On this page

Supported versionsLanguage-specific propertiesHandling project Python versionCustom rulesRelated PagesIssue tracker

Python

Supported versions

  • Python 3.x
  • Python 2.x

Language-specific properties

Discover and update the Python-specific properties in Administration > General Settings > Languages > Python.

Handling project Python version

Python code is analyzed by default as compatible with python 2 and python 3. Some issues will be automatically silenced to avoid raising False Positives. In order to get a more precise analysis you can specify the Python versions your code supports via the sonar.python.version parameter.

The accepted format is a comma-separated list of versions having the format "X.Y"

Examples:

  • sonar.python.version=2.7
  • sonar.python.version=3.8
  • sonar.python.version=2.7, 3.7, 3.8, 3.9

Custom rules

Overview

The Python analyzer parses the source code, creates an abstract syntax tree (AST), and then walks through the entire tree. A coding rule is a visitor that is able to visit nodes from this AST.

As soon as the coding rule visits a node, it can navigate its children and log issues if necessary.

Writing a plugin

Custom rules for Python can be added by writing a SonarQube Plugin and using Python analyzer APIs. Here are the steps to follow:

Create a SonarQube plugin

Implement a rule

  • Create a class that will hold the implementation of the rule, it should:
    • extend PythonCheckTree or PythonSubscriptionCheck.
    • define the rule name, key, tags, etc. with Java annotations.
  • declare this class in the RulesDefinition.

Example plugin

To get started a sample plugin can be found here: python-custom-rules.

Implementation details

Using PythonCheckTree

To explore a part of the AST, override a method from the PythonCheckTree. For example, if you want to explore "if statement" nodes, override PythonCheckTree#visitIfStatement method that will be called each time an ifStatement node is encountered in the AST.

Using PythonSubscriptionCheck

To explore a part of the AST, override PythonSubscriptionCheck#initialize and call the SubscriptionCheck.Context#registerSyntaxNodeConsumer with the Tree#Kind of node you want to visit. For example, if you want to explore "if statement" you should register to the kind Tree#Kind#IF_STATEMENT and then provide a lambda that will consume a SubscriptionContext to act on such ndoes.

Create issues

From the check, issue can be created by calling SubscriptionContext#addIssue method or PythonCheckTree#addIssue method.

Testing checks

To test custom checks you can use method PythonCheckVerifier#verify. Don't forget to add the testkit dependency to access this class from your project :

  <dependency>
      <groupId>org.sonarsource.python</groupId>
      <artifactId>python-checks-testkit</artifactId>
      <version>${project.version}</version>
      <scope>test</scope>
  </dependency>

You should end each line having an issue with a comment in the following form:

# Noncompliant {{Message}}

Comment syntax is described here.

Issue tracker

Check the issue tracker for this language.

© 2008-2022, SonarSource S.A, Switzerland. Except where otherwise noted, content in this space is licensed under a Creative Commons Attribution-NonCommercial 3.0 United States License. SONARQUBE is a trademark of SonarSource SA. All other trademarks and copyrights are the property of their respective owners.

Creative Commons License