1027代码审计平台 3 Java maven
Posted singleSpace
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了1027代码审计平台 3 Java maven相关的知识,希望对你有一定的参考价值。
使用成熟的构建工具对maven工程进行分析
官网:SCAN/Analyzing+with+SonarQube+Scanner+for+Maven
1.如下图修改settings.xml文件
![](https://image.cha138.com/20210524/ee770631014c4cfc89ea0ce4b8f1debb.jpg)
<settings>
<pluginGroups>
<!--该标签下,增加关于org.sonarsource.scanner.maven的配置-->
<pluginGroup>org.sonarsource.scanner.maven</pluginGroup>
</pluginGroups>
<profiles>
<!--在profile里增加对sonar的配置-->
<profile>
<id>sonar</id>
<activation>
<activeByDefault>true</activeByDefault>
</activation>
<properties>
<!-- Optional URL to server. Default value is http://localhost:9000 -->
<sonar.host.url>
http://127.0.0.1:9000
</sonar.host.url>
</properties>
</profile>
</profiles>
</settings>
测试
mvn clean verify sonar:sonar
more
Analyzing a Maven Project 分析一个maven项目
Analyzing a Maven project consists of running a Maven goal: sonar:sonar in the directory where the pom.xml file sits.
分析maven项目包括运行一个maven组,sonar:sonar 在pom.xml目录下运行
mvn clean verify sonar:sonar
# In some situation you may want to run sonar:sonar goal as a dedicated step. Be sure to use install as first step for multi-module projects
mvn clean install
mvn sonar:sonar
# Specify the version of sonar-maven-plugin instead of using the latest. See also \'How to Fix Version of Maven Plugin\' below.
mvn org.sonarsource.scanner.maven:sonar-maven-plugin:3.5.0.1254:sonar
一些常用网站
FAQ:
1.
以上是关于1027代码审计平台 3 Java maven的主要内容,如果未能解决你的问题,请参考以下文章