The plugin will scan source files as they are edited and compiled. To
conduct an initial scan, hit the button Scan all
projects on the toolbar.
The scan can take a few seconds. Error markers will appear in the
problem view as vulnerabilities are detected.
After having fixed the problem and having re-compiled the project, the
problem marker should automatically disappear. Note: The analysis is
approximate. If an error marker is present, it is very likely that a
vulnerability is indeed present. A missing error marker, however, does not automatically imply a correct fix.
Eclipse will display the discovered vulnerabilities as errors (as shown
above). This is the recommended setting, in particular when staging
your software for a release. To not to impede too much the regular
development in earlier stages of development, you can switch the
vulnerability markers to warning instead by setting the preference