-
Notifications
You must be signed in to change notification settings - Fork 135
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Sonar-findbugs artifacts part of target folder #285
Comments
Sorry for the belated answer, I recently started maintaining the project. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hello,
We are using the Findbugs plugin v3.11.0 hosted in github. When we build the code using the Jenkins, the fb-contrib jar(which is a dependency of Sonar Findbugs plugin as per https://github.com/spotbugs/sonar-findbugs/blob/master/pom.xml ) is seen as part of maven target folder.
Our understanding is that sonar scan is run after the final artifact is generated. How does this fb-contrib jar/findsecbugs-plugin.jar is making it to target folder? we got a security flag for it. Please advise.
The text was updated successfully, but these errors were encountered: