如何在Coverity Connect分析结果中忽略JAVA测试?
Lor*_*reV 5 regex code-analysis connect pattern-matching coverity
我使用Coverity扫描我的项目是否存在安全问题.
我想知道的是如何从缺陷提交后可用的分析结果中排除任何java测试(注意: 集成和单元).
我确实使用maven来构建项目,我使用标志排除了单元测试-Dmaven.skip.test=true.尽管这使得Coverity不进行扫描单元测试,但它仍然使扫描集成测试.
我项目中的所有集成测试都在文件标题中包含"Test"一词.因此,我开始查看Coverity中提供的过滤器部分.我当时尝试的是一个正则表达式(.*(!?(Test).*)$)但它没有用.似乎覆盖率支持两个匹配的字符(* and ?- 见下图),而它似乎不支持任何负面的环顾.
有没有什么好方法可以轻松,干净的方式完成这项任务?
Since Coverity relies on your Maven build, you can exclude:
- compilation and execution of both unit tests (by Surefire plugin) and integration tests (by Failsafe plugin) by adding
-Dmaven.skip.test=true - execution of both unit and integration tests via
-DskipTests - execution of integration tests via
-DskipITs
Instead, if you have your integration tests in a separate Maven module, you can directly exclude that from the Maven build via profile, like in below example -- see extract of aggregator's pom.xml and maven command line to be launched:
<modules>
<!-- remove 'my-it-module' from this list -->
</modules>
<profiles>
<profile><id>build-it</id>
<activation><activeByDefault>true</activeByDefault></activation>
<modules><module>my-it-module</module></modules>
</profile>
</profiles>
and then mvn install -P !build-it