Ajouter des plugins de sécurité gratuits dans Eclipse | Adding free security plugins in Eclipse

Install Plugins

Install FindBugs and SonarLint by performing these steps:

• Start Eclipse
• Menu Help / Eclipse Marketplace
• Search for FindBugs, install it.
• Search for SonarLint for Eclipse, choose the optional Java Configuration Helper and install it

Add Find Security Bugs plugin for FindBugs

• Download the plugin jar file from http://find-sec-bugs.github.io
• Click Window -> Preferences then go to Java -> FindBugs
• Open Plugins and misc. Settings tab and click Add to add the Find Security Bugs plugin jar file to the list
• Restart Eclipse

Enable analysis

For each project you have in Eclipse:

• Right-click on it and click the menu Configure / Enable SonarLint

Note that Findbugs is already usable after installation so there's no need to enable it for each project.

Using Findbugs

• Right-click on the project in Eclipse and select the menu Find Bugs / Find Bugs
• Wait for the analysis to complete - a popup dialog will open, show progress and then close automatically.
• Open the Bug Explorer. The first time, you will need to select the Eclipse menu Window / Show View / Other / FindBugs / Bug Explorer

Using SonarLint

• Right click on the project in Eclipse and select the menu SonarLint / Analyze all files
• View the progress in the Eclipse Console
• View the Sonar markers in your source code.
• Occasionally update your analyzers via Help / Update SonarLint Analyzers

For a quick intro, go on the SonarLint for Eclipse web page.