Uploaded image for project: 'SonarQube'
  1. SonarQube
  2. SONAR-9478

Replace Settings Java API by Configuration to not expose setters

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 6.5-M2, 6.5
    • Component/s: Scanner
    • Labels:

      Description

      In the scanner, Settings for Global/Project/Module containers are created from the analysis properties and are mutable. These Settings are used everywhere to define the behavior of the scanner-engine based on properties passed by the client (maven, cli, ..).

      Plugins have easy access to it through SensorContext#Settings, so it's easy for plugins or some part of the engine to manipulate them and change the behavior. The settings also get written in the report and sent to the CE.
      For all these reasons, all settings should be immutable. We should deprecate accessing the current Settings object through SensorContext or directly through ioc and introduce a new object.

      On server side, Settings are mutable, but it should not be exposed to plugins.

      Proposal: introduce a new API named "Configuration" and deprecate existing Settings class. Configuration will only expose getters.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                julien.henry Julien Henry
                Reporter:
                duarte.meneses Duarte Meneses
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Due:
                  Created:
                  Updated:
                  Resolved: