如何使 FindBugs Security JSP 与 Sonar 5.6.3 中的 WEB 插件一起使用?
How to make FindBugs Security JSP work with WEB plugin in Sonar 5.6.3?
FindBugs 安全 JSP 与 WEB 插件冲突,当我将它配置为通过放置 .html、.xhtml、.r[ 来扫描 .jsp 文件时=18=],.shtml,.jsp 在 File suffixes 选项中。当我在 Maven 上 运行 sonar:sonar 时,出现以下错误:
[ERROR] Failed to execute goal
org.sonarsource.scanner.maven:sonar-maven-plugin:3.2:sonar
(default-cli) on project testeSonar: Language of file
'src/main/webapp/index.jsp' can not be decided as the file matches
patterns of both sonar.lang.patterns.jsp : /*.jsp and
sonar.lang.patterns.web :
**/.html,/.xhtml,/.rhtml,/.shtml,**/*.jsp -> [Help 1]
我怎样才能让两者都正常工作?如果那不可能,是否有办法禁用 FindBugs 安全 JSP 配置文件,以便 WEB 插件也可以扫描 jsp 个文件?
每个文件扩展名只能由一个插件声明(参见https://jira.sonarsource.com/browse/MMF-145). Your problem is that two plugins have declared the same extension. You should be able to edit the global settings (Administration > [language name]) to restrict the file extension to the plugin of your choice. Currently it is possible to disable the jsp file scan for the WEB plugin, but not the FindBugs Security JSP, as it does not provide this option in the administration tab (see https://github.com/SonarQubeCommunity/sonar-findbugs/issues/67)
请注意,这意味着这种配置会使其中一个插件忽略具有该扩展名的文件。
FindBugs 安全 JSP 与 WEB 插件冲突,当我将它配置为通过放置 .html、.xhtml、.r[ 来扫描 .jsp 文件时=18=],.shtml,.jsp 在 File suffixes 选项中。当我在 Maven 上 运行 sonar:sonar 时,出现以下错误:
[ERROR] Failed to execute goal org.sonarsource.scanner.maven:sonar-maven-plugin:3.2:sonar (default-cli) on project testeSonar: Language of file 'src/main/webapp/index.jsp' can not be decided as the file matches patterns of both sonar.lang.patterns.jsp : /*.jsp and sonar.lang.patterns.web : **/.html,/.xhtml,/.rhtml,/.shtml,**/*.jsp -> [Help 1]
我怎样才能让两者都正常工作?如果那不可能,是否有办法禁用 FindBugs 安全 JSP 配置文件,以便 WEB 插件也可以扫描 jsp 个文件?
每个文件扩展名只能由一个插件声明(参见https://jira.sonarsource.com/browse/MMF-145). Your problem is that two plugins have declared the same extension. You should be able to edit the global settings (Administration > [language name]) to restrict the file extension to the plugin of your choice. Currently it is possible to disable the jsp file scan for the WEB plugin, but not the FindBugs Security JSP, as it does not provide this option in the administration tab (see https://github.com/SonarQubeCommunity/sonar-findbugs/issues/67)
请注意,这意味着这种配置会使其中一个插件忽略具有该扩展名的文件。