This sections describes all SonarQube rules provided by this plugin.
The following image illustrates the devonfw architecture rules. The arrows show the allowed dependencies in green, discouraged dependencies in orange and forbidden dependencies in red.
Within the same component you are always allowed to call code from the same layer and scope as well as the API from the next layer below. Discouraged and forbidden dependencies are always implemented by its own SonarQube rule. This gives you absolute flexibility to customize the severity of such architecture violation. These dependencies have a white circle with a unique label. For each label we link the according rule to give you transparency and help you customizing.
The following component rules will rely on the architecture.json
configuration described above.
Additionally, there is a generic rule that checks the devonfw packaging conventions:
Further, there are rules checking the proper usage of third-party library code:
With our 3.2.0 release, we added rules checking for adherence to our naming convention rules:
-
N8. unused/deleted
As of version 3.2.1, we have started adding security-related rules to our plugin: