findsecbugs-plugin resolution is broken in SBT 1.3.x - Githubissues

code-star / sbt-findsecbugs

An SBT plugin for FindSecurityBugs

MIT License

7 stars 6 forks source link

findsecbugs-plugin resolution is broken in SBT 1.3.x #33

Closed nigredo-tori closed 4 years ago

nigredo-tori commented 4 years ago

This code assumes that the artifacts are resolved via Ivy - which is not the case in SBT 1.3.x:

https://github.com/code-star/sbt-findsecbugs/blob/f1d6bc70e93743d923a314d67647f6150feeedc4/src/main/scala/nl/codestar/sbtfindsecbugs/FindSecBugs.scala#L52

As a result, no checks are actually run (since SpotBugs ignores missing plugin JARs).

Instead of hardcoding the path for the JAR, we should just use the UpdateReport we can get from update.

jqno commented 4 years ago

Thanks! I've pushed a new release.