&引用;分析Xanizer XML报告文件“时捕获异常”:运行Ant任务的SonarQube扫描程序时发生ParserConfiguration异常
我正在尝试在本地计算机上使用Xanitizer设置SonarQube,以便Xanitizer的SonarQube插件获取上次生成的安全结果XML的结果,以便它可以在SonarQube服务器上显示结果 文件分析和报告生成是在Xanizer软件中手动完成的。XML文件是在Xanitizer的父解压缩目录下生成的,而不是在SonarQube或Sonar Scanner目录中生成的 Xanitizer插件配置了SonarQube,我可以看到Xanitizer规则添加到Sonar服务器上。但是,在运行Sonar Scanner Ant任务时,它应该读取并解析Security-Findings-List.XML文件,但在运行Ant任务期间会引发异常,并显示以下stacktrace-&引用;分析Xanizer XML报告文件“时捕获异常”:运行Ant任务的SonarQube扫描程序时发生ParserConfiguration异常,ant,xml-parsing,sonarqube,sonarqube-scan,sonar-plugin,Ant,Xml Parsing,Sonarqube,Sonarqube Scan,Sonar Plugin,我正在尝试在本地计算机上使用Xanitizer设置SonarQube,以便Xanitizer的SonarQube插件获取上次生成的安全结果XML的结果,以便它可以在SonarQube服务器上显示结果 文件分析和报告生成是在Xanizer软件中手动完成的。XML文件是在Xanitizer的父解压缩目录下生成的,而不是在SonarQube或Sonar Scanner目录中生成的 Xanitizer插件配置了SonarQube,我可以看到Xanitizer规则添加到Sonar服务器上。但是,在运行So
[sonar:sonar] Sensor NoSonar Sensor [php] (done) | time=0ms
[sonar:sonar] Sensor XanitizerSensor [xanitizer]
[sonar:sonar] Reading Xanitizer findings from 'D:\SonarFiles\Xanitizer-3.1.0\KeurigHybrisSecurity-Findings-List.xml' for project 'Hybris Java Project analyzed with the Sonar Ant Task'
[sonar:sonar] Exception caught while parsing Xanitizer XML report file 'D:\SonarFiles\Xanitizer-3.1.0\KeurigHybrisSecurity-Findings-List.xml'.
[sonar:sonar] javax.xml.parsers.ParserConfigurationException: FEATURE_SECURE_PROCESSING: Cannot set the feature to false when security manager is present.
[sonar:sonar] at com.sun.org.apache.xerces.internal.jaxp.SAXParserFactoryImpl.setFeature(Unknown Source)
[sonar:sonar] at com.rigsit.xanitizer.sqplugin.reportparser.XMLReportParser.parse(XMLReportParser.java:58)
[sonar:sonar] at com.rigsit.xanitizer.sqplugin.XanitizerSensor.analyse(XanitizerSensor.java:120)
[sonar:sonar] at org.sonar.scanner.phases.SensorsExecutor.executeSensor(SensorsExecutor.java:57)
[sonar:sonar] at org.sonar.scanner.phases.SensorsExecutor.execute(SensorsExecutor.java:49)
[sonar:sonar] at org.sonar.scanner.phases.AbstractPhaseExecutor.execute(AbstractPhaseExecutor.java:78)
[sonar:sonar] at org.sonar.scanner.scan.ModuleScanContainer.doAfterStart(ModuleScanContainer.java:175)
[sonar:sonar] at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:143)
[sonar:sonar] at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:128)
[sonar:sonar] at org.sonar.scanner.scan.ProjectScanContainer.scan(ProjectScanContainer.java:262)
[sonar:sonar] at org.sonar.scanner.scan.ProjectScanContainer.scanRecursively(ProjectScanContainer.java:257)
[sonar:sonar] at org.sonar.scanner.scan.ProjectScanContainer.doAfterStart(ProjectScanContainer.java:247)
[sonar:sonar] at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:143)
[sonar:sonar] at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:128)
[sonar:sonar] at org.sonar.scanner.task.ScanTask.execute(ScanTask.java:47)
[sonar:sonar] at org.sonar.scanner.task.TaskContainer.doAfterStart(TaskContainer.java:86)
[sonar:sonar] at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:143)
[sonar:sonar] at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:128)
[sonar:sonar] at org.sonar.scanner.bootstrap.GlobalContainer.executeTask(GlobalContainer.java:118)
[sonar:sonar] at org.sonar.batch.bootstrapper.Batch.executeTask(Batch.java:117)
[sonar:sonar] at org.sonarsource.scanner.api.internal.batch.BatchIsolatedLauncher.execute(BatchIsolatedLauncher.java:62)
[sonar:sonar] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
[sonar:sonar] at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
[sonar:sonar] at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
[sonar:sonar] at java.lang.reflect.Method.invoke(Unknown Source)
[sonar:sonar] at org.sonarsource.scanner.api.internal.IsolatedLauncherProxy.invoke(IsolatedLauncherProxy.java:60)
[sonar:sonar] at com.sun.proxy.$Proxy0.execute(Unknown Source)
[sonar:sonar] at org.sonarsource.scanner.api.EmbeddedScanner.doExecute(EmbeddedScanner.java:233)
[sonar:sonar] at org.sonarsource.scanner.api.EmbeddedScanner.runAnalysis(EmbeddedScanner.java:151)
[sonar:sonar] at org.sonarsource.scanner.ant.SonarQubeTask.launchAnalysis(SonarQubeTask.java:99)
[sonar:sonar] at org.sonarsource.scanner.ant.SonarQubeTask.execute(SonarQubeTask.java:81)
[sonar:sonar] at org.apache.tools.ant.UnknownElement.execute(UnknownElement.java:292)
[sonar:sonar] at sun.reflect.GeneratedMethodAccessor6.invoke(Unknown Source)
[sonar:sonar] at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
[sonar:sonar] at java.lang.reflect.Method.invoke(Unknown Source)
[sonar:sonar] at org.apache.tools.ant.dispatch.DispatchUtils.execute(DispatchUtils.java:106)
[sonar:sonar] at org.apache.tools.ant.Task.perform(Task.java:348)
[sonar:sonar] at org.apache.tools.ant.Target.execute(Target.java:435)
[sonar:sonar] at org.apache.tools.ant.Target.performTasks(Target.java:456)
[sonar:sonar] at org.apache.tools.ant.Project.executeSortedTargets(Project.java:1393)
[sonar:sonar] at org.apache.tools.ant.Project.executeTarget(Project.java:1364)
[sonar:sonar] at org.apache.tools.ant.helper.DefaultExecutor.executeTargets(DefaultExecutor.java:41)
[sonar:sonar] at org.eclipse.ant.internal.launching.remote.EclipseDefaultExecutor.executeTargets(EclipseDefaultExecutor.java:36)
[sonar:sonar] at org.apache.tools.ant.Project.executeTargets(Project.java:1248)
[sonar:sonar] at org.eclipse.ant.internal.launching.remote.InternalAntRunner.run(InternalAntRunner.java:452)
[sonar:sonar] at org.eclipse.ant.internal.launching.remote.InternalAntRunner.main(InternalAntRunner.java:139)
[sonar:sonar] Sensor XanitizerSensor [xanitizer] (done) | time=2ms
[sonar:sonar] Sensor Coverage Report Import [csharp]
sonar-scanner-3.0.1.733-windows您使用的JDK版本是什么?我不能用Java8重现这个异常(所有其他工具版本都是相同的) 尽管如此,它看起来像插件中的一个bug,所以请在这里提交bug报告,或者发送一封包含附加信息的电子邮件到support@xanitizer.net 我认为Stackoverflow不是合适的平台;) 问候
Norman(Xanitizer支持)我在机器上得到的java版本(
java-versionsonar.java.source