diff --git a/pom.xml b/pom.xml
index 91bcc76..0985cee 100644
--- a/pom.xml
+++ b/pom.xml
@@ -1,378 +1,377 @@
-
- 4.0.0
- com.checkmarx.maven
- checkmarx-maven-plugin
- 8.80.3
- maven-plugin
- Checkmarx Maven Plugin
- Enables a maven project to integrate with Checkmarx SAST scan.
- https://www.checkmarx.com
-
- scm:git:git://github.com/cxadmin/checkmarx-plugin.git
- scm:git:ssh://github.com/cxadmin/checkmarx-plugin.git
- http://github.com/cxadmin/checkmarx-plugin/tree/master
-
-
-
- MIT License
- http://www.opensource.org/licenses/mit-license.php
-
-
-
- UTF-8
- 1.2.17
- 1.7.5
- 2.2.3
-
-
-
- commons-codec
- commons-codec
- 1.11
-
-
- io.vertx
- vertx-web
- 3.5.4
-
-
- com.github.junrar
- junrar
- 3.0.0
-
-
- org.springframework
- spring-core
- 4.3.20.RELEASE
-
-
-
- commons-beanutils
- commons-beanutils
- 1.9.3
-
-
- commons-compress
- org.apache.commons
- 1.18
-
-
- org.apache.maven
- maven-plugin-api
- 3.0
-
-
-
- org.apache.maven.plugin-tools
- maven-plugin-annotations
- 3.4
- provided
-
-
- org.apache.maven
- maven-project
- 2.2.1
-
-
-
- org.codehaus.plexus
- plexus-archiver
- 3.6.0
-
-
- commons-compress
- org.apache.commons
-
-
-
-
- org.codehaus.plexus
- plexus-utils
- 3.1.0
-
-
-
- org.slf4j
- slf4j-api
- ${slf4j.version}
-
-
-
- org.springframework
- spring-web
- 4.3.18.RELEASE
-
-
- org.apache.commons
- commons-lang3
- 3.0
-
-
- org.apache.maven.reporting
- maven-reporting-api
- 3.0
-
-
- org.bouncycastle
- bcprov-jdk15on
- 1.60
-
-
- jackson-databind
- com.fasterxml.jackson.core
- 2.9.8
-
-
- vertx-core
- io.vertx
- 3.6.2
-
-
- org.apache.maven.reporting
- maven-reporting-impl
- 3.0.0
-
-
- httpclient
- org.apache.httpcomponents
-
-
- commons-beanutils
- commons-beanutils
-
-
- struts-core
- org.apache.struts
-
-
-
-
- com.checkmarx
- cx-client-common
- 8.80.2
-
-
- bcprov-jdk15on
- org.bouncycastle
-
-
- commons-collections
- commons-collections
-
-
- jackson-databind
- com.fasterxml.jackson.core
-
-
- zip4j
- net.lingala.zip4j
-
-
- vertx-core
- io.vertx
-
-
- spring-core
- org.springframework
-
-
- guava
- com.google.guava
-
-
- junrar
- com.github.junrar
-
-
- spring-web
- org.springframework
-
-
- vertx-web
- io.vertx
-
-
- commons-codec
- commons-codec
-
-
-
-
-
-
- ossrh
- https://oss.sonatype.org/content/repositories/snapshots
-
-
- ossrh
- https://oss.sonatype.org/service/local/staging/deploy/maven2/
-
-
-
-
-
- org.apache.maven.plugins
- maven-plugin-plugin
- 3.3
-
-
- default-descriptor
-
- descriptor
- report
-
- process-classes
-
-
- help-descriptor
-
- helpmojo
-
- process-classes
-
-
-
-
- org.apache.maven.plugins
- maven-compiler-plugin
- 3.7.0
-
- 1.7
- 1.7
-
-
-
-
-
-
-
- org.apache.maven.plugins
- maven-plugin-plugin
- 3.3
-
-
-
-
-
- release
-
+
+ 4.0.0
+ com.checkmarx.maven
+ checkmarx-maven-plugin
+ 8.80.4
+ maven-plugin
+ Checkmarx Maven Plugin
+ Enables a maven project to integrate with Checkmarx SAST scan.
+ https://www.checkmarx.com
+
+ scm:git:git://github.com/cxadmin/checkmarx-plugin.git
+ scm:git:ssh://github.com/cxadmin/checkmarx-plugin.git
+ http://github.com/cxadmin/checkmarx-plugin/tree/master
+
+
+
+ MIT License
+ http://www.opensource.org/licenses/mit-license.php
+
+
+
+ UTF-8
+ 1.2.17
+ 1.7.5
+ 2.2.3
+
+
+
+ commons-codec
+ commons-codec
+ 1.11
+
+
+ io.vertx
+ vertx-web
+ 3.5.4
+
+
+ com.github.junrar
+ junrar
+ 3.0.0
+
+
+ org.springframework
+ spring-core
+ 4.3.20.RELEASE
+
+
+
+ commons-beanutils
+ commons-beanutils
+ 1.9.3
+
+
+ commons-compress
+ org.apache.commons
+ 1.18
+
+
+ org.apache.maven
+ maven-plugin-api
+ 3.0
+
+
+
+ org.apache.maven.plugin-tools
+ maven-plugin-annotations
+ 3.4
+ provided
+
+
+ org.apache.maven
+ maven-project
+ 2.2.1
+
+
+
+ org.codehaus.plexus
+ plexus-archiver
+ 3.6.0
+
+
+ commons-compress
+ org.apache.commons
+
+
+
+
+ org.codehaus.plexus
+ plexus-utils
+ 3.1.0
+
+
+
+ org.slf4j
+ slf4j-api
+ ${slf4j.version}
+
+
+
+ org.springframework
+ spring-web
+ 4.3.18.RELEASE
+
+
+ org.apache.commons
+ commons-lang3
+ 3.0
+
+
+ org.apache.maven.reporting
+ maven-reporting-api
+ 3.0
+
+
+ org.bouncycastle
+ bcprov-jdk15on
+ 1.60
+
+
+ jackson-databind
+ com.fasterxml.jackson.core
+ 2.9.8
+
+
+ vertx-core
+ io.vertx
+ 3.6.2
+
+
+ org.apache.maven.reporting
+ maven-reporting-impl
+ 3.0.0
+
+
+ httpclient
+ org.apache.httpcomponents
+
+
+ commons-beanutils
+ commons-beanutils
+
+
+ struts-core
+ org.apache.struts
+
+
+
+
+ com.checkmarx
+ cx-client-common
+ 8.80.2
+
+
+ bcprov-jdk15on
+ org.bouncycastle
+
+
+ commons-collections
+ commons-collections
+
+
+ jackson-databind
+ com.fasterxml.jackson.core
+
+
+ zip4j
+ net.lingala.zip4j
+
+
+ vertx-core
+ io.vertx
+
+
+ spring-core
+ org.springframework
+
+
+ guava
+ com.google.guava
+
+
+ junrar
+ com.github.junrar
+
+
+ spring-web
+ org.springframework
+
+
+ vertx-web
+ io.vertx
+
+
+ commons-codec
+ commons-codec
+
+
+
+
+
+
+ ossrh
+ https://oss.sonatype.org/content/repositories/snapshots
+
+
+ ossrh
+ https://oss.sonatype.org/service/local/staging/deploy/maven2/
+
+
+
-
- org.apache.maven.plugins
- maven-javadoc-plugin
- 2.10.4
-
-
- attach-javadocs
-
- jar
-
-
-
-
-
- org.apache.maven.plugins
- maven-source-plugin
- 3.0.1
-
-
- attach-sources
-
- jar-no-fork
-
-
-
-
-
- org.sonatype.plugins
- nexus-staging-maven-plugin
- 1.6.7
- true
-
- ossrh
- https://oss.sonatype.org/
- true
-
-
-
- org.apache.maven.plugins
- maven-gpg-plugin
- 1.5
-
- C:\Program Files (x86)\GNU\GnuPG\gpg2.exe
- Checkmarx123456
-
-
-
- sign-artifacts
- verify
-
- sign
-
-
-
-
+
+ org.apache.maven.plugins
+ maven-plugin-plugin
+ 3.3
+
+
+ default-descriptor
+
+ descriptor
+ report
+
+ process-classes
+
+
+ help-descriptor
+
+ helpmojo
+
+ process-classes
+
+
+
+
+ org.apache.maven.plugins
+ maven-compiler-plugin
+ 3.7.0
+
+ 1.7
+ 1.7
+
+
-
-
-
-
-
- Dor Golan
- dor.golan@checkmarx.com
- Checkmarx
- https://www.checkmarx.com/
-
- Architect
- Developer
-
-
- http://i.imgur.com/44Iil53.png
-
-
-
- Gal Or Nussbaum
- gal.nussbaum@checkmarx.com
- Checkmarx
- https://www.checkmarx.com/
-
- Developer
- Automation Expert
- Designer
-
-
- http://i.imgur.com/SSm4Onr.jpg
-
-
-
- Guy 'Sushi' Zahavi
- Guy.Zahavi@checkmarx.com
- Checkmarx
- https://www.checkmarx.com/
-
- Front-end Developer
- Documentarist
-
-
- http://i.imgur.com/N9YR2c0.jpg
-
-
-
- Yair David
- Yair.David@checkmarx.com
- Checkmarx
- https://www.checkmarx.com/
-
- QA Manager
-
-
- http://i.imgur.com/EVIS8LO.jpg
-
-
-
+
+
+
+
+ org.apache.maven.plugins
+ maven-plugin-plugin
+ 3.3
+
+
+
+
+
+ release
+
+
+
+ org.apache.maven.plugins
+ maven-javadoc-plugin
+
+
+ attach-javadocs
+
+ jar
+
+
+
+
+
+ org.apache.maven.plugins
+ maven-source-plugin
+
+
+ attach-sources
+
+ jar-no-fork
+
+
+
+
+
+ org.sonatype.plugins
+ nexus-staging-maven-plugin
+ 1.6.7
+ true
+
+ ossrh
+ https://oss.sonatype.org/
+ true
+
+
+
+ org.apache.maven.plugins
+ maven-gpg-plugin
+ 1.5
+
+ C:\Program Files (x86)\GNU\GnuPG\gpg2.exe
+ Checkmarx123456
+
+
+
+ sign-artifacts
+ verify
+
+ sign
+
+
+
+
+
+
+
+
+
+
+ Dor Golan
+ dor.golan@checkmarx.com
+ Checkmarx
+ https://www.checkmarx.com/
+
+ Architect
+ Developer
+
+
+ http://i.imgur.com/44Iil53.png
+
+
+
+ Gal Or Nussbaum
+ gal.nussbaum@checkmarx.com
+ Checkmarx
+ https://www.checkmarx.com/
+
+ Developer
+ Automation Expert
+ Designer
+
+
+ http://i.imgur.com/SSm4Onr.jpg
+
+
+
+ Guy 'Sushi' Zahavi
+ Guy.Zahavi@checkmarx.com
+ Checkmarx
+ https://www.checkmarx.com/
+
+ Front-end Developer
+ Documentarist
+
+
+ http://i.imgur.com/N9YR2c0.jpg
+
+
+
+ Yair David
+ Yair.David@checkmarx.com
+ Checkmarx
+ https://www.checkmarx.com/
+
+ QA Manager
+
+
+ http://i.imgur.com/EVIS8LO.jpg
+
+
+
\ No newline at end of file
diff --git a/src/main/java/com/cx/plugin/utils/CxPluginUtils.java b/src/main/java/com/cx/plugin/utils/CxPluginUtils.java
index c810eb2..986c7a2 100644
--- a/src/main/java/com/cx/plugin/utils/CxPluginUtils.java
+++ b/src/main/java/com/cx/plugin/utils/CxPluginUtils.java
@@ -141,11 +141,11 @@ public static File zipSources(List projects, ZipArchiver zipArchiv
//add sources
List compileSourceRoots = subProject.getCompileSourceRoots();
- File sourceDir = subProject.getBasedir();//todo check if java not exist (source not exist)
+ File sourceDir = subProject.getBasedir();
for (Object c : compileSourceRoots) {
sourceDir = new File((String) c);
- if (sourceDir.exists()) {
+ if (sourceDir.exists() && isContainFileExt(sourceDir, ".java")) {
zipArchiver.addDirectory(sourceDir, prefix);
}
}
@@ -156,7 +156,7 @@ public boolean accept(File directory, String fileName) {
return fileName.endsWith("webapp");
}
});
- if (webappDir.length > 0 && webappDir[0].exists()) {
+ if (webappDir != null && webappDir.length > 0 && webappDir[0].exists()) {
zipArchiver.addDirectory(webappDir[0], prefix);
}
@@ -192,6 +192,31 @@ public boolean accept(File directory, String fileName) {
return new File(outputDirectory, SOURCES_ZIP_NAME + ".zip");
}
+ private static boolean containFileExt = false;
+
+ /**
+ * @param dir the root dir to search from
+ * @param fileExt the file extension to look for
+ * @return true if file of this @fileExt exist or false otherwise.
+ */
+ private static boolean isContainFileExt(File dir, String fileExt) {
+ if (containFileExt) {
+ return true;
+ }
+ if (dir != null && dir.isDirectory()) {
+ for (File file : dir.listFiles()) {
+ if (file.isDirectory()) {
+ isContainFileExt(file, fileExt);
+ } else {
+ if (file.getName().endsWith(fileExt)) {
+ containFileExt = true;
+ }
+ }
+ }
+ }
+ return containFileExt;
+ }
+
private static MavenProject getProject(MavenProject p) {
if (p.getExecutionProject() != null) {
return p.getExecutionProject();