Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/code-star/sbt-findsecbugs

An SBT plugin for FindSecurityBugs
https://github.com/code-star/sbt-findsecbugs

Last synced: about 2 months ago
JSON representation

An SBT plugin for FindSecurityBugs

Host: GitHub
URL: https://github.com/code-star/sbt-findsecbugs
Owner: code-star
License: mit
Created: 2016-03-04T10:09:59.000Z (almost 9 years ago)
Default Branch: master
Last Pushed: 2022-03-27T01:46:31.000Z (almost 3 years ago)
Last Synced: 2023-03-03T18:17:04.436Z (almost 2 years ago)
Language: Scala
Homepage:
Size: 65.4 KB
Stars: 6
Watchers: 4
Forks: 6
Open Issues: 4
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

[![CircleCI](https://circleci.com/gh/code-star/sbt-findsecbugs.png)](https://circleci.com/gh/code-star/sbt-findsecbugs)

# sbt-findsecbugs
An SBT plugin for FindSecurityBugs

# Usage
Add to your `plugins.sbt`: `"nl.codestar" % "sbt-findsecbugs" % "(current version)"`

(You can find the current version [here](https://github.com/code-star/sbt-findsecbugs/releases).)

You can now run `sbt findSecBugs`.

# Configuration

sbt-findsecbugs has one setting:

| Setting | Default | Meaning |
|---------------------------------|-----------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `findSecBugsExcludeFile` | `None` | Optionally provide a SpotBugs [exclusion file](https://spotbugs.readthedocs.io/en/latest/filter.html). |
| `findSecBugsFailOnMissingClass` | `true` | Consider the 'missing class' flag as failure or not. Set this to 'false' in case you excpect and want to ignore missing class messages during the check. |
| `findSecBugsParallel` | `true` | In a multimodule build, whether to run the security check for all submodules in parallel. If you run into memory issues, it might help to set this to `false`. |
| `findSecBugsPriorityThreshold` | `Priority.Low` | Set the priority threshold. Bug instances must be at least as important as this priority to be reported. Possible values: `High`, `Normal`, `Low`, `Experimental`.|
| `findSecBugs / artifactPath` | `crossTarget.value / "findsecbugs" / "report.html"` | Output path for the resulting report. |
| `findSecBugs / forkOptions` | derived from other settings | Configuration for the forked JVM. Uses the corresponding settings (`findSecBugs / javaOptions`). |

# For developers of sbt-findsecbugs

## Tests
The plugin can be tested manually by running `sbt findSecBugs` in the test-project
The plugin has automated test which can be run by this command `sbt scripted`

## Release
To release a new version:
* Get a [bintray](https://bintray.com) account and make sure you're a member of the [`code-star`](https://bintray.com/code-star) organization.
* Run `sbt publish`