[ACCUMULO-4705] Consider using security findbugs detectors - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 2.0.0
Component/s: None
Labels:
None

Description

findsecbugs-plugin is a findbugs plugin to detect potential security bugs in Java code.

We should consider using this in our builds, at the very least, to triage potential security issues.

In the findbugs plugin's configuration section, we'd add:

  <configuration>
    ...
    <plugin>
      <groupId>com.h3xstream.findsecbugs</groupId>
      <artifactId>findsecbugs-plugin</artifactId>
      <version>1.7.1</version>
    </plugin>
  </configuration>

See their website for details and docs: http://find-sec-bugs.github.io/

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Christopher Tubbs

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 12/Sep/17 18:37

Updated:: 16/Apr/19 19:03

Resolved:: 16/Apr/19 19:03