Fortify在分析中包括生成源
[英]Fortify includes generated-sources in analysis
问题描述
Is there a way to exclude generated-sources out of Fortify scan? 
有没有办法将生成的源排除在Fortify扫描之外? I tried sourcepath option mentioned in the guide but it never seem to work for me. 我尝试了指南中提到的sourcepath选项,但它似乎对我不起作用。
-Dfortify.sca.sourcepath="**/target/generated-sources/**/*.java" or
-Dfortify.sca.sourcepath="**/target/generated-sources/**"
Both the above options ended up with the below warning 以上两种选择均以以下警告告终
[WARNING] Bad value provided for option -sourcepath.
1 个解决方案
解决方案1
1 2013-10-23 08:21:20
Do not add ** to sourcepath, specify the directories instead: 不要在源路径中添加**,而是指定目录:
-Dfortify.sca.sourcepath="module1/target/generated-sources" -Dfortify.sca.sourcepath="module2/target/generated-sources"
If you are using sourceanalyzer you can add the -exclude parameter, with this you can use wildchars, like 如果您正在使用sourceanalyzer,则可以添加-exclude参数,并可以使用通配符,例如
-exclude module1/target/generated-sources/**/*.java
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
Maven生成的源/注释 - Maven generated-sources/annotations
将generated-sources作为源文件夹添加到Eclipse - Add generated-sources as source folder to Eclipse
在 generate-sources 目录下编译生成的 maven 项目 - Compile generated maven project in generated-sources directory
Eclipse 看不到来自目标/生成源的类 - Eclipse doesn't see classes from target/generated-sources
Appengine端点Maven与/ generated-sources构建错误 - Appengine Endpoints Maven Build Error with /generated-sources
IntelliJ maven 项目生成的源未拾取(仅部分) - IntelliJ maven project generated-sources not picked up (only some)
避免为目标/生成源循环构建项目 - Avoid building project in a loop for target/generated-sources
Maven:从jar工件中排除生成的源 - Maven: Exclude generated-sources from jar artifact
Maven无法解析在target / generated-sources / javacc文件夹内生成的类的依赖关系 - Maven Not able to resolve dependencies for classes generated inside target/generated-sources/javacc folder
如何从目标/生成源创建包含类的Spring Boot胖JAR - How to create a Spring Boot fat JAR containing classes from target/generated-sources
相关标签