sbt-findbugs icon indicating copy to clipboard operation
sbt-findbugs copied to clipboard

Published 20 hours ago verified publisher icon sbt

Add pluginList support for FindSecurityBugs

Open jfeenstra opened this issue 9 years ago • 2 comments

In order to add the FindSecurityBugs plugin to our build, we needed to have access to FindBugs's plugin mechanism. This pull requests gives this access. Here's a usage example:

findbugsSettings
findbugsReportPath := Some(crossTarget.value / "findbugs" / "report.html")
findbugsReportType := Some(ReportType.PlainHtml)
findbugsPluginList += s"${Path.userHome.absolutePath}/.ivy2/cache/com.h3xstream.findsecbugs/findsecbugs-plugin/jars/findsecbugs-plugin-1.4.5.jar"
findbugsIncludeFilters := Some(<FindBugsFilter>
  <Match>
    <Bug category="SECURITY"/>
  </Match>
</FindBugsFilter>)
compile <<= (compile in Compile).dependsOn(FindBugs.findbugs)

jfeenstra avatar Mar 01 '16 14:03 jfeenstra

I have a recommendation: In CommandLine, add a check that the file exists, e.g.:

for(path <-findbugsPluginList) {
    if(!java.nio.file.Files.exists(java.nio.file.Paths.get(path))) {
            streams.log.error("Error: Could not find plugin" + path);
    }
}

wurstbrot avatar Jul 05 '16 16:07 wurstbrot

Does anyone know the status here? I would be really cool to have a way to configure findbugs plugins!

ideadapt avatar Dec 06 '17 15:12 ideadapt