How can I exclude test directories in a Java Project from being scanned by Fortify sca. The directories are structured in the following way -
/src/main/xyz/pqr
/src/main/xyz/test/abc
/src/test/xyz
I want to exclude any files under folders named test from being scanned. I am not sure how to use the -exclude command line parameter to achieve this.
Use the following:
-exclude "**/test/*"
use -exclude /src/main/xyz/test/** if you are using command prompt to run then backslash
As pointed out by https://stackoverflow.com/a/36754012/6641032, the exclusion pattern expects the path starting from drive letter. The wildcard ** notation can match as many folder levels as there is, but the path has to start from drive root, so can't be **/folder/**. I'm on Source Analyser 16.10 and it worked for me.
Related
I have generated some output files using bazel build, but its is a bit tedious to specify the path of the bazel-bin directory everytime I need to access the output.
In deeply nested bazel projects, not only do I need to get the specific repository, /Users/username/repos/organisation/folder/folder/repo, I also need to add the bazel-bin/folder1/folder2/folder3/folder4/binary_i_want. I would prefer to say $output/binary_i_want. Bazel should be able to get the project directory (as it looks up the workspace file), and find the bazel-bin, and then look for the equivalent directory I am in. This is because I might not be running it directly, but instead copying this file to an android device, with adb push.
Is this possible? Thank you
You can use $(bazel info bazel-bin)/binary_i_want for this.
Edit: Getting the complete path to an artifact generate by a rule is a bit more involved. One option using jq could be:
$(bazel info workspace)/$(bazel aquery //:some_path --output jsonproto 2>/dev/null | jq -r ".artifacts[0].execPath")
(Inspired by this answer: Bazel: How do you get the path to a generated file?)
I "translate" my sources with msbuild using the following command:
sourceanalyzer -b sample -exclude "**/*.xml" "**/Test/**" msbuild sample.sln /maxcpucount:1
After this is done I analyze the source with:
sourceanalyzer -b sample -scan -f result.fpr
The sample.sln solution contains a lot of test projects too. Those projects produce a lot of findings I’m not interested in. How can I exclude those projects? They are all in "Test" sub folders. I’ve tried the –exclude switch with no luck. I guess it is ignored when building with msbuild.
The analyzer also produces findings for xml files which comes with 3rd party libraries. This is interesting but I do not want to have them in my report. The exclude does also not work here.
here is the official Fortify documentation (from version 17.10):
File specifiers are expressions that allow you to pass a long list of files to Fortify Static Code Analyzer using wild card characters. Fortify Static Code Analyzer recognizes two types of wild card characters: a single asterisk character () matches part of a file name, and double asterisk characters (**) recursively matches directories. You can specify one or more files, one or more file specifiers, or a combination of files and file specifiers.*
<files> | <file specifiers>
The following table describes the different file specifiers forms:
dirname : All files found in the named directory or any subdirectories.
dirname/**/Example.java: Any file named Example.java found in the named directory or any subdirectories.
dirname/*.java: Any file with the extension .java found in the named directory.
dirname/**/*.java: Any file with the extension .java found in the named directory or any subdirectories.
/**/*: All files found in the named directory or any subdirectories (same as ).
Note: Windows and many Unix shells automatically expand parameters that contain the asterisk character (), so you must enclose file-specifier expressions in quotes. Also, on Windows, you can use the backslash character () as the directory separator instead of the forward slash (/).*
File specifiers do not apply to C, C++, or Objective-C++ languages.
According to the above documentation, you would have to pass all "Test" subfolders paths:
-exclude path1/**/*|path2/**/*|etc..
but the last documentation line is saying that it will not be supported in C/C++/ObjectiveC++.
I need to copy a file, using a groovy script in Jenkins (pipeline). This file has the character ü in it, which results in the file not being found. I've tried renaming the file to a standard u, and it works. However, this is not an option, I need the ü. Any suggestions how to solve this?
Edit: I'm using Windows 7, using the batch command xcopy.
Edit2: The command being issued is:
bat "xcopy \"${files[i].path}\" \"${path}\""
Where files[i].path is the file name containing the ü character, and path is the complete path where to put the file.
I am trying to figure out how to use relative paths for Powershell scripts. I have dot sourced with absolute paths, but the scripts that I am writing may end up in a different base directory so I need to make sure the path is relative so it can be picked up. How can I do that?
So far I have tried:
. .\scripts\variables.ps1
That always throws this exception:
The term '.\scripts\variables.ps1' is not recognized as the name of a cmdlet, function, script file, or operable program...
That lets me know it can't find my script? So, what am I doing wrong?
You can use : . $PSScriptRoot\scripts\variables.ps1
Here $PSScriptRoot is the path of directory of the running script.
This is not what the OP asked for but may be useful for others who are searching:
If you need to traverse up, you can use . $PSScriptRoot\..\scripts\variables.ps1
This works for structures such as:
root
scripts/shared directory
directory your script is executing in
If you know that your script directory structure is going to remain the same, you could use $PWD; eg:
. "$PWD\scripts\variables.ps1"
The above assumes that your script (the calling script) is in the same directory that contains the scripts directory.
Also, the assumption made here is that you're checking out/downloading all your scripts in the same structure, but as you put it, they may end up being in a different base directory.
I was wondering if it is possible to customise how dart tool compiles the app. In particular I am interested in customizing the paths that appear in script elements.
At the moment I have my app in "app/src" folder. I run the following command from the folder above "app/src", let's call it root.
dart --package-root=app/packages/ app/packages/web_ui/dwc.dart --out tmp app/src/testapp.html
I send the output to a tmp folder in that root folder. The problem is that evey time I compile the app, the paths in script element have "../app/src" prepended to the path. So instead of having a
"packages/browser/dart.js" path I end up with "../app/src/packages/browser/dart.js". Is there a way to configure this and avoid getting this "app/src" prefixes.
Ok, I haven't found a solution to my problem using the dart tools configuration so I had to use the old friend - sed.
sed "s/../app/src/packages/packages/g" ${OUT_DIR}/test.html > ${OUT_DIR_SERVER}/test.html