This is a Java library for parsing report files like static code analysis.
Example of supported reports are available here.
A number of parsers have been implemented. Some parsers can parse output from several reporters.
Reporter | Parser | Notes |
---|---|---|
ARM-GCC | CLANG |
|
AndroidLint | ANDROIDLINT |
|
Ansible-Later | ANSIBLELATER |
With json format |
AnsibleLint | FLAKE8 |
With -p |
Bandit | CLANG |
With bandit -r examples/ -f custom -o bandit.out --msg-template "{abspath}:{line}: {severity}: {test_id}: {msg}" |
CLang | CLANG |
|
CPD | CPD |
|
CPPCheck | CPPCHECK |
With cppcheck test.cpp --output-file=cppcheck.xml --xml |
CPPLint | CPPLINT |
|
CSSLint | CSSLINT |
|
Checkstyle | CHECKSTYLE |
|
CloudFormation Linter | JUNIT |
cfn-lint . -f junit --output-file report-junit.xml |
CodeClimate | CODECLIMATE |
|
CodeNarc | CODENARC |
|
Dart | MACHINE |
With dart analyze --format=machine |
Dependency Check | SARIF |
Using --format SARIF |
Detekt | CHECKSTYLE |
With --output-format xml . |
DocFX | DOCFX |
|
Doxygen | CLANG |
|
ERB | CLANG |
With erb -P -x -T '-' "${it}" | ruby -c 2>&1 >/dev/null | grep '^-' | sed -E 's/^-([a-zA-Z0-9:]+)/${filename}\1 ERROR:/p' > erbfiles.out . |
ESLint | CHECKSTYLE |
With format: 'checkstyle' . |
Findbugs | FINDBUGS |
|
Flake8 | FLAKE8 |
|
FxCop | FXCOP |
|
GCC | CLANG |
|
GHS | GHS |
|
Gendarme | GENDARME |
|
Generic reporter | GENERIC |
Will create one single violation with all the content as message. |
GoLint | GOLINT |
|
GoVet | GOLINT |
Same format as GoLint. |
GolangCI-Lint | CHECKSTYLE |
With --out-format=checkstyle . |
GoogleErrorProne | GOOGLEERRORPRONE |
|
HadoLint | CHECKSTYLE |
With -f checkstyle |
IAR | IAR |
With --no_wrap_diagnostics |
Infer | PMD |
Facebook Infer. With --pmd-xml . |
JACOCO | JACOCO |
|
JCReport | JCREPORT |
|
JSHint | JSLINT |
With --reporter=jslint or the CHECKSTYLE parser with --reporter=checkstyle |
JUnit | JUNIT |
It only contains the failures. |
KTLint | CHECKSTYLE |
|
Klocwork | KLOCWORK |
|
KotlinGradle | KOTLINGRADLE |
Output from Kotlin Gradle Plugin. |
KotlinMaven | KOTLINMAVEN |
Output from Kotlin Maven Plugin. |
Lint | LINT |
A common XML format, used by different linters. |
MSBuildLog | MSBULDLOG |
With -fileLogger use .*msbuild\\.log$ as pattern or -fl -flp:logfile=MyProjectOutput.log;verbosity=diagnostic for a custom output filename |
MSCpp | MSCPP |
|
Mccabe | FLAKE8 |
|
MyPy | MYPY |
|
NullAway | GOOGLEERRORPRONE |
Same format as Google Error Prone. |
PCLint | PCLINT |
PC-Lint using the same output format as the Jenkins warnings plugin, details here |
PHPCS | CHECKSTYLE |
With phpcs api.php --report=checkstyle . |
PHPPMD | PMD |
With phpmd api.php xml ruleset.xml . |
PMD | PMD |
|
Pep8 | FLAKE8 |
|
PerlCritic | PERLCRITIC |
|
PiTest | PITEST |
|
ProtoLint | PROTOLINT |
|
Puppet-Lint | CLANG |
With -log-format %{fullpath}:%{line}:%{column}: %{kind}: %{message} |
PyDocStyle | PYDOCSTYLE |
|
PyFlakes | FLAKE8 |
|
PyLint | PYLINT |
With pylint --output-format=parseable . |
ReSharper | RESHARPER |
|
RubyCop | CLANG |
With rubycop -f clang file.rb |
SARIF | SARIF |
v2.x. Microsoft Visual C# can generate it with ErrorLog="BuildErrors.sarif,version=2" . |
SbtScalac | SBTSCALAC |
|
Scalastyle | CHECKSTYLE |
|
Semgrep | SEMGREP |
With --json . |
Simian | SIMIAN |
|
Sonar | SONAR |
With mvn sonar:sonar -Dsonar.analysis.mode=preview -Dsonar.report.export.path=sonar-report.json . Removed in 7.7, see SONAR-11670 but can be retrieved with: curl --silent 'http://sonar-server/api/issues/search?componentKeys=unique-key&resolved=false' | jq -f sonar-report-builder.jq > sonar-report.json . |
Spotbugs | FINDBUGS |
|
StyleCop | STYLECOP |
|
SwiftLint | CHECKSTYLE |
With --reporter checkstyle . |
TSLint | CHECKSTYLE |
With -t checkstyle |
Valgrind | VALGRIND |
With --xml=yes . |
XMLLint | XMLLINT |
|
XUnit | XUNIT |
It only contains the failures. |
YAMLLint | YAMLLINT |
With -f parsable |
ZPTLint | ZPTLINT |
51 parsers and 78 reporters.
Missing a format? Open an issue here!
Very easy to use with a nice builder pattern
List<Violation> violations = violationsReporterApi() //
.withPattern(".*/findbugs/.*\\.xml$") //
.inFolder(rootFolder) //
.findAll(FINDBUGS) //
.violations();
It can also export the violations to the CodeClimate and SARIF formats with:
.codeClimate()
.sarif()
If you need to convert a report from one format to another, the command line tool is probably easiest to use.
The library is used in a bunch of other projects, these are some of them.
Command line:
- Violations Command Line Can parse, log, fail, and/or export to
CodeClimate
andSarif
files. This is how Github is supported, se README. - Violation Comments to GitLab Command Line
- Violation Comments to Bitbucket Server Command Line
- Violation Comments to Bitbucket Cloud Command Line
Gradle:
Maven:
Jenkins:
And these supporting libraries: