Sto cercando di integrare il plugin find-security-bugs per findbug usando maven. Sono in grado di eseguire findbug con Maven ed eseguire la trasformazione da xml in html senza alcun problema. Sono in grado di eseguire findbugs con il plugin foundecbugs senza trasformazione. Sto riscontrando un errore quando sto cercando di eseguire la trasformazione dopo la configurazione del plugin findsecbugs. Il problema sta sorgendo perché il plugin trovaecbugs sta atterrando nella directory xmloutput in qualche modo e l'errore arriva quando si tenta di trasformare il file jar quando si aspetta un file XML.
La mia configurazione è la seguente:
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-antrun-plugin</artifactId>
<version>1.7</version>
<executions>
<execution>
<phase>process-resources</phase>
<configuration>
<target>
<echo message="${project.version}" file="${project.build.directory}/version"/>
</target>
</configuration>
<goals>
<goal>run</goal>
</goals>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>findbugs-maven-plugin</artifactId>
<version>${findbugs.plugin.version}</version>
<configuration>
<effort>Max</effort>
<!-- Build doesn't fail if problems are found -->
<failOnError>false</failOnError>
<!-- Reports all bugs (other values are medium and max) -->
<threshold>Low</threshold>
<!-- Produces XML report -->
<xmlOutput>true</xmlOutput>
<!-- Configures the directory in which the XML report is created -->
<findbugsXmlOutputDirectory>${project.build.directory}/findbugs</findbugsXmlOutputDirectory>
<includeFilterFile>./dev-support/findbugsIncludeFile.xml</includeFilterFile>
<!--Configure include and exclude filters here -->
<includeFilterFile>${session.executionRootDirectory}/findbugs-security-include.xml</includeFilterFile>
<excludeFilterFile>${session.executionRootDirectory}/findbugs-security-exclude.xml</excludeFilterFile>
<plugins>
<plugin>
<groupId>com.h3xstream.findsecbugs</groupId>
<artifactId>findsecbugs-plugin</artifactId>
<version>1.4.3</version> <!-- Auto-update to the latest stable -->
</plugin>
</plugins>
</configuration>
<executions>
<!--
Ensures that FindBugs inspects source code when project is compiled.
-->
<execution>
<id>analyze-compile</id>
<phase>compile</phase>
<goals>
<goal>check</goal>
</goals>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>xml-maven-plugin</artifactId>
<version>1.0</version>
<configuration>
<transformationSets>
<transformationSet>
<!-- Configures the source directory of XML files. -->
<dir>${project.build.directory}/findbugs</dir>
<!-- Configures the directory in which the FindBugs report is written.-->
<outputDir>${project.build.directory}/findbugs</outputDir>
<!-- Selects the used stylesheet. -->
<!-- <stylesheet>fancy-hist.xsl</stylesheet> -->
<stylesheet>default.xsl</stylesheet>
<!--<stylesheet>plain.xsl</stylesheet>-->
<!--<stylesheet>fancy.xsl</stylesheet>-->
<!--<stylesheet>summary.xsl</stylesheet>-->
<fileMappers>
<!-- Configures the file extension of the output files. -->
<fileMapper
implementation="org.codehaus.plexus.components.io.filemappers.FileExtensionMapper">
<targetExtension>.html</targetExtension>
</fileMapper>
</fileMappers>
</transformationSet>
</transformationSets>
</configuration>
<executions>
<!-- Ensures that the XSLT transformation is run when the project is compiled. -->
<execution>
<phase>compile</phase>
<goals>
<goal>transform</goal>
</goals>
</execution>
</executions>
<dependencies>
<dependency>
<groupId>com.google.code.findbugs</groupId>
<artifactId>findbugs</artifactId>
<version>3.0.3</version>
</dependency>
</dependencies>
</plugin>
</plugins>
Modifica: L'errore è simile al seguente:
[ERROR] Failed to execute goal org.codehaus.mojo:xml-maven-plugin:1.0:transform (default) on project test1: Failed to transform input file <UserHome>/test1/target/findbugs/findsecbugs-plugin-1.4.3.jar: javax.xml.transform.TransformerException: com.sun.org.apache.xml.internal.utils.WrappedRuntimeException: Content is not allowed in prolog. -> [Help 1]