Content

Content
How To Set System Property For CLI
Enable External DTD Load
Property Chaining Support

How To Set System Property For CLI

System properties should be provided to java command. Example: java -D<property>=<value> -jar ...

Attention to Windows users: system properties should be wrapped with ". Example: -D"<property>=<value>"

Enable External DTD Load

The property checkstyle.enableExternalDtdLoad defines the ability to use custom DTD files in config and load them from some location. The property type is boolean and defaults to false. Disabled by default due to security concerns.

When set to false (the default), Checkstyle disables the following three XML parser features to prevent XXE (XML External Entity) attacks and unauthorized file-system or network access:

http://apache.org/xml/features/nonvalidating/load-external-dtd – prevents loading of external DTD files referenced in XML documents.
http://xml.org/sax/features/external-general-entities – prevents expansion of external general entity references (e.g. &myEntity; resolved from an outside source).
http://xml.org/sax/features/external-parameter-entities – prevents expansion of external parameter entity references used inside DTD declarations.

Setting checkstyle.enableExternalDtdLoad to true enables all three features simultaneously. This is required when using the XML ENTITY include pattern shown in the examples below. Only enable this property when the XML files being parsed are fully trusted.

Examples

The following is an example of including the contents of other xml files by using the ENTITY feature to keep common parts of configs in a single file and then creating composite configs from smaller parts.
Imagine we want to define different requirements for test sources than for main code.

Common part checkstyle-common.xml:


<module name="FileLength">
  <property name="max" value="1"/>
</module>

Main config checkstyle.xml:


<?xml version="1.0"?>
<!DOCTYPE module PUBLIC
          "-//Checkstyle//DTD Checkstyle Configuration 1.3//EN"
          "https://checkstyle.org/dtds/configuration_1_3.dtd" [
    <!ENTITY common SYSTEM "checkstyle-common.xml">
]>
<module name="Checker">

    &common;

    <module name="TreeWalker">
        <module name="MemberName">
            <property name="format" value="^[a-z][a-zA-Z]+$"/>
        </module>
    </module>

</module>

Test config checkstyle-test.xml:


<?xml version="1.0"?>
<!DOCTYPE module PUBLIC
          "-//Checkstyle//DTD Checkstyle Configuration 1.3//EN"
          "https://checkstyle.org/dtds/configuration_1_3.dtd" [
    <!ENTITY common SYSTEM "checkstyle-common.xml">
]>
<module name="Checker">

    &common;

    <module name="TreeWalker">
        <module name="MemberName">
            <property name="format" value="_[a-z]"/>
        </module>
    </module>

</module>

Target file for validation Test.java:


class Test {
  int i = 0;
}

Example of execution for checkstyle.xml. Violation from Check of common.xml is expected, validation of field name is done by main code rules:


$ java -Dcheckstyle.enableExternalDtdLoad=true -classpath checkstyle-XX.X-all.jar \
        com.puppycrawl.tools.checkstyle.Main -c checkstyle.xml Test.java
Starting audit...
[ERROR] Test.java:1: File length is 3 lines (max allowed is 1). [FileLength]
[ERROR] Test.java:2:7: 'i' must match pattern '^[a-z][a-zA-Z]+$'. [MemberName]
Audit done.
Checkstyle ends with 2 errors.

Example of execution for checkstyle-test.xml. Violation from Check of common.xml is expected, validation of field name is done by test code rules:


$ java -Dcheckstyle.enableExternalDtdLoad=true -classpath checkstyle-XX.X-all.jar \
          com.puppycrawl.tools.checkstyle.Main -c checkstyle-test.xml Test.java
Starting audit...
[ERROR] Test.java:1: File length is 3 lines (max allowed is 1). [FileLength]
[ERROR] Test.java:2:7: 'i' must match pattern '_[a-z]'. [MemberName]
Audit done.
Checkstyle ends with 2 errors.

Attention to Windows users: system properties should be wrapped with ". Example: -D"<property>=<value>"

Property Chaining Support

Checkstyle supports property expansion within property definitions, also known as property chaining. This feature allows you to define properties using other properties. For example:


checkstyle.dir=/home/user/checkstyle
config.dir=configs
checkstyle.suppressions.file=${checkstyle.dir}/${config.dir}/suppressions.xml

You can then use ${checkstyle.suppressions.file} in your checkstyle configuration, which will resolve to /home/user/checkstyle/configs/suppressions.xml.

Notes

Note that property variable expression must be of the form ${expression}.

It is not necessary to define chained properties sequentially.