-
Notifications
You must be signed in to change notification settings - Fork 467
Eclipse Tutorial
Don't hesitate to correct grammar mistakes or unclear sections.
You can find the Eclipse FindBugs plugin in the marketplace.
Once the installation is complete, you need to restart Eclipse.
The recommended configuration to use with Find Security Bugs is to limit the scan to Security only bug detectors. Go to Eclipse -> Preferences (Mac) or Window -> Preferences (Windows). Then go to Java -> FindBugs, and make sure only "Security" is checked on the "Reporting configuration" tab's "Reported (visible) bug categories" list.
You can add the Find Security Bugs plugin in the section Plugins and misc. settings.
You can disable some detectors that you want to ignore.
You need to restart Eclipse at this point. The plugin will be ignored otherwise.
To launch a new scan you can right-click on the target project and select "Find Bugs > Find Bugs".
The scan may take up to several minutes to complete, depending on the number of classes in the project.
Finally, you can navigate through the different findings using the Bug Explorer view.
Find Security Bugs : Website | OWASP Page