FindSecBugs not accepting a custom Maven settings.xml file
Problem to solve
My projects require a custom settings.xml file for Maven, so my typical cmd is mvn -s settings.xml ....
Without this file Maven is not able to resolve all the dependencies needed to compile, so SAST will fail with an error:
[FATAL] Non-resolvable parent POM for ...
Further details
Benefit of this feature will be to allow projects with private dependencies to still build and test using SAST.
Proposal
We should be able to add custom cmd options via .gitlab-ci.yml, and those options must be added to mvn compile in FindSecBugs.
What does success look like, and how can we measure that?
(If no way to measure success, link to an issue that will implement a way to measure this)