在Eclipse中加强对Maven项目的扫描 [英] Fortify scanning in Eclipse over maven projects

问题描述

我有Fortify的Eclipse插件.但是它只能在Java项目上运行.

I have the Eclipse plugin for Fortify. But it only runs on the Java projects.

我们有一些Java项目，但它们是基于Maven的非Java项目.我可以编辑项目的 .project 文件，并将其类型更改为Java以启用Fortify扫描.但是，有没有更好的方法可以在基于Maven的项目上运行Fortify扫描?

We have some Java projects but they are Maven based non-Java projects. I can edit the .project file of the projects and change their type to Java to enable Fortify scanning. But is there a better way to run Fortify scans on Maven based projects?

编辑必须执行以下某些帖子中提到的步骤

EDIT Had to do following steps as mentioned in some of the posts below

• 安装Maven Fortify插件
• 在我的应用程序pom中添加了Maven fortify插件详细信息
• 运行翻译和扫描命令.它在项目下生成了fpr文件
• 也关注此有用的博客 http://fortify-maven.blogspot.in/

我唯一还有的问题是:

我有多个项目，每个项目都创建了一个fpr文件.我可以在一个地方为所有项目创建一个统一的fpr文件吗?

I have multiple projects where an fpr file for each project is created. Can I have a consolidated fpr file being created for all the projects in one place?

干杯，索拉夫

推荐答案

Fortify有一个Maven插件，您应该可以使用.检入此目录:

Fortify has a plugin for Maven that you should be able to use. Check in this directory:

<Fortify Installation Folder>\Samples\advanced\maven-plugin

您可以将插件编译为maven，然后可以在Maven中运行转换和扫描命令.该目录包含示例代码，并且在构建插件时会编译文档.

You compile the plugin into maven and then you can run the translate and scan commands from within Maven. That directory has sample code and the documentation is compiled when you build the plugin.

这篇关于在Eclipse中加强对Maven项目的扫描的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！