Absent Member.
Absent Member.

New user, probably old questions...

Hello, I've signed on to get Fortify services integrated into our development environment.

So I’m looking for information on integrating the Fortify services within our dev environment as seamlessly as possible, ideally through the use of a plugin for Intellij IDEA or, outside of this, the sourceanalyzer command line tool so I can script to it.

I’ve attempted to use sourceanalyzer as per information I’ve found on the web ($: sourceanalyzer @,<projectname>Clean.txt) but not getting a full picture of what’s needed, e.g., I can clean and build using the generated <projectname>Clean.txt and  <projectname>Build.txt (generated when I used the Fortify web interface as per instructions initially) but the <projectname>Scan.txt file fails to perform the scan, and I’m not sure what I’m missing since the documentation that I’ve found isn’t clear on the subject (lots of information on using the GUI).

Could someone provide some guidelines on how I might do this? This is a Java 1.8 code base and as mentioned using Intellij as our IDE. The solution I'm attempting to author is targetted to be used in both our local development as well as our CI processes.



Labels (2)
0 Replies
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.