更新时间:2023-09-17 21:04:58
Fortify提供了maven插件的源代码.您需要构建它
Fortify provides source code for maven plugin. You need to build it
第1步构建强化插件
打开命令提示符
cd %FORTIFY_INSTALLATION_DIRECTORY%\HP_FORTIFY\HP_Fortify_SCA_and_Apps_3.90\Samples\advanced\maven-plugin
mvn clean install
构建成功后,强化插件将出现在您的本地存储库中
After sucessful build fortify plugin will be present into your local repository
步骤2将强化源代码分析器依赖项添加到项目pom文件中
Step # 2 Add fortify source code analyzer dependency to your project pom file
<build>
<plugins>
<plugin>
<groupId>com.fortify.ps.maven.plugin</groupId>
<artifactId>sca-maven-plugin</artifactId>
<version>3.90</version>
</plugin>
</plugins>
</build>
注意-确保您确认强化扫描插件的版本
Note - Make sure you verify fortify scan plugin version
FORTIFY_INSTALLATION_DIRECTORY%\HP_FORTIFY\HP_Fortify_SCA_and_Apps_3.90\Samples\advanced\maven-plugin\pom.xml
步骤3创建.frp/报告文件
Step # 3 Create .frp / report file
mvn sca:translate
mvn sca:scan
这将在目标目录中生成强化扫描报告文件
This will generate fortify scan report file in the target directory