyFlakes FLAKE8
PyLint PYLINT With pylint --output-format=parseable.
ReSharper RESHARPER
RubyCop CLANG With rubycop -f clang file.rb
SbtScalac SBTSCALAC
Scalastyle CHECKSTYLE
Simian SIMIAN
Sonar SONAR With mvn sonar:sonar -Dsonar.analysis.mode=preview -Dsonar.report.export.path=sonar-report.json. Removed in 7.7, see SONAR-11670.
Spotbugs FINDBUGS
StyleCop STYLECOP
SwiftLint CHECKSTYLE With --reporter checkstyle.
TSLint CHECKSTYLE With -t checkstyle
XMLLint XMLLINT
YAMLLint YAMLLINT With -f parsable
ZPTLint ZPTLINT

Missing a format? Open an issue here!

Usage

-comment-only-changed-content, -cocc <boolean>          <boolean>: true or false
                                                        Default: true
-comment-only-changed-content-context, -coccc <integer> <integer>: -2,147,483,648 to 2,147,483,647
                                                        Default: 5
-comment-only-changed-files, -cocf <boolean>            True if only changed 
                                                        files should be commented. 
                                                        False if all findings should 
                                                        be commented.
                                                        <boolean>: true or false
                                                        Default: true
-comment-template <string>                              https://github.
                                                        com/tomasbjerre/violation-comments-lib
                                                        <string>: any string
                                                        Default: 
-create-comment-with-all-single-file-comments, -        <boolean>: true or false
ccwasfc <boolean>                                       Default: false
-create-single-file-comments, -csfc <boolean>           <boolean>: true or false
                                                        Default: true
-create-single-file-comments-tasks, -csfct <boolean>    <boolean>: true or false
                                                        Default: false
-h, --help <argument-to-print-help-for>                 <argument-to-print-help-for>: an argument to print help for
                                                        Default: If no specific parameter is given the whole usage text is given
-keep-old-comments <boolean>                            <boolean>: true or false
                                                        Default: false
-max-number-of-violations, -max <integer>               <integer>: -2,147,483,648 to 2,147,483,647
                                                        Default: 2,147,483,647
-password <string>                                      <string>: any string
                                                        Default: 
-personal-access-token, -pat <string>                   <string>: any string
                                                        Default: 
-project-key, -pk <string>                              <string>: any string [Required]
-proxy-host <string>                                    <string>: any string
                                                        Default: 
-proxy-password <string>                                <string>: any string
                                                        Default: 
-proxy-port <integer>                                   <integer>: -2,147,483,648 to 2,147,483,647
                                                        Default: 0
-proxy-user <string>                                    <string>: any string
                                                        Default: 
-pull-request-id, -prid <integer>                       <integer>: -2,147,483,648 to 2,147,483,647 [Required]
-repo-slug, -rs <string>                                <string>: any string [Required]
-server-url, -url <string>                              <string>: any string [Required]
-severity, -s <SEVERITY>                                Minimum severity level 
                                                        to report.
                                                        <SEVERITY>: {INFO | WARN | ERROR}
                                                        Default: INFO
-show-debug-info                                        Please run your 
                                                        command with this parameter 
                                                        and supply output when 
                                                        reporting bugs.
                                                        Default: disabled
-username <string>                                      <string>: any string
                                                        Default: 
--violations, -v <string>                               The violations to look 
                                                        for. <PARSER> <FOLDER> 
                                                        <REGEXP PATTERN> <NAME> where 
                                                        PARSER is one of: 
                                                        ANDROIDLINT, CHECKSTYLE, CODENARC, 
                                                        CLANG, CPD, CPPCHECK, 
                                                        CPPLINT, CSSLINT, FINDBUGS, 
                                                        FLAKE8, FXCOP, GENDARME, IAR, 
                                                        JCREPORT, JSHINT, LINT, 
                                                        KLOCWORK, KOTLINMAVEN, 
                                                        KOTLINGRADLE, MSCPP, MYPY, GOLINT, 
                                                        GOOGLEERRORPRONE, PERLCRITIC, PITEST, 
                                                        PMD, PYDOCSTYLE, PYLINT, 
                                                        RESHARPER, SBTSCALAC, SIMIAN, 
                                                        SONAR, STYLECOP, XMLLINT, 
                                                        YAMLLINT, ZPTLINT, DOCFX, PCLINT
                                                        
                                                         Example: -v "JSHINT" 
                                                        "." ".*/jshint.xml$" 
                                                        "JSHint" [Supports Multiple occurrences]
                                                        <string>: any string
                                                        Default: Empty list

Checkout the Violations Lib for more documentation.

You can’t perform that action at this time.