Document how to integrate FInd Security Bugs + FB-Contrib into Maven & Gradle plugins #540
Comments
|
The integration is more or less trivial, but you've right, one should improve our documentation. Regarding installation: all what you need is described here: https://github.com/spotbugs/spotbugs/tree/release-3.1/spotbugs/plugin. P.S. I see you request the same for maven & gradle: I honestly have no idea. |
|
is there anyone who can document it for Maven & Gradle? That is really the most likely integration scenario for SpotBugs... |
|
@jacek99 Bonus: Here are some samples application with configuration examples with special cases like JSP precompilation. https://github.com/find-sec-bugs/find-sec-bugs-demos |
|
I realised not all of the previous links are referring to spotbugs but findbugs instead. The configuration should be the same aside from the plugin reference. If you have something working, you can update the doc. |
|
Docs for grade plugin has a page for this usage: We have nothing for maven. |
|
Hi, I would like to contribute to the project. Is this issue still open? Let me know if I can help. Thanks! |
|
Well, https://spotbugs.readthedocs.io/en/latest/maven.html#add-spotbugs-maven-plugin-to-your-pom-xml doesn't say anything about how to configure plugins, although @iloveeclipse was correct in saying it doesn't take very much configuration. So yes, it's still open. |
|
#1758 closed this issue. |
The front page states we can integrate the find-security-bugs & fb-contrib,
but there is zero docs on how to actually do this from the Maven & Gradle plugins.
Pls document, especially the find-security-bugs since it's critical as a SAST tool.
The text was updated successfully, but these errors were encountered: