Skip to content

Commit 0431218

Browse files
davewichersdavewichers
committed
Some improvements to the Fortify Scan script to put results file
in /results folder and better than that file. Upgrade various plugins in the pom.
1 parent 80a7ff9 commit 0431218

File tree

2 files changed

+48
-18
lines changed

2 files changed

+48
-18
lines changed

pom.xml

Lines changed: 39 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -51,7 +51,7 @@
5151
<plugin>
5252
<groupId>com.h3xstream.findsecbugs</groupId>
5353
<artifactId>findsecbugs-plugin</artifactId>
54-
<version>1.11.0</version>
54+
<version>1.12.0</version>
5555
</plugin>
5656
</plugins>
5757
</configuration>
@@ -863,7 +863,7 @@
863863
<plugin>
864864
<groupId>org.apache.maven.plugins</groupId>
865865
<artifactId>maven-dependency-plugin</artifactId>
866-
<version>3.2.0</version>
866+
<version>3.3.0</version>
867867
<configuration>
868868
<usedDependencies>
869869
<dependency>com.sun.jersey:jersey-servlet</dependency>
@@ -874,6 +874,11 @@
874874
</usedDependencies>
875875
</configuration>
876876
</plugin>
877+
<plugin>
878+
<groupId>org.apache.maven.plugins</groupId>
879+
<artifactId>maven-release-plugin</artifactId>
880+
<version>3.0.0-M5</version>
881+
</plugin>
877882
</plugins>
878883
</pluginManagement>
879884

@@ -886,13 +891,13 @@
886891
<plugin>
887892
<groupId>org.apache.maven.plugins</groupId>
888893
<artifactId>maven-clean-plugin</artifactId>
889-
<version>3.1.0</version>
894+
<version>3.2.0</version>
890895
</plugin>
891896

892897
<plugin>
893898
<groupId>org.apache.maven.plugins</groupId>
894899
<artifactId>maven-compiler-plugin</artifactId>
895-
<version>3.9.0</version>
900+
<version>3.10.1</version>
896901
<configuration>
897902
<fork>true</fork>
898903
<meminitial>1000m</meminitial>
@@ -926,7 +931,7 @@
926931
<configuration>
927932
<rules>
928933
<enforceBytecodeVersion>
929-
<maxJdkVersion>1.7</maxJdkVersion>
934+
<maxJdkVersion>${project.java.target}</maxJdkVersion>
930935
<excludes>
931936
<!-- guava includes backports for Java 7 compatibility -->
932937
<exclude>com.google.guava:guava</exclude>
@@ -945,7 +950,7 @@
945950
<configuration>
946951
<rules>
947952
<requireJavaVersion>
948-
<version>1.7</version>
953+
<version>${project.java.target}</version>
949954
<message>Benchmark is currently written to support Java 7 and 8.</message>
950955
</requireJavaVersion>
951956
</rules>
@@ -967,10 +972,16 @@
967972
<version>3.0.0-M1</version>
968973
</plugin>
969974

975+
<plugin>
976+
<groupId>org.apache.maven.plugins</groupId>
977+
<artifactId>maven-jxr-plugin</artifactId>
978+
<version>3.2.0</version>
979+
</plugin>
980+
970981
<plugin>
971982
<groupId>org.apache.maven.plugins</groupId>
972983
<artifactId>maven-pmd-plugin</artifactId>
973-
<version>3.15.0</version>
984+
<version>3.16.0</version>
974985
<configuration>
975986
<linkXref>true</linkXref>
976987
<targetJdk>1.7</targetJdk>
@@ -980,7 +991,7 @@
980991
<plugin>
981992
<groupId>org.apache.maven.plugins</groupId>
982993
<artifactId>maven-project-info-reports-plugin</artifactId>
983-
<version>3.1.2</version>
994+
<version>3.2.2</version>
984995
</plugin>
985996

986997
<plugin>
@@ -992,13 +1003,13 @@
9921003
<plugin>
9931004
<groupId>org.apache.maven.plugins</groupId>
9941005
<artifactId>maven-site-plugin</artifactId>
995-
<version>3.10.0</version>
1006+
<version>3.11.0</version>
9961007
</plugin>
9971008

9981009
<plugin>
9991010
<groupId>org.apache.maven.plugins</groupId>
10001011
<artifactId>maven-surefire-plugin</artifactId>
1001-
<version>3.0.0-M5</version>
1012+
<version>3.0.0-M6</version>
10021013
</plugin>
10031014

10041015
<plugin>
@@ -1013,7 +1024,13 @@
10131024
<plugin>
10141025
<groupId>org.codehaus.cargo</groupId>
10151026
<artifactId>cargo-maven3-plugin</artifactId>
1016-
<version>1.9.8</version>
1027+
<version>1.9.10</version>
1028+
</plugin>
1029+
1030+
<plugin>
1031+
<groupId>org.codehaus.mojo</groupId>
1032+
<artifactId>versions-maven-plugin</artifactId>
1033+
<version>2.10.0</version>
10171034
</plugin>
10181035

10191036
<!-- SpotBugs Static Analysis - the successor to FindBugs -->
@@ -1036,6 +1053,13 @@
10361053
</dependencies>
10371054
</plugin>
10381055

1056+
<plugin>
1057+
<groupId>com.h3xstream.findsecbugs</groupId>
1058+
<artifactId>findsecbugs-plugin</artifactId>
1059+
<!-- You MUST update the plugin version used in findsecbugs profile, so these versions match. You can't define/use a versions.findsecbugs property because it breaks the naming of the findsecbugs results file. -->
1060+
<version>1.12.0</version>
1061+
</plugin>
1062+
10391063
<plugin>
10401064
<groupId>com.internetitem</groupId>
10411065
<artifactId>write-properties-file-maven-plugin</artifactId>
@@ -1051,7 +1075,7 @@
10511075
<plugin>
10521076
<groupId>com.diffplug.spotless</groupId>
10531077
<artifactId>spotless-maven-plugin</artifactId>
1054-
<version>2.17.6</version>
1078+
<version>2.22.1</version>
10551079
<configuration>
10561080
<!-- optional: limit format enforcement to just the files changed by this feature branch -->
10571081
<ratchetFrom>origin/master</ratchetFrom>
@@ -1142,12 +1166,10 @@
11421166
<plugin>
11431167
<groupId>org.apache.maven.plugins</groupId>
11441168
<artifactId>maven-jxr-plugin</artifactId>
1145-
<version>3.1.1</version>
11461169
</plugin>
11471170
<plugin>
11481171
<groupId>org.codehaus.mojo</groupId>
11491172
<artifactId>versions-maven-plugin</artifactId>
1150-
<version>2.8.1</version>
11511173
<reportSets>
11521174
<reportSet>
11531175
<reports>
@@ -1161,10 +1183,10 @@
11611183
<plugin>
11621184
<groupId>org.apache.maven.plugins</groupId>
11631185
<artifactId>maven-project-info-reports-plugin</artifactId>
1164-
<version>3.0.0</version>
11651186
<reportSets>
11661187
<reportSet>
11671188
<reports>
1189+
<report>index</report>
11681190
<report>dependency-convergence</report>
11691191
</reports>
11701192
</reportSet>
@@ -1174,10 +1196,9 @@
11741196
</reporting>
11751197

11761198
<properties>
1177-
<maven.compiler.source>1.7</maven.compiler.source>
1178-
<maven.compiler.target>1.7</maven.compiler.target>
11791199
<failOnMissingWebXml>false</failOnMissingWebXml>
11801200
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
1201+
<project.java.target>1.7</project.java.target>
11811202
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
11821203
<maven.war.webxml>${basedir}/src/config/web.xml</maven.war.webxml>
11831204
<!-- runenv defaults to local here. But scripts can set this to 'remote' to launch remotely accessible Benchmark. e.g., mvn clean package cargo:run -Pdeploy1.2 -Drunenv=remote -->
@@ -1198,7 +1219,7 @@
11981219
<version.apache-shared-ldap>0.9.19</version.apache-shared-ldap>
11991220
<version.exec.maven>1.6.0</version.exec.maven>
12001221
<version.hibernate>3.6.10.Final</version.hibernate>
1201-
<version.spotbugs.maven>4.5.3.0</version.spotbugs.maven>
1222+
<version.spotbugs.maven>4.6.0.0</version.spotbugs.maven>
12021223
<version.spotbugs>4.6.0</version.spotbugs>
12031224
<version.springframework>4.3.30.RELEASE</version.springframework>
12041225
<!-- tomcat 8.5 is last version to support Java 7. Tomcat 9+ requires Java 8. -->

scripts/mvnFortifyScan.sh

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,9 @@
1+
benchmark_version=$(scripts/getBenchmarkVersion.sh)
2+
FortifySCA_version=$(sourceanalyzer -v | grep 'Fortify Static' | cut -d" " -f5)
3+
FortifyRulePack_version=$(fortifyupdate -showInstalledRules | grep "Core, Java v" | cut -d" " -f7)
4+
5+
results_file="results/Benchmark_${benchmark_version}-Fortify${FortifySCA_version}_${FortifyRulePack_version}.fpr"
6+
7+
sourceanalyzer -b benchmark -Xmx10G -scan -f $results_file
8+
echo "Results written to: $results_file"
9+

0 commit comments

Comments
 (0)