Add Go analyzer and generic secrets and Bidi detection

Author: necto

Eask

@@ -3,7 +3,7 @@
          "Emacs SonarLint lsp client")
 
 (website-url "https://github.com/emacs-lsp/lsp-sonarlint")
-(keywords "languages" "tools" "php" "javascript" "xml" "html" "java" "python")
+(keywords "languages" "tools" "php" "javascript" "typescript" "go" "xml" "html" "java" "python")
 
 (package-file "lsp-sonarlint.el")
 

README.md

@@ -8,7 +8,7 @@ SonarLint™ is a free IDE extension that lets you fix coding issues before they
 
 Like a spell checker,it highlights Bugs and Security Vulnerabilities as you write code, with clear remediation guidance so you can fix them before the code is even committed. 
 
-In Emacs supports analysis of JavaScript, TypeScript, Python, Java, HTML, PHP, and XML out of the box!
+In Emacs supports analysis of JavaScript, TypeScript, Python, Java, HTML, PHP, Go, and XML out of the box!
 
 :warning: This is not an official [SonarSource](https://www.sonarsource.com/) extension
 
@@ -97,6 +97,8 @@ Out of the box, SonarLint automatically checks your code against the following r
 - [HTML rules](https://rules.sonarsource.com/html)
 - [PHP rules](https://rules.sonarsource.com/php)
 - [XML rules](https://rules.sonarsource.com/xml)
+- [Go rules](https://rules.sonarsource.com/go)
+- [Bidi (bidirectional unicode characters)](https://rules.sonarsource.com/text/) + [Secrets](https://rules.sonarsource.com/secrets/)
 
 ## Supported settings
 

fixtures/sample.go

@@ -0,0 +1,7 @@
+package main
+
+import "fmt"
+// TODO: to be done, really
+func main() {
+    fmt.Println("Hello, World!")
+}

fixtures/secrets.java

@@ -0,0 +1,5 @@
+public class S6290 {
+  public static final String KEY = "AKIAIGKECZXA7AEIJLMQ";
+  public static final String AWS_SESSION_TOKEN = "IQoJb3JpZ2luX2VjEKL//////////wEaDGV1LWNlbnRyYWwtMSJHMEUCIQDFlDUEvUa6slxlkKKn8zbLkN/j1f7lKJdXJ03PQ5T5ZwIgDYlshciO8nyfnmjUfFy4I2+rEuPHBexsvfBo3MlCdgQqugMISxAAGgw4NTk4OTY2NzUzMDYiDFKPV7D/QmnqFWRYpiqXAypJf6TksPZXImVpIUU0Yj0uJhNN0o/HcO8hfQ4BXuCvpm1DOiVsH6VXMxgNdpGTWr8CjNpEt/eYwSk6MAVPOtjg5+lY2qoGJrUuxwhiKe+BquVM17h0giZ18h1B4ozDGkfxA/vGSJa/qBznF0yEpLE+fJoesGe4ZpATs8oUN94/XkrL/eYzXsW3ZD1ZX66QzmSFHhgTJc24d9bezGjR32fEJD/dBm9La+7wpc4+jrXCmt6yxHox0gCuGrSagcJfPh9pVYneM81fnD/S7Kicb1Pw8MiChfqW0hao1twr4wMgp9N3JlYQNK3fZKbMU/qlvoKTz8D0Joa4elSp4rU4reVUsujCXVE95PDyj4LD3IDXHF5SAd/23/M/IucMRyeWlRE4pCtry68ENpojXr0tdyyVs8XSkgCGgup/BqDTkBnEBD+V5hOIrHJv5rJ6KpaxEZG0ozUJdaUpCseSSKK4Jn7liqVqF5EzOOXelqTAACcJmILKQHqke8n3imNs72oi8tu1N+oqbFp60K9whtLDm0JZSavpmRDkMODb8/4FOusBHFYZCuxMUmotN9Dkzp4InT7kJdKZ/kr61SMhU4hj7vTdjhcRHItO2P+jR7+38kQLDR4O1HR1XkHzLMwDvDwZULeOl6afS1ZpbO8XpePHaaLnEqJeZ8BpnfwBEiylK3HGzGAP7WcAgFlMO9AEqoGnnbUBFcL+IYnZ3JFPy0sGsrH4cOC8Gxy2icQKrGpdIyMqGjb2hZsSc1S4njGpK0AlCEKrAjzpr6SzPSwLnFtAJpztHbgb9Z7D2jdsjugQYdFwi6/9GKOI/slKqt5/vb7dLnSyeAY+jTaoveUZf6D5yM8PCKrvw5/k+A1XJw==";
+  public static final String AWS_SECRET_ACCESS_KEY = "kHeUAwnSUizTWpSbyGAz4f+As5LshPIjvtpswqGb";
+}

languages/go/lsp-sonarlint-go.el

@@ -0,0 +1,60 @@
+;;; lsp-sonarlint-go.el --- lsp-sonarlint Go module             -*- lexical-binding: t; -*-
+
+;; Copyright (C) 2020  Fermin Munoz
+;; URL: https://gitlab.com/sasanidas/lsp-sonarlint
+;; Keywords: languages
+
+;; This program is free software; you can redistribute it and/or modify
+;; it under the terms of the GNU General Public License as published by
+;; the Free Software Foundation, either version 3 of the License, or
+;; (at your option) any later version.
+
+;; This program is distributed in the hope that it will be useful,
+;; but WITHOUT ANY WARRANTY; without even the implied warranty of
+;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+;; GNU General Public License for more details.
+
+;; You should have received a copy of the GNU General Public License
+;; along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+;;; Commentary:
+;; Specific configuration for the SonarLint Go plugin.
+
+;; This is NOT and official SonarLint extension.
+
+
+;;; Code:
+
+(defgroup lsp-sonarlint-go nil
+  "lsp-sonarlint Go analyzer group"
+  :group 'lsp-sonarlint
+  :version '(lsp-sonarlint-go . "1.12.0"))
+
+(defcustom lsp-sonarlint-go-enabled nil
+  "Enable lsp-sonarlint-go plugin."
+  :group 'lsp-sonarlint-go
+  :type 'boolean)
+
+(defcustom lsp-sonarlint-go-download-url
+  "https://repo.maven.apache.org/maven2/org/sonarsource/slang/sonar-go-plugin/1.12.0.4259/sonar-go-plugin-1.12.0.4259.jar"
+  "Go plugin download URL."
+  :group 'lsp-sonarlint-go
+  :type 'string)
+
+(defcustom lsp-sonarlint-go-analyzer-path
+(concat
+   (file-name-directory load-file-name)
+   "sonar-go.jar")
+  "Lsp-sonarlint Go analyzer location."
+  :group 'lsp-sonarlint-go
+  :type 'file)
+
+(defvar lsp-sonarlint-go-doc-url "https://www.sonarsource.com/go/"
+  "Documentation sonarsource URL.")
+
+(defvar lsp-sonarlint-go-repository-url "https://github.com/SonarSource/slang/"
+  "Official sonarlint code extension repository.")
+
+
+(provide 'lsp-sonarlint-go)
+;;; lsp-sonarlint-go.el ends here

languages/text/lsp-sonarlint-text.el

@@ -0,0 +1,63 @@
+;;; lsp-sonarlint-text.el --- lsp-sonarlint text module             -*- lexical-binding: t; -*-
+
+;; Copyright (C) 2020  Fermin Munoz
+;; URL: https://gitlab.com/sasanidas/lsp-sonarlint
+;; Keywords: languages
+
+;; This program is free software; you can redistribute it and/or modify
+;; it under the terms of the GNU General Public License as published by
+;; the Free Software Foundation, either version 3 of the License, or
+;; (at your option) any later version.
+
+;; This program is distributed in the hope that it will be useful,
+;; but WITHOUT ANY WARRANTY; without even the implied warranty of
+;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+;; GNU General Public License for more details.
+
+;; You should have received a copy of the GNU General Public License
+;; along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+;;; Commentary:
+;; Specific configuration for the SonarLint text plugin.
+
+;; This is NOT and official SonarLint extension.
+
+
+;;; Code:
+
+(defgroup lsp-sonarlint-text nil
+  "lsp-sonarlint text analyzer group"
+  :group 'lsp-sonarlint
+  :version '(lsp-sonarlint-text . "2.0.1"))
+
+(defcustom lsp-sonarlint-text-enabled nil
+  "Enable lsp-sonarlint-text plugin."
+  :group 'lsp-sonarlint-text
+  :type 'boolean)
+
+(defcustom lsp-sonarlint-text-download-url
+  "https://repo.maven.apache.org/maven2/org/sonarsource/text/sonar-text-plugin/2.0.1.611/sonar-text-plugin-2.0.1.611.jar"
+  "Text plugin download URL."
+  :group 'lsp-sonarlint-text
+  :type 'string)
+
+(defcustom lsp-sonarlint-text-analyzer-path
+(concat
+   (file-name-directory load-file-name)
+   "sonar-text.jar")
+  "Lsp-sonarlint text analyzer location."
+  :group 'lsp-sonarlint-text
+  :type 'file)
+
+(defvar lsp-sonarlint-text-doc-url "https://www.sonarsource.com/"
+  "Documentation sonarsource URL.")
+
+(defvar lsp-sonarlint-text-repository-url "https://github.com/SonarSource/sonar-text"
+  "Official sonarlint code extension repository.")
+
+
+
+
+
+(provide 'lsp-sonarlint-text)
+;;; lsp-sonarlint-text.el ends here

lsp-sonarlint.el

@@ -5,7 +5,7 @@
 ;; Author: Fermin MF <[email protected]>
 ;; Created: 13 Jun 2020
 ;; Version: 0.0.1
-;; Keywords: languages, tools, php, javascript, xml, html, java, python
+;; Keywords: languages, tools, php, javascript, typescript, go, xml, html, java, python
 ;; URL: https://github.com/emacs-lsp/lsp-sonarlint
 ;; Package-Requires: ((emacs "25") (dash "2.12.0") (lsp-mode "6.3") (ht "2.3"))
 ;; License: GPL-3.0-or-later
@@ -53,6 +53,7 @@
   :type 'file)
 
 (defcustom lsp-sonarlint-modes-enabled '(php-mode
+                                         go-mode
                                          html-mode
                                          web-mode
                                          js-mode

test/lsp-sonarlint-integration-test.el

@@ -68,11 +68,13 @@ It can perform further interaction with LSP, e.g., execute code actions."
         (dir (file-name-directory file))
         (lsp-enable-snippet nil)
         ;; Disable all plugins to focus only on the issues from the knob-symbol
+        (lsp-sonarlint-go-enabled nil)
         (lsp-sonarlint-html-enabled nil)
         (lsp-sonarlint-java-enabled nil)
         (lsp-sonarlint-javascript-enabled nil)
         (lsp-sonarlint-typescript-enabled nil)
         (lsp-sonarlint-php-enabled nil)
+        (lsp-sonarlint-text-enabled nil)
         (lsp-sonarlint-typescript-enabled nil)
         (lsp-sonarlint-xml-enabled nil)
         received-warnings)
@@ -171,6 +173,19 @@ and get the issues from the server."
   (should (equal (lsp-sonarlint--get-all-issue-codes "sample.xml" 'lsp-sonarlint-xml-enabled)
                  '("xml:S1135"))))
 
+;; "text" plugin detects secrets and bidirectional unicode characters
+(ert-deftest lsp-sonarlint-text-reports-issues ()
+  "Check that LSP can detect Secrets with SonarLint."
+  (require 'lsp-sonarlint-text)
+  (should (equal (lsp-sonarlint--get-all-issue-codes "secrets.java" 'lsp-sonarlint-text-enabled)
+                 '("secrets:S6290" "secrets:S6290" "secrets:S6290"))))
+
+(ert-deftest lsp-sonarlint-go-reports-issues ()
+  "Check that LSP can get go SonarLint issues for a go file."
+  (require 'lsp-sonarlint-go)
+  (should (equal (lsp-sonarlint--get-all-issue-codes "sample.go" 'lsp-sonarlint-go-enabled)
+                 '("go:S1135"))))
+
 (defun lsp-sonarlint--find-descr-action-at-point ()
   "Find the 'get rule description' code action for the issue at point."
   (seq-find (lambda (action) (string-match-p "description" (gethash "title" action)))