我计划使用findsecbugs插件通过findbugs插件扫描Java代码中的漏洞。我正在寻找包含在我的build.gradle文件中的配置参数,类似于this。
附注:我能够在Gradle中使用FindBugs插件。
附注:我能够在Gradle中使用FindBugs插件。
我尝试并找到了可行的配置。以下是可行的配置:
apply plugin: 'java'
apply plugin: 'findbugs'
apply plugin: 'maven'
apply plugin: 'signing'
sourceCompatibility = 1.7
dependencies {
findbugs 'com.google.code.findbugs:findbugs:3.0.0'
findbugs configurations.findbugsPlugins.dependencies
// Here we specify the findbugsPlugins
findbugsPlugins 'com.h3xstream.findsecbugs:findsecbugs-plugin:1.2.0'
}
task findbugs(type: FindBugs) {
classes = fileTree(project.rootDir.absolutePath).include("**/*.class");
source = fileTree(project.rootDir.absolutePath).include("**/*.java");
classpath = files()
pluginClasspath = project.configurations.findbugsPlugins
findbugs {
toolVersion = "3.0.0"
sourceSets = [sourceSets.main]
ignoreFailures = true
reportsDir = file("$project.buildDir/findbugsReports")
effort = "max"
reportLevel = "high"
includeFilter = file("$rootProject.projectDir/include.xml")
excludeFilter = file("$rootProject.projectDir/exclude.xml")
}
tasks.withType(FindBugs) {
reports {
xml.enabled = false
html.enabled = true
}
}
}