/pom.xml

  1. [...]
  2. <build>
  3.     <plugins>
  5.         [...]
  6.         <!-- SpotBugs Static Analysis -->
  7.         <plugin>
  8.             <groupId>com.github.spotbugs</groupId>
  9.             <artifactId>spotbugs-maven-plugin</artifactId>
  10.             <version>3.1.12</version>
  11.             <configuration>
  12.                 <effort>Max</effort>
  13.                 <threshold>Low</threshold>
  14.                 <failOnError>true</failOnError>
  15.                 <includeFilterFile>${session.executionRootDirectory}/spotbugs-security-include.xml</includeFilterFile>
  16.                 <excludeFilterFile>${session.executionRootDirectory}/spotbugs-security-exclude.xml</excludeFilterFile>
  17.                 <plugins>
  18.                     <plugin>
  19.                         <groupId>com.h3xstream.findsecbugs</groupId>
  20.                         <artifactId>findsecbugs-plugin</artifactId>
  21.                         <version>1.9.0</version>
  22.                     </plugin>
  23.                 </plugins>
  24.             </configuration>
  25.         </plugin>
  26.     </plugins>
  27. </build>

/spotbugs-security-include.xml

  1. <FindBugsFilter>
  2.     <Match>
  3.         <Bug category="SECURITY"/>
  4.     </Match>
  5. </FindBugsFilter>

/spotbugs-security-exclude.xml

  1. <FindBugsFilter>
  2. </FindBugsFilter>

开始扫描

  1. mvn compile
  2. mvn spotbugs:spotbugs

分析结果

  1. mvn spotbugs:gui

参考资料