{"id":13414214,"url":"https://github.com/felipebz/zpa","last_synced_at":"2026-01-11T16:54:37.931Z","repository":{"id":32940675,"uuid":"36536721","full_name":"felipebz/zpa","owner":"felipebz","description":"Parser and static code analysis tool for PL/SQL and Oracle SQL.","archived":false,"fork":false,"pushed_at":"2024-10-23T01:52:57.000Z","size":6051,"stargazers_count":213,"open_issues_count":19,"forks_count":77,"subscribers_count":17,"default_branch":"main","last_synced_at":"2024-10-24T15:03:43.798Z","etag":null,"topics":["analysis","code-analysis","code-quality","grammar","oracle-forms","oracle-sql","parser","plsql","plsql-analyzer","plsql-parser","sonarqube","sql-analyzer","static-analysis","static-code-analysis"],"latest_commit_sha":null,"homepage":"https://zpa.felipebz.com","language":"Kotlin","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"lgpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/felipebz.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"github":"felipebz"}},"created_at":"2015-05-30T00:50:36.000Z","updated_at":"2024-10-23T01:53:01.000Z","dependencies_parsed_at":"2024-01-13T17:12:33.992Z","dependency_job_id":"dfb60083-a286-46be-ad00-bab847c6ac4b","html_url":"https://github.com/felipebz/zpa","commit_stats":null,"previous_names":[],"tags_count":18,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/felipebz%2Fzpa","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/felipebz%2Fzpa/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/felipebz%2Fzpa/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/felipebz%2Fzpa/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/felipebz","download_url":"https://codeload.github.com/felipebz/zpa/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":221508977,"owners_count":16834807,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["analysis","code-analysis","code-quality","grammar","oracle-forms","oracle-sql","parser","plsql","plsql-analyzer","plsql-parser","sonarqube","sql-analyzer","static-analysis","static-code-analysis"],"created_at":"2024-07-30T21:00:16.578Z","updated_at":"2026-01-11T16:54:37.925Z","avatar_url":"https://github.com/felipebz.png","language":"Kotlin","funding_links":["https://github.com/sponsors/felipebz"],"categories":["Database","code-quality"],"sub_categories":["Analysis"],"readme":"# ZPA\n\n[![Latest release](https://img.shields.io/github/release/felipebz/zpa.svg) ](https://github.com/felipebz/zpa/releases/latest)\n[![Build](https://github.com/felipebz/zpa/actions/workflows/build.yml/badge.svg?branch=main)](https://github.com/felipebz/zpa/actions/workflows/build.yml)\n[![Quality Gate Status](https://sonarqube.felipebz.com/api/project_badges/measure?project=com.felipebz.zpa%3Azpa\u0026metric=alert_status)](https://sonarqube.felipebz.com/dashboard?id=com.felipebz.zpa%3Azpa)\n\nZPA is parser and static code analysis tool for PL/SQL and Oracle SQL.\n\nYou can use it in a [SonarQube](https://www.sonarqube.org) on-premise instance. SonarQube is an open platform to manage code quality.\n\nSee some examples in our [SonarQube instance](https://sonarqube.felipebz.com/projects?languages=plsqlopen)!\n\nDo you want to use this analyzer in a project hosted on [SonarCloud](https://sonarcloud.io)? Try the [zpa-cli](https://github.com/felipebz/zpa-cli)!\n\n## Installation\n\n- Download the [latest sonar-zpa-plugin release](https://github.com/felipebz/zpa/releases/latest) and copy to the SONARQUBE_HOME/extensions/plugins directory;\n- Restart your SonarQube server;\n- Navigate to the Marketplace (SONARQUBE_URL/marketplace?filter=installed). It should list \"ZPA\" on the tab \"Installed Plugins\";\n- Run an analysis with [SonarScanner](https://docs.sonarsource.com/sonarqube/latest/analyzing-source-code/overview/).\n\n## Compatibility matrix\n\n| ZPA version            | SonarQube version (min/max) |\n|------------------------|-----------------------------|\n| 4.0.0                  | 25.2 / 25.10                |\n| 4.1.0 (in development) | 25.8 / 26.1                 |\n\n## ZPA Toolkit\n\nThe ZPA Toolkit is visual tool to review the AST (abstract syntax tree) and the symbol table generated by the parser.\n\n![](https://raw.githubusercontent.com/wiki/felipebz/zpa/img/zpa-toolkit.png)\n\nThe latest ZPA Toolkit can be downloaded from the [releases page](https://github.com/felipebz/zpa/releases/latest) and it requires JDK 11 or newer.\n\n## Contribute\n\nEveryone is welcome to contribute. Please read our [contribution guidelines](CONTRIBUTING.md) for more information.\n\nThere are a few things you need to know about the code. It is divided in these modules:\n\n- `plsql-custom-rules` - Demo project showing how to extend ZPA with custom coding rules.\n- `sonar-zpa-plugin` - The SonarQube plugin itself, this module contains all the code necessary to integrate with the SonarQube platform.\n- `zpa-checks` - The built-in coding rules provided by ZPA.\n- `zpa-checks-testkit` - Test helper for coding rules, it can be used to test custom rules.\n- `zpa-core` - The heart of this project. It contains the lexer, the parser and the code required to understand and process PL/SQL code.\n- `zpa-toolkit` - A visual tool to review the AST (abstract syntax tree) generated by the parser.\n\nThe API exposed to custom plugins must be located in the package `org.sonar.plugins.plsqlopen.api` (it's a requirement from the SonarQube server). The classes located outside this package are not prepared for external consumption, so if you use them, your code can break without any further notice.\n\n### Running the integration tests\n\nThere are two sets of integration tests:\n\n- [sonar-zpa-plugin/integrationTest](https://github.com/felipebz/zpa/tree/main/sonar-zpa-plugin/src/integrationTest): checks if the metrics are imported correctly in SonarQube\n- [zpa-checks/integrationTest](https://github.com/felipebz/zpa/tree/main/zpa-checks/src/integrationTest): checks the quality of parser and rules against real-world code\n\nTo run the integrations tests, first update the submodules:\n\n    git submodule update --init --recursive\n    \nBuild the main plugin and the custom rules example:\n\n    ./gradlew build publishToMavenLocal\n    ./gradlew build -p plsql-custom-rules\n\nThen run the tests:\n\n    ./gradlew integrationTest\n\nBy default, the tests will be executed using SonarQube Community Build 25.8. You can change the SonarQube version using the property `sonar.runtimeVersion`, passing a value in the format `LATEST_RELEASE[number]`, like `LATEST_RELEASE[25.3]`, or `a.b.c.d` for an exact release including build number: \n\n    ./gradlew integrationTest -Dsonar.runtimeVersion=LATEST_RELEASE[25.8]\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffelipebz%2Fzpa","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ffelipebz%2Fzpa","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffelipebz%2Fzpa/lists"}