Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Sonar-findbugs artifacts part of target folder #285

Closed
Naseem-Banu-prog opened this issue Sep 9, 2019 · 2 comments
Closed

Sonar-findbugs artifacts part of target folder #285

Naseem-Banu-prog opened this issue Sep 9, 2019 · 2 comments

Comments

@Naseem-Banu-prog
Copy link

Hello,

We are using the Findbugs plugin v3.11.0 hosted in github. When we build the code using the Jenkins, the fb-contrib jar(which is a dependency of Sonar Findbugs plugin as per https://github.com/spotbugs/sonar-findbugs/blob/master/pom.xml ) is seen as part of maven target folder.

Our understanding is that sonar scan is run after the final artifact is generated. How does this fb-contrib jar/findsecbugs-plugin.jar is making it to target folder? we got a security flag for it. Please advise.
@gtoison
Copy link
Contributor

gtoison commented Jan 8, 2022

Sorry for the belated answer, I recently started maintaining the project.
I believe that this is due to #278 and should be solved in the newer versions of the plugin

@gtoison
Copy link
Contributor

gtoison commented Feb 18, 2022

This is actually the same issue as #128
Unfortunately I've not been able to locate the cause so far
I'll close this issue now and you can follow #128

@gtoison gtoison closed this as completed Feb 18, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Naseem-Banu-prog @gtoison