Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

NOTE This feature requires SQ 7.2+ and SonarJava 5.6+.

Import of SpotBugs, FindSecBugs, fb-contrib Reports

SonarJava allows to import into SonarQube/SonarCloud issues generated by SpotBugs. Because SpotBugs and FindBugs share the same output format, it's also possible to import reports from FindBugs and its extensions (FindSecBugs, fb-contrib). Please refer to the SpotBugs or FindSecBugs documentations to know how to generate the issues reports.

Once you have the report generated, you need to feed the property "". This property accepts one or more SpotBugs reports, paths to report files should be absolute or relative to the project base directory.

Using spotbugs-maven-plugin, the default name of the report is spotbugsXml.xml

Using findbugs-maven-plugin, the default name is findbugsXml.xml

Because FindSecBugs, fb-contrib are extensions of SpotBugs, their issues are included in the file generated for SpotBugs issues. There is no specific file for them.

  • No labels