Can I use the Lightbend Fortify plugin for my Java code?

Can I use the Lightbend Fortify plugin for my Java code?

The simple answer is no. However the good news is that you do not need the plugin for that, as Fortify scans Java more natively (see chapter 4 on “Translating Java Code”). 

If you are utilizing our Fortify security plugin to generate Fortify analysis files (.nst) and nothing is being generated then please make sure you are running it against Scala code. If you only see "...Compiling ### Java sources..." and no "...Compiling ### Scala sources..." then this is an indicator that you are only compiling Java.
    • Related Articles

    • Code Analysis Tools

      Lightbend Analysis Products Security Analysis Lightbend has partnered with Micro Focus to create a product to scan your code for security issues - the Fortify Scala plugin. You can check out the documentation on the Lightbend Tech Hub. The Fortify ...
    • Which version of Java does Lightbend support?

      We are often asked this question, so we have created a standard policy found on Lightbend Tech Hub. However, we are always evaluating this, so if you would like to add your voice to our considerations then we ask that you open a support case and ...
    • Error Handling Best Practices

      The best overview of the error handling options in the standard library we are aware of is tersesystems.com/2012/12/27/error-handling-in-scala, by Will Sargent, a former Lightbender. Digression: One topic he doesn’t cover is why checked exceptions ...
    • Enum Best Practices

      There are different options to implement enums in Scala. The landscape is roughly: 1. scala.Enumeration Pros: Library code only. Does not create a class per enum value for simple enums without behaviour. Cons: need to use dependent types to refer to ...
    • Play Performance Tuning

      General performance tuning advice Run experiments to tune your application. It’s not reliable to rely on assumptions. To tune your application you need to be systematic. Make hypotheses, control variables and test, test, test! It can be a good idea ...