Merge pull request #69 from Trivadis/feature/23c

Use tvdcc-5.0.0 with support of Oracle Database 23c

Author: PhilippSalvisberg

README.md

@@ -12,16 +12,16 @@ This project provides the following four custom validators in the package `com.t
 
 Class | Description 
 ----- | -----------
-TrivadisPlsqlNaming | Checks [Naming Conventions](https://trivadis.github.io/plsql-and-sql-coding-guidelines/v4.3/2-naming-conventions/naming-conventions/#naming-conventions-for-plsql) of the Trivadis PL/SQL & SQL Coding Guidelines
+TrivadisPlsqlNaming | Checks [Naming Conventions](https://trivadis.github.io/plsql-and-sql-coding-guidelines/v4.4/2-naming-conventions/naming-conventions/#naming-conventions-for-plsql) of the Trivadis PL/SQL & SQL Coding Guidelines
 GLP | Checks naming of global and local variables and parameters 
 SQLInjection | Looks for SQL injection vulnerabilities, e.g. unasserted parameters in dynamic SQL
 Hint | Looks for unknown hints and invalid table references
-OverrideTrivadisGuidelines | Extends TrivadisGuidelines3 and overrides check for [G-1050](https://trivadis.github.io/plsql-and-sql-coding-guidelines/v4.3/4-language-usage/1-general/g-1050/).
+OverrideTrivadisGuidelines | Extends TrivadisGuidelines3 and overrides check for [G-1050](https://trivadis.github.io/plsql-and-sql-coding-guidelines/v4.4/4-language-usage/1-general/g-1050/).
 TrivadisGuidelines3Plus | Combines the validators TrivadisPlsqlNaming, SQLInjection and OverrideTrivadisGuidelines. 
 
 ### TrivadisPlsqlNaming
 
-This validator implements 15 guidelines to cover the chapter [2.2 Naming Conventions](https://trivadis.github.io/plsql-and-sql-coding-guidelines/v4.3/2-naming-conventions/naming-conventions/#naming-conventions-for-plsql) of the Trivadis PL/SQL & SQL Coding Guidelines.
+This validator implements 15 guidelines to cover the chapter [2.2 Naming Conventions](https://trivadis.github.io/plsql-and-sql-coding-guidelines/v4.4/2-naming-conventions/naming-conventions/#naming-conventions-for-plsql) of the Trivadis PL/SQL & SQL Coding Guidelines.
 
 Guideline | Message
 --------- | -----------
@@ -128,7 +128,7 @@ The following guideline is overriden:
 
 Guideline | Message
 --------- | -----------
-[G-1050](https://trivadis.github.io/plsql-and-sql-coding-guidelines/v4.3/4-language-usage/1-general/g-1050/) | Avoid using literals in your code.
+[G-1050](https://trivadis.github.io/plsql-and-sql-coding-guidelines/v4.4/4-language-usage/1-general/g-1050/) | Avoid using literals in your code.
 
 Literals as part of a [Logger](https://github.com/OraOpenSource/Logger) package call are not reported (see also [issue 8](https://github.com/Trivadis/plsql-cop-validators/issues/8)).
 

install_tvdcc_libs.sh

@@ -1,6 +1,6 @@
 #!/bin/sh
 
-# set the directory where SQLcl libraries are stored
+# set the directory where libraries of db* CODECOP CLI are stored
 if [[ "$1" = "" ]]; then
     TVDCC_DIR="$HOME/tvdcc"
 else
@@ -15,8 +15,8 @@ if ! test -f "${TVDCC_DIR}/tvdcc.jar"; then
 fi
 
 # define versions according usage in pom.xml
-TVDCC_VERSION="4.5.1-SNAPSHOT"
-PLSQL_VERSION="4.2.3-SNAPSHOT"
+TVDCC_VERSION="5.0.0-SNAPSHOT"
+PLSQL_VERSION="5.0.0-SNAPSHOT"
 
 # install JAR files into local Maven repository, these libs are not available in public Maven repositories
 mvn install:install-file -Dfile=$TVDCC_DIR/tvdcc.jar -DgeneratePom=true \

pom.xml

@@ -5,13 +5,13 @@
 	<!-- The Basics -->
 	<groupId>trivadis.tvdcc</groupId>
 	<artifactId>sonar-plsql-cop-custom-validators-plugin</artifactId>
-	<version>4.5.1-SNAPSHOT</version>
+	<version>5.0.0-SNAPSHOT</version>
 	<packaging>sonar-plugin</packaging>
 	<properties>
 		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
 		<jdk.version>8</jdk.version>
 		<jdk.test.version>17</jdk.test.version>
-		<xtext.version>2.27.0</xtext.version>
+		<xtext.version>2.28.0</xtext.version> <!-- latest version that runs with JDK8 -->
 		<skip.genmodel>false</skip.genmodel>
 		<skipTests>false</skipTests>
 	</properties>
@@ -25,8 +25,8 @@
 				<plugins>
 					<plugin>
 						<groupId>org.apache.maven.plugins</groupId>
-						<version>3.10.1</version>
 						<artifactId>maven-compiler-plugin</artifactId>
+                        <version>3.12.1</version>
 						<configuration>
 							<!-- different Java version for main and test -->
 							<!-- works with Maven builder from IDE or command line -->
@@ -36,6 +36,18 @@
 					</plugin>
 				</plugins>
 			</build>
+           <repositories>
+                <repository>
+                    <id>plsqlcop</id>
+                    <url>https://pkgs.dev.azure.com/tvdvsts/2001.5038513/_packaging/plsqlcop/maven/v1</url>
+                    <releases>
+                        <enabled>true</enabled>
+                    </releases>
+                    <snapshots>
+                        <enabled>true</enabled>
+                    </snapshots>
+                </repository>
+            </repositories>
 		</profile>
 		<profile>
 			<id>idea</id>
@@ -49,8 +61,8 @@
 				<plugins>
 					<plugin>
 						<groupId>org.apache.maven.plugins</groupId>
-						<version>3.10.1</version>
 						<artifactId>maven-compiler-plugin</artifactId>
+                        <version>3.12.1</version>
 						<configuration>
 							<!-- IDEA requires same Java version for main and test -->
 							<!-- see https://youtrack.jetbrains.com/issue/IDEA-85478 -->
@@ -60,6 +72,18 @@
 					</plugin>
 				</plugins>
 			</build>
+           <repositories>
+                <repository>
+                    <id>plsqlcop</id>
+                    <url>https://pkgs.dev.azure.com/tvdvsts/2001.5038513/_packaging/plsqlcop/maven/v1</url>
+                    <releases>
+                        <enabled>true</enabled>
+                    </releases>
+                    <snapshots>
+                        <enabled>true</enabled>
+                    </snapshots>
+                </repository>
+            </repositories>
 		</profile>
 		<profile>
 			<activation>
@@ -107,14 +131,14 @@
 			<!-- contains TrivadisGuidelines3 -->
 			<groupId>trivadis.tvdcc</groupId>
 			<artifactId>tvdcc</artifactId>
-			<version>4.5.1-SNAPSHOT</version>
+			<version>5.0.0</version>
 			<scope>provided</scope>
 		</dependency>
         <dependency>
             <!-- contains PLSQLValidator -->
             <groupId>trivadis.oracle</groupId>
             <artifactId>plsql</artifactId>
-            <version>4.2.3-SNAPSHOT</version>
+            <version>5.0.0</version>
             <scope>provided</scope>
         </dependency>
 		<dependency>
@@ -147,7 +171,7 @@
 		<dependency>
 			<groupId>junit</groupId>
 			<artifactId>junit</artifactId>
-			<version>4.13.1</version>
+			<version>4.13.2</version>
 			<scope>test</scope>
 		</dependency>
 	</dependencies>
@@ -167,7 +191,7 @@
 			<plugin>
 				<groupId>org.sonarsource.sonar-packaging-maven-plugin</groupId>
 				<artifactId>sonar-packaging-maven-plugin</artifactId>
-				<version>1.18.0.372</version>
+				<version>1.21.0.505</version> <!-- last version before breaking changes -->
 				<extensions>true</extensions>
 				<configuration>
 				<pluginKey>plsql-cop-custom-validators</pluginKey>
@@ -177,7 +201,7 @@
 			</plugin>
 			<plugin>
 				<groupId>org.apache.maven.plugins</groupId>
-				<version>3.10.1</version>
+				<version>3.12.1</version>
 				<artifactId>maven-compiler-plugin</artifactId>
 				<configuration>
 					<source>${jdk.version}</source>
@@ -229,7 +253,7 @@
 			<plugin>
 				<groupId>org.apache.maven.plugins</groupId>
 				<artifactId>maven-surefire-plugin</artifactId>
-				<version>2.22.2</version>
+				<version>3.2.5</version>
 				<executions>
 					<execution>
 						<id>default-test</id>

src/main/java/com/trivadis/tvdcc/generators/GLPGenmodel.java

@@ -16,25 +16,27 @@
 
 package com.trivadis.tvdcc.generators;
 
+import java.io.IOException;
+
 import com.trivadis.oracle.plsql.validation.PLSQLValidatorPreferences;
 import com.trivadis.tvdcc.genmodel.GenRulesXml;
 import com.trivadis.tvdcc.genmodel.GenSqaleXml;
 import com.trivadis.tvdcc.validators.GLP;
 
 public class GLPGenmodel {
 
-    public static void genPlsqlcopModelXml() {
+    public static void genPlsqlcopModelXml() throws IOException {
         GenSqaleXml gen = new GenSqaleXml();
-        gen.generate("./src/main/resources/GLP");
+        gen.generate(GenUtil.getPath("src/main/resources/GLP"));
     }
 
-    public static void genRulesXml() {
+    public static void genRulesXml() throws IOException {
         GenRulesXml gen = new GenRulesXml();
-        String targetDir = "./src/main/resources/GLP";
-        gen.generate(targetDir, "./src/main/resources/GLP/sample");
+        String targetDir = GenUtil.getPath("src/main/resources/GLP");
+        gen.generate(targetDir, GenUtil.getPath("src/main/resources/GLP/sample"));
     }
 
-    public static void main(String[] args) {
+    public static void main(String[] args) throws IOException {
         PLSQLValidatorPreferences.INSTANCE.setValidatorClass(GLP.class);
         genPlsqlcopModelXml();
         genRulesXml();

src/main/java/com/trivadis/tvdcc/generators/GenUtil.java

@@ -0,0 +1,38 @@
+/*
+ * Copyright 2024 Philipp Salvisberg <[email protected]>
+ * 
+ * Licensed under the Creative Commons Attribution-NonCommercial-NoDerivs 3.0 
+ * Unported License (the "License"); you may not use this file except 
+ * in compliance with the License. You may obtain a copy of the License at
+ * 
+ *     https://creativecommons.org/licenses/by-nc-nd/3.0/
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.trivadis.tvdcc.generators;
+
+import java.io.IOException;
+import java.nio.file.FileVisitOption;
+import java.nio.file.Files;
+import java.nio.file.Path;
+import java.nio.file.Paths;
+import java.util.List;
+import java.util.stream.Collectors;
+
+
+public class GenUtil {
+    public static String getPath(String dirName) throws IOException {
+        String ret = null;
+        List<Path> dirs = Files.walk(Paths.get(""), FileVisitOption.FOLLOW_LINKS).filter(f -> f.toFile().getAbsolutePath().contains(dirName.substring(2)))
+            .collect(Collectors.toList());
+        if (dirs.size() > 0) {
+            ret = dirs.get(0).toFile().getAbsolutePath();
+        }
+        return ret;
+    }
+}

src/main/java/com/trivadis/tvdcc/generators/TrivadisGuidelines3PlusGenmodel.java

@@ -36,9 +36,9 @@
 
 public class TrivadisGuidelines3PlusGenmodel {
 
-    public static void genPlsqlcopModelXml() {
+    public static void genPlsqlcopModelXml() throws IOException {
         GenSqaleXml gen = new GenSqaleXml();
-        gen.generate("./src/main/resources/TrivadisGuidelines3Plus");
+        gen.generate(GenUtil.getPath("src/main/resources/TrivadisGuidelines3Plus"));
     }
 
     public static void copy(String sourceDir, String targetDir) throws IOException {
@@ -57,25 +57,27 @@ public static void copy(String sourceDir, String targetDir) throws IOException {
     public static void copyGuidelinesFromJar(String targetDir) throws IOException, URISyntaxException {
         File tvdccJarFile = new File(
                 TrivadisGuidelines3.class.getProtectionDomain().getCodeSource().getLocation().toURI());
-        JarFile jarFile = new JarFile(tvdccJarFile);
-        Enumeration<JarEntry> entries = jarFile.entries();
-        while (entries.hasMoreElements()) {
-            JarEntry entry = entries.nextElement();
-            if (!entry.isDirectory() && entry.getName().startsWith("guidelines/")) {
-                InputStream entryInputStream = jarFile.getInputStream(entry);
-                Path targetFile = Paths.get(targetDir, entry.getName().substring(10));
-                Files.copy(entryInputStream, targetFile, StandardCopyOption.REPLACE_EXISTING);
+        if (tvdccJarFile.getName().endsWith(".jar")) {
+            JarFile jarFile = new JarFile(tvdccJarFile);
+            Enumeration<JarEntry> entries = jarFile.entries();
+            while (entries.hasMoreElements()) {
+                JarEntry entry = entries.nextElement();
+                if (!entry.isDirectory() && entry.getName().startsWith("guidelines/")) {
+                    InputStream entryInputStream = jarFile.getInputStream(entry);
+                    Path targetFile = Paths.get(targetDir, entry.getName().substring(10));
+                    Files.copy(entryInputStream, targetFile, StandardCopyOption.REPLACE_EXISTING);
+                }
             }
+            jarFile.close();
         }
-        jarFile.close();
     }
 
     public static void genRulesXml() throws URISyntaxException, IOException {
         GenRulesXml gen = new GenRulesXml();
         String tempDir = Files.createTempDirectory("genmodel_").toString();
         copyGuidelinesFromJar(tempDir);
-        copy("./src/main/resources/TrivadisGuidelines3Plus/sample", tempDir);
-        gen.generate("./src/main/resources/TrivadisGuidelines3Plus", tempDir.toString());
+        copy(GenUtil.getPath("src/main/resources/TrivadisGuidelines3Plus/sample"), tempDir);
+        gen.generate(GenUtil.getPath("src/main/resources/TrivadisGuidelines3Plus"), tempDir.toString());
     }
 
     public static void main(String[] args) throws URISyntaxException, IOException {

src/main/resources/TrivadisGuidelines3Plus/genmodel/plsqlcop-model.xml

@@ -2592,7 +2592,7 @@
 					<txt>mn</txt>
 				</prop>
 			</chc>
-			<!-- Always specify column names instead of positional references in GROUP BY clauses. -->
+			<!-- Always specify column names/aliases instead of positional references in GROUP BY clauses. -->
 			<chc>
 				<rule-repo>trivadis</rule-repo>
 				<rule-key>G-3182</rule-key>
@@ -2668,6 +2668,25 @@
 					<txt>mn</txt>
 				</prop>
 			</chc>
+			<!-- Avoid autonomous transactions. -->
+			<chc>
+				<rule-repo>trivadis</rule-repo>
+				<rule-key>G-3330</rule-key>
+				<prop>
+					<key>remediationFunction</key>
+					<txt>CONSTANT_ISSUE</txt>
+				</prop>
+				<prop>
+					<key>remediationFactor</key>
+					<val>0.0</val>
+					<txt>mn</txt>
+				</prop>
+				<prop>
+					<key>offset</key>
+					<val>60.0</val>
+					<txt>mn</txt>
+				</prop>
+			</chc>
 			<!-- Avoid using %NOTFOUND directly after the FETCH when working with BULK OPERATIONS and LIMIT clause. -->
 			<chc>
 				<rule-repo>trivadis</rule-repo>
@@ -2706,6 +2725,25 @@
 					<txt>mn</txt>
 				</prop>
 			</chc>
+			<!-- Never use a FOR LOOP for a query that should return not more than one row. (not implemented) -->
+			<chc>
+				<rule-repo>trivadis</rule-repo>
+				<rule-key>G-4387</rule-key>
+				<prop>
+					<key>remediationFunction</key>
+					<txt>CONSTANT_ISSUE</txt>
+				</prop>
+				<prop>
+					<key>remediationFactor</key>
+					<val>0.0</val>
+					<txt>mn</txt>
+				</prop>
+				<prop>
+					<key>offset</key>
+					<val>5.0</val>
+					<txt>mn</txt>
+				</prop>
+			</chc>
 			<!-- Always use parameters or pull in definitions rather than referencing external variables in a local program unit. -->
 			<chc>
 				<rule-repo>trivadis</rule-repo>