Is there a way to exclude generated-sources out of Fortify scan? I tried sourcepath option mentioned in the guide but it never seem to work for me.
-Dfortify.sca.sourcepath="**/target/generated-sources/**/*.java" or
-Dfortify.sca.sourcepath="**/target/generated-sources/**"
Both the above options ended up with the below warning
[WARNING] Bad value provided for option -sourcepath.
Do not add ** to sourcepath, specify the directories instead:
-Dfortify.sca.sourcepath="module1/target/generated-sources" -Dfortify.sca.sourcepath="module2/target/generated-sources"
If you are using sourceanalyzer you can add the -exclude parameter, with this you can use wildchars, like
-exclude module1/target/generated-sources/**/*.java
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.