Uploaded image for project: 'Accumulo'
  1. Accumulo
  2. ACCUMULO-4705

Consider using security findbugs detectors

    Details

    • Type: Improvement
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: 1.7.4, 1.8.2, 2.0.0
    • Component/s: None
    • Labels:
      None

      Description

      findsecbugs-plugin is a findbugs plugin to detect potential security bugs in Java code.

      We should consider using this in our builds, at the very least, to triage potential security issues.

      In the findbugs plugin's configuration section, we'd add:

        <configuration>
          ...
          <plugin>
            <groupId>com.h3xstream.findsecbugs</groupId>
            <artifactId>findsecbugs-plugin</artifactId>
            <version>1.7.1</version>
          </plugin>
        </configuration>
      

      See their website for details and docs: http://find-sec-bugs.github.io/

        Activity

        There are no comments yet on this issue.

          People

          • Assignee:
            Unassigned
            Reporter:
            ctubbsii Christopher Tubbs
          • Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated:

              Development