i installed fortify s/w , added fortify plugins eclipse, got 'hp fortify' menu, option 'analyze project' disabled while select coldfusion project(test) in project explorer. option enabled java project , scans java project. please suggest me how scan coldfusion project using eclipse fortify plugin support
you can scan java projects eclipse plugin.
if scanned coldfusion way (commandline, scan wizard, etc.) can load results eclipse.
if wanted scan using commandline, here 3 commands need run:
:: clean work space sourceanalyzer -b mybuild -clean :: translate source code sourceanalyzer -b mybuild -source-base-dir /www/app "/www/app/**/*.cfm" :: perform analysis sourceanalyzer -b mybuild -scan -f results.fpr these commands being run root folder of coldfusion project (relative paths), can use absolute paths if wanted run somewhere else.
the option mybuild can anything, needs consistent between 3 lines.
more information on scanning can found in sca user's guide , sourceanalyzer -h
Comments
Post a Comment