Checkmarx scan runs as a step in CI/CD on my Springboot Application .
In the scan results, Checkmarx is reporting Leftover Debug Code issue, because I have the main
method as the entry point in my Springboot Application .
How can I pass the Checkmarx scan?
@SpringBootApplication(exclude = {JNDIConnectionFactoryAutoConfiguration.class, HibernateJpaAutoConfiguration.class, JpaRepositoriesAutoConfiguration.class, DataSourceTransactionManagerAutoConfiguration.class, TransactionAutoConfiguration.class})
@ImportResource({"classpath:applicatiomContext.xml"})
public class MyApplication extends SpringBootServletInitializer {
public static void main(String args []) {
SpringApplication springApplication = new SpringApplication(MyApplication.class);
springApplication.run(args);
}
}
The Leftover Debug Code Checkmarx query is apparently looking for the "public" and "static" keywords so try to change the modifier into private or protected:
@SpringBootApplication(exclude = {JNDIConnectionFactoryAutoConfiguration.class, HibernateJpaAutoConfiguration.class, JpaRepositoriesAutoConfiguration.class, DataSourceTransactionManagerAutoConfiguration.class, TransactionAutoConfiguration.class})
@ImportResource({"classpath:applicatiomContext.xml"})
public class MyApplication extends SpringBootServletInitializer {
protected static void main(String args []) {
SpringApplication springApplication = new SpringApplication(MyApplication.class);
springApplication.run(args);
}
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.