Cloud customer?
 Upgrade in MyJFrog >

Search





Overview

The JFrog Eclipse plugin adds JFrog Xray scanning of Maven, Gradle, and npm project dependencies to your Eclipse IDE. It allows developers to view panels displaying vulnerability information about the components and their dependencies directly in their Eclipse IDE. With this information, a developer can make an informed decision on whether to use a component or not before it gets entrenched into the organization’s product.

The plugin filter allows you view the scanned results according to issues or licenses.

Source Code 

The JFrog Eclipse Plugin code is available on Github.

Page contents


Installation and Setup

To install and work with the plugin:

  1. Install the JFrog plugin, using one of these options:
  2. If JFrog Xray is behind an HTTP proxy, configure the proxy settings as described here. This is supported since version 1.1.0 of the JFrog Eclipse Plugin.
  3. Configure the plugin to connect to JFrog Xray.
  4. Scan and view the results.
  5. Filter Xray Scanned Results.

Prerequisites

  • Eclipse IDE version Photon and above.
  • JFrog Xray version 1.7.2.3 and above.

Installing from Eclipse Marketplace with drag and drop

  1. Go to Eclipse Marketplace.
  2. Drag the install button to your Eclipse window.

Installing Plugin from within Eclipse

  1. Go to Help | Eclipse Marketplace, click Search and search for tag:jfrog.
  2. Once the plugin is found, click Install.

Installing the Plugin from Disk

  1. Download the plugin zip from here.
  2. Go to Help | Install New Software, click Add and then click Archive.
  3. Choose the plugin zip file you downloaded and click Add.
  4. Click Next.

Configuring the Plugin

Connecting to JFrog Xray

Once the plugin is successfully installed, connect the plugin to your instance of JFrog Xray.

  1. Go to Eclipse (Preferences), click JFrog Xray.
  2. Set your JFrog Xray URL and login credentials.

  3. Test your connection to Xray using the Test Connection button.

Scanning Gradle Projects

Behind the scenes, the JFrog plugin executes a Gradle script, which creates the dependencies tree of the project. The plugin reads the Gradle configuration defined in Eclipse. This configuration is added to Eclipse by the Buildship plugin You can access this configuration by going in Preferences | Gradle | Gradle distribution

If the Gradle configuration is not set, then Gradle Wrapper will be used. If the project does not include the Gradle Wrapper configuration, Gradle will be automatically downloaded.


Using the Plugin

Open JFrog tab

To open the plugin tab click on Window | Show View | Other | Security | JFrog.

Scanning and Viewing the Results

JFrog Xray automatically performs a scan when the plugin first loaded on startup.

To manually invoke a scan: 

  1. Click Refresh in the JFrog plugin.
  2. View the scanned results in the plugin.

Filtering Xray Scanned Results

The JFrog plugin provides the following filter to narrow down the scanned results to view exactly what you need: 

  • Severity: Displays issues according to specific severities.

  • License: Displays components according to specific licenses.

Release Notes

The release notes are available on Bintray


Reporting Issues

Please report issues by opening an issue on Github.

Copyright © 2021 JFrog Ltd.