Contrast Maven plugin

Maven is a build tool that builds, packages, and tests your Java applications.

The Contrast Maven plugin can integrate Contrast Asses and Scan into your project's Maven build.

Goals

  • Scan: The scan goal analyzes the Maven project’s artifact with Contrast Scan to find vulnerabilities using static analysis.

  • Install: The install goal includes the Contrast Java agent in integration testing to provide Contrast Assess runtime security analysis.

  • Verify: The verify goal verifies that none of the vulnerabilities found by Contrast Assess during integration testing violate the project’s security policy (fails the build when violations are detected).

Reference

Reference the Contrast Maven Plugin Documentation for information on:

  • Usage

  • Goals

  • Configuration

Note

There may be other options for installing the Java agent. See full list of integrations that work with Contrast.

See also

In this section: