Skip to end of metadata
Go to start of metadata

SSLR stands for SonarSource Language Recognizer. It is a lightweight Java library which provides everything required to analyse any piece of source code. Using SSLR, you can quickly create a lexer, a parser, and some AST visitors to implement quality rules or compute measures. This library is already used in SonarQube by the Java, JavaScript, COBOL, C#, Python, PL/SQL, C/C++, Flex, etc. plugins.

Source Code

Download: from maven central


Community forums: feel free to ask any question on the Community Forums

License: LGPLv3


Why yet another tool for language recognition? Why not reusing open source and well-know libraries like ANTLR or JavaCC? These are the first questions asked by any developer discovering SSLR. Of course this option was seriously studied and had big advantages but we decided to start from scratch for the following reasons:

  • The SonarQube team is addicted to TDD, and we think that existing tools don't fit well with TDD because they require some code generation, and they don't provide any simple, quick way to unit test all parts of a source code analyzer, such as parsing rules for instance. 
  • The SonarQube team is addicted to KISS, and we think a Java developer should be able to do anything from his or her favorite IDE.
  • We needed to analyse some legacy languages, like COBOL, which require some very specific lexing and preprocessing features. Implementing those features with existing tools would have required us to fully master those tools, and we didn't feel like we benefited from their black box approach.
  • In any case, the ultimate goal of SSLR is to provide a complete compiler front-end stack, which goes well beyond the parsing. Eventually, SSLR will provide the ability to fully implement:
    • Symbolic table (currently in beta)
    • Control flow graph
    • Data flow analysis
    • LLVM IR emitter

Relying on SSLR for parsing a language is not a requirement for a SonarQube plugin. Feel free to use any other parsing technology if it makes more sense in your case.


Here are the main features of SSLR :

  • Easy integration and use
    • Just add a dependency on a jar file (or several jars, according to what you want to use : lexer/parser, xpath, common rules, symbol table, ...)
    • No special step to add to the build process
    • No "untouchable" generated code
  • Everything in java
    • Definition of grammar and lexer directly in code, using Java
    • No break in IDE support (syntax highlighting, code navigation, refactoring, etc)
  • Mature and production ready
    • This technology is already used in production to analyse millions of COBOL, PL/SQL, Java, C, C#, ... lines of code
    • Awesome performance
  • Some common rules and basic metric computations available out-of-the-box
  • XPath library to query the AST
  • Toolkit to browse the AST of any source code and to evaluate XPath expressions on it

SSLR in Action

If you want to start working with SSLR, you must be familiar with the following standard concepts : Lexical Analysis, Parsing Expression Grammar and AST(Abstract Syntax Tree). From there you can take a look to the source code of the JavaScript (lexer/parser, rules) or Python (lexer/parser, rules) plugins to see how those languages are analysed with help of SSLR. 

SSLR also comes with a MiniC language which has been created to easily and simply test all SSLR features. This MiniC language can be a good starting point for a beginner to understand how to implement/define the different mandatory layers to analyse a language:


  • No labels