Try JFrog
Guides
Contact SupportTry JFrog
  1. source-code
  2. Developers
  3. IDEs

Eclipse

The JFrog Eclipse Plugin integrates JFrog Xray scanning into Eclipse, enabling developers to analyze Maven, Gradle, and npm project dependencies. It provides real-time vulnerability insights within Eclipse, allowing developers to make informed decisions about using specific components before they become part of the organization's product.

Prerequisites

  • JFrog Xray version 1.7.2.3 or later.

Key Features

  • Vulnerability Scanning – View security issues in project dependencies.
  • License Compliance – Filter results based on license types.
  • Filtering Options – Narrow down scanned results by issues or licenses.

Source Code

The JFrog Eclipse Plugin source code is available on GitHub.

Supported Technologies

JFrog Advanced Security Supported Technologies

See Jfrog Advanced Security supported technologies for:

Software Composition Analysis (SCA) Supported Technologies

For SCA, the command automatically detects your project's package manager and constructs the dependency graph; if the project hasn't been installed yet, the system executes an install command to generate the dependency tree for scanning.

Supported Package Managers for Eclipse:

  • Maven
  • Gradle
  • npm

Installation

Download the JFrog Eclipse Plugin

VersionDownload linkCompatibility
2.0.1DownloadEclipse 4.13 - 4.33
1.2.0DownloadEclipse 4.13 - 4.33
1.1.1DownloadEclipse 4.10 - 4.19

Install the JFrog Eclipse Plugin

  1. Download the JFrog Eclipse IDE Plugin zip file.
  2. Open Eclipse and go to Help > Install New Software.
  3. Click Add, then select Archive.
  4. Choose the plugin zip file you downloaded and click Add.
  5. Click Next to complete the installation.

Note: If JFrog Xray is behind an HTTP proxy, configure the proxy settings described here. (Supported in versions 1.1.1 and 1.2.0 of the JFrog Eclipse Plugin.)

Configure the Plugin

After installing the plugin, you need to connect it to JFrog Xray.

  1. Open Eclipse Preferences and go to JFrog Xray.
  2. Enter your JFrog Platform URL, Username, and Password.
  3. (Optional) To generate debug logs, check the Generate Debug Logs box.
  4. Click Test Connection to verify your setup.

Scan and View Xray Results

Once connected, you can start scanning Gradle projects with JFrog Xray.

  • Run a scan and view results directly in Eclipse.

Quick Start

Opening the JFrog Tab

To access the JFrog plugin tab:

  1. Go to Window > Show View > Other.
  2. Under Security, select JFrog.

Scanning and Viewing Results

Frog Xray automatically scans your project when the plugin loads at startup.

  1. To manually trigger a scan, click Refresh in the JFrog plugin.
  2. View the scan results directly in the plugin.

How-Tos

Scanning Gradle Projects with the JFrog Eclipse IDE Plugin

The JFrog plugin automatically generates a dependency tree for your project by executing a Gradle script. It reads the Gradle configuration defined in Eclipse, which is managed by the Buildship plugin.

Accessing Gradle Configuration

To view or modify the Gradle configuration:

  1. Go to Preferences > Gradle > Gradle Distribution in Eclipse.

Gradle Configuration Handling

  • If a Gradle configuration is not set, the plugin will use Gradle Wrapper by default.
  • If the project does not include Gradle Wrapper, Gradle will be automatically downloaded.

Updated 4 months ago