Skip to main content

Contrast Maven plugin

Maven is a build tool that builds, packages, and tests your Java applications.

The Contrast Maven plugin can integrate Contrast Assess and Scan into your project's Maven build.

Use the Contrast Maven Plugin Reference Documentation for more details on:

Goals

  • Scan: The scan goal analyzes the Maven project’s artifact with Contrast Scan to find vulnerabilities using static analysis.

  • Install: The install goal includes the Contrast Java agent in integration testing to provide Contrast Assess runtime security analysis. For this goal to succeed, you need the Organization Edit role.

  • Verify: The verify goal verifies that none of the vulnerabilities found by Contrast Assess during integration testing violate the project’s security policy (fails the build when violations are detected).

See also