Fork me on GitHub

Plugin Documentation

Goals available for this plugin:

Goal Description
contrast:install Includes the Contrast Java agent in integration testing to provide Contrast Assess runtime security analysis.
contrast:scan Analyzes the Maven project's artifact with Contrast Scan to provide security insights
contrast:verify Verifies that none of the vulnerabilities found by Contrast Assess during integration testing violate the project's security policy (fails the build when violations are detected).

System Requirements

The following specifies the minimum requirements to run this Maven plugin:

Maven 2.0
JDK 8
Memory No minimum requirement.
Disk Space No minimum requirement.

Usage

You should specify the version in your project's plugin configuration:

<project>
  ...
  <build>
    <!-- To define the plugin version in your parent POM -->
    <pluginManagement>
      <plugins>
        <plugin>
          <groupId>com.contrastsecurity</groupId>
          <artifactId>contrast-maven-plugin</artifactId>
          <version>2.13.1</version>
        </plugin>
        ...
      </plugins>
    </pluginManagement>
    <!-- To use the plugin goals in your POM or parent POM -->
    <plugins>
      <plugin>
        <groupId>com.contrastsecurity</groupId>
        <artifactId>contrast-maven-plugin</artifactId>
        <version>2.13.1</version>
      </plugin>
      ...
    </plugins>
  </build>
  ...
</project>

For more information, see "Guide to Configuring Plug-ins"