{"id":18245533,"url":"https://github.com/touk/sputnik","last_synced_at":"2025-10-04T21:48:48.170Z","repository":{"id":14942350,"uuid":"17666927","full_name":"TouK/sputnik","owner":"TouK","description":"Static code review for your Gerrit patchsets. Runs Checkstyle, PMD, FindBugs, Scalastyle, CodeNarc, JSLint for you!","archived":false,"fork":false,"pushed_at":"2024-03-16T18:51:56.000Z","size":3005,"stargazers_count":203,"open_issues_count":37,"forks_count":121,"subscribers_count":21,"default_branch":"master","last_synced_at":"2025-03-29T06:08:25.167Z","etag":null,"topics":["automated-tests","codenarc","findbugs","gerrit","java","jslint","pmd","review","sputnik","static-code-analysis"],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":"cryptoapi/Bitcoin-Gateway-Paid-Memberships-Pro","license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/TouK.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2014-03-12T12:57:12.000Z","updated_at":"2025-01-23T01:24:20.000Z","dependencies_parsed_at":"2024-11-05T09:22:47.624Z","dependency_job_id":"43ae4956-ef65-4996-b0b8-2d44175ecc50","html_url":"https://github.com/TouK/sputnik","commit_stats":null,"previous_names":[],"tags_count":47,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TouK%2Fsputnik","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TouK%2Fsputnik/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TouK%2Fsputnik/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TouK%2Fsputnik/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/TouK","download_url":"https://codeload.github.com/TouK/sputnik/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247299833,"owners_count":20916190,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["automated-tests","codenarc","findbugs","gerrit","java","jslint","pmd","review","sputnik","static-code-analysis"],"created_at":"2024-11-05T09:21:09.467Z","updated_at":"2025-10-04T21:48:43.131Z","avatar_url":"https://github.com/TouK.png","language":"Java","readme":"![sputnik](http://touk.github.io/sputnik/images/logo-color-bgtransparent-small.png)\n\n\u003e Static code review for your Gerrit and Stash patchsets. Runs Checkstyle, PMD, SpotBugs (formerly known as FindBugs), Scalastyle, CodeNarc, JSLint, JSHint, TSLint and Detekt for you!\n\n[![Build Status](https://img.shields.io/travis/TouK/sputnik/master.svg?style=flat-square)](https://travis-ci.org/TouK/sputnik)\n[![Maven Central](https://maven-badges.herokuapp.com/maven-central/pl.touk/sputnik/badge.svg?style=flat-square)](https://maven-badges.herokuapp.com/maven-central/pl.touk/sputnik)\n[![Coverage Status](https://img.shields.io/codecov/c/github/TouK/sputnik/master.svg?style=flat-square)](https://codecov.io/github/TouK/sputnik)\n[![Sputnik](https://sputnik.ci/conf/badge)](https://sputnik.ci/app#/builds/TouK/sputnik)\n[![Join the chat at https://gitter.im/TouK/sputnik](https://badges.gitter.im/TouK/sputnik.svg)](https://gitter.im/TouK/sputnik?utm_source=badge\u0026utm_medium=badge\u0026utm_campaign=pr-badge\u0026utm_content=badge)\n\n## Usage\n\nSputnik runs Checkstyle, PMD, SpotBugs, CodeNarc, JSHint (or JSLint), TSLint, Ktlint and Detekt only on files affected by Gerrit's patchset. It collects all violations and report them back to Gerrit or Stash.\n\nTypical configuration file looks like this:\n\n```properties\nconnector.type=gerrit\nconnector.host=your.host.com\nconnector.path=/gerrit\nconnector.port=8080\nconnector.username=sputnik\nconnector.password=PassWd\nconnector.useHttps=false\nconnector.verifySsl=false\nconnector.tag=sputnik\ncheckstyle.enabled=true\ncheckstyle.configurationFile=sun_checks.xml\ncheckstyle.propertiesFile=\npmd.enabled=true\npmd.ruleSets=rulesets/java/android.xml,rulesets/java/basic.xml\nspotbugs.enabled=true\nspotbugs.includeFilter=\nspotbugs.excludeFilter=\ncodenarc.enabled=true\ncodenarc.ruleSets=\ncodenarc.excludes=**/*.java\njslint.enabled=false\njshint.enabled=true\njshint.configurationFile=jshint.json\ntslint.enabled=true\ntslint.script=/usr/bin/tslint\ntslint.configurationFile=tslint.json\nktlint.enabled=true\nktlint.exclude=no-semi,indent\ndetekt.enabled=true\ndetekt.config.file=src/test/resources/detekt/config/config.yml\n```\n\nSee [this](src/main/resources/example.properties) for a downloadable sample file, and [this](src/main/java/pl/touk/sputnik/configuration/GeneralOption.java) for a full list of options.\n\nIf you want sputnik to use your SonarQube rules just download them from your SonarQube profile and use these with `checkstyle.configurationFile`, `pmd.ruleSets` and `spotbugs.includeFilter` variables.\n\nTo ease migration from FindBugs to SpotBugs these three configuration properties still work and affect SpotBugs now: `findbugs.enabled`, `findbugs.includeFilter` and `findbugs.excludeFilter`.\n\n## Installation\n\n- clone this repository and build it: `gradle distZip` or download [distribution](https://github.com/TouK/sputnik/releases/download/sputnik-2.6.0/sputnik-2.6.0.zip)\n- copy distribution file `build/distributions/sputnik-2.6.0.zip` to your installation dir, e.g. `/opt/sputnik` and unzip it\n- to avoid problems with deployment keep the structure unchanged, so sputnik file is in `bin/` directory, jars in `lib/`\n- create configuration file (you can just paste and edit an example above), e.g. `/opt/sputnik/myconf.properties`\n- you can now run sputnik like this:\n```\n/opt/sputnik/bin/sputnik --conf /opt/sputnik/gerrit.properties --changeId I0a2afb7ae4a94ab1ab473ba00e2ec7de381799a0 --revisionId 3f37692af2290e8e3fd16d2f43701c24346197f0\n```\n\n### Build tool\n\nSputnik is intended to run just after your Jenkins/CI server build. It should be executed in the root directory of the analyzed project to find files to analyze.\n\nSputnik currently supports Maven (default) and Gradle. Some processors (e.g. SpotBugs) analyze compiled classes, so it's important to set\nthe build tool property correctly. To change it to Gradle just set `project.build.tool=gradle` in your `sputnik.properties` file.\n\n### Gerrit support\n\nThree parameters are required: your configuration file (details below), Gerrit's changeId and revisionId. ie:\n\n```\nsputnik --conf /path/to/conf.properties --changeId I0a2afb7ae4a94ab1ab473ba00e2ec7de381799a0 --revisionId 3f37692af2290e8e3fd16d2f43701c24346197f0\n```\n\nOther parameters are available. See them with `sputnik --help`.\n\nDepending on your workflow it can happen that the changeId matches changes on multiple branches, for example when you push a change set identified by particular changeId into your working branch and review branch.\\\nYou can recognize it by the following error message:\n\n```\nRequest not successful. Message: Not Found. Status-Code: 404. Content: Not found: yours_change_id\n```\n\nIn this case the extended changeId format (`REPO_NAME~BRANCH_NAME~CHANGE_ID`) should be used which includes the repository and the branch name, for example:\n\n```\nsputnik --conf /path/to/conf.properties --changeId myProject~master~I0a2afb7ae4a94ab1ab473ba00e2ec7de381799a0 --revisionId 3f37692af2290e8e3fd16d2f43701c24346197f0\n```\n\n### Stash support\n\nIf you choose to run sputnik with Stash instead of Gerrit, you'll need to run it in the following manner:\n\n```\n/opt/sputnik/bin/sputnik --conf /opt/sputnik/stash.properties --pullRequestId 15\n```\n\nIt is convenient to add sputnik's configuration file (`myconf.properties` in the above example) to your\nproject's repo. This way, it will be easier to run it from CI server.\n\n### SSL verification\nSSL trust verification and hostname verification is disabled by default. You can enable it by setting `connector.verifySsl=true` property. \n\n### Add Post-Build step to Jenkins/CI server\n\nIf you have Jenkins job that uses Gerrit Trigger plugin it's very easy to integrate it as Post-Build step:\n\n- create a user in Gerrit with HTTP password access and Non-Interactive Users group (take a look at Gerrit documentation [https://git.eclipse.org/r/Documentation/cmd-create-account.html](here))\n- add Post-Build step to your Jenkins job: Execute bash shell:\n```\n/opt/sputnik/bin/sputnik --conf /opt/sputnik/myconf.properties --changeId $GERRIT_CHANGE_ID --revisionId $GERRIT_PATCHSET_REVISION\n# This line makes sure that this Post-Build step always returns exit code 0\n# so it won't affect your main build result\necho \"exit 0 workaround\"\n```\n\n### Add Post-Build step to Bamboo\n\nWhen stash is build on Bamboo there is no direct way to check which pull\nrequest id it matches. This is a simple way to find required id.\n\nAssumptions:\n- there is sputnik's config file named `sputnik.properties` in project's root directory\n- user and password are configured in bamboo plan as variables (e.g.\n  _ecosystem.username_ and _ecosystem.password_)\n- config file has placeholders for user and password:\n```properties\nstash.username=\u003cusername\u003e\nstash.password=\u003cpassword\u003e\n```\n\nWith those steps in place you can use a step from\n`contrib/stash-execute.sh`:\n\n```\ncurrent_branch=${bamboo.repository.branch.name} sputnik_distribution_url=https://github.com/TouK/sputnik/releases/download/sputnik-1.4.0/sputnik-1.4.0.zip stash_password=${bamboo_ecosystem_password} stash_user=${bamboo_ecosystem_username} ./stash-execute.sh\n```\n\n## Launching with Maven\n\nIf you prefer running Sputnik from Maven, there is a plugin developed by Karol Lassak here: https://github.com/ingwarsw/sputnik-maven-plugin. Read plugin documentation for reference.\n\n## Launching with Gradle\n\nIf you prefer running Sputnik from Gradle all you need is to have Gradle installed.\nPut build.gradle file in your repository, add config file and run:\n```\ngradle run -Dexec.args=\"--conf example.properties --changeId 1234 --revisionId 4321\"\n```\n\n## Requirements\n\n- Gerrit 2.8 is required (REST API for reviews was introduced in this version)\n- Jenkins or other CI server to download and build patchsets\n\n## Contributors\n\n- Tomasz Kalkosiński\n- Marcin Cylke\n- Piotr Jagielski\n- Karol Lassak\n- Henning Hoefer\n- Dominik Przybysz\n- Damian Szczepanik\n- Rafał Nowak\n- Filip Majewski\n\n## License\n\nThis project is licenced under Apache License.\n\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftouk%2Fsputnik","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftouk%2Fsputnik","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftouk%2Fsputnik/lists"}