If you are seeing the following error while scanning your projects using Fortify Maven plugin, there is a simple fix.
[error]: Unrecognized or invalid command line argument '-disable-sourcerendering'
Fortify Static Code Analyzer 5.16.0.0042
Copyright (c) 2003-2013 Fortify Software
For command-line help, type 'sourceanalyzer -h'
[ERROR] Error invoking sourceanalyzer. Exit code: 1.
Verify your project settings and your SCA installation.
Open the file com.fortify.ps.maven.plugin.sca.ScanMojo.java, and replace the following code:
com.fortify.ps.maven.plugin.sca.ScanMojo
If (!renderSources) {
addArg(“-disable-sourcerendering");
}
With the following lines
If (!renderSources) {
addArg(“-disable-source-rendering");
}
Recompile, package, and install using:
mvn compile package install.
And rerun your scans.
Posts
