SonarQube plugin for supporting Android Lint

• Integrates Android Lint for static code analysis
• Up to date rules (1 vulnerability, 88 bugs, 224 code smells - 313 in total)
• Supports SonarQube 6.7.7 and up

• Add support of custom lint checks
• Implement sensor that runs Android Lint analysis on its own (not just parsing lint-results.xml file)

To specify Android Lint report file you can use sonar.android.lint.reportPaths property. It's comma-delimited list of paths to AndroidLint reports.

For example, in the project configuration

sonarqube {
    properties {
        property "sonar.android.lint.reportPaths", "build/reports/lint-results.xml"
    }
}

or SonarQube's project settings

Get the latest version from the Releases Page. Put the jar to $SONAR_HOME/extensions/plugins folder. Restart SonarQube.

Or build plugin by yourself

• git clone https://github.com/jvilya/sonar-android-plugin
• cd sonar-android-plugin
• mvn package
• cp target/sonar-android-lint-[enter_version].jar $SONAR_HOME/extensions/plugins
• cd $SONAR_HOME/bin/[your_os]
• ./sonar.sh restart

There are several similar projects.

One of them is Android Lint Plugin. But it's too old - the last commit was more than 4 years ago. Also, it doesn't support a lot of new rules provided by Android Lint.

Another one is SLang with Kotlin Plugin. It allows you to import Android Lint issues as external. You can read more about this type of issues here - Importing Third-Party Issues.

The support of external issues looks nice if you are ok with its limitations:

• you can't manage them within SonarQube; for instance, there is no ability to mark them False Positive.
• you can't manage the activation of the rules that raise these issues within SonarQube. External rules aren't visible on the Rules page or reflected in Quality Profiles.
• external issues and the rules that raise them must be managed in the configuration of your linter.

As a result, this plugin was developed for providing the native SonarQube's experience to work with Android Lint issues.