This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Project Information:template Yasca Project"

From OWASP

Jump to: navigation, search

Latest revision as of 03:23, 15 July 2014

PROJECT IDENTIFICATION
Project Name	OWASP Yasca Project
Short Project Description	Yasca is an open source program which looks for security vulnerabilities, code-quality, performance, and conformance to best practices in program source code. It leverages external open source programs, such as FindBugs, PMD, JLint, JavaScript Lint, PHPLint, Cppcheck, ClamAV, RATS, and Pixy to scan specific file types, and also contains many custom scanners developed just for Yasca. It is a command-line tool that generates reports in HTML, CSV, XML, SQLite, and other formats. Yasca is easily extensible via a plugin-based architecture, so scanning any particular file is as simple as coming up with the rules or integrating external tools. Yasca also features a simple regular-expression plugin that allows new rules to be written in less than a minute.
Key Project Information	Licensed under BSD License GPL License	Project Leader Michael V. Scovetta	Project Contributors Name	Mailing List To Subscribe To Use	First Reviewer Name	Second Reviewer Name	OWASP Board Member (if applicable) Name&Email

PROJECT MAIN LINKS
Yasca is hosted on Github and has a main project website at scovetta.github.io/yasca.

RELATED PROJECTS
OWASP Orizon Project OWASP Code Review_Project OWASP Open Review Project

SPONSORS & GUIDELINES
Sponsor name, if applicable	Guidelines/Roadmap

ASSESSMENT AND REVIEW PROCESS
Review/Reviewer	Author's Self Evaluation (applicable for Alpha Quality & further)	First Reviewer (applicable for Alpha Quality & further)	Second Reviewer (applicable for Beta Quality & further)	OWASP Board Member (applicable just for Release Quality)
First Review	Objectives & Deliveries reached? Yes --------- Which status has been reached? Beta Status --------- See&Edit: First Review/SelfEvaluation (A)	Objectives & Deliveries reached? Not yet (To update) --------- Which status has been reached? Alpha Status - (To update) --------- See&Edit: First Review/1st Reviewer (B)	Objectives & Deliveries reached? Yes/No (To update) --------- Which status has been reached? Alpha Status - (To update) --------- See&Edit: First Review/2nd Reviewer (C)	Objectives & Deliveries reached? Yes/No (To update) --------- Which status has been reached? Alpha Status - (To update) --------- See/Edit: First Review/Board Member (D)

Retrieved from "https://wiki.owasp.org/index.php?title=Project_Information:template_Yasca_Project&oldid=178799"

@@ Line 1: / Line 1: @@
+{|
+|-
+! width="700" align="center" | <br>
+! width="500" align="center" | <br>
+|-
+| align="right" | [[Image:OWASP Inactive Banner.jpg|800px| link=https://www.owasp.org/index.php/OWASP_Project_Stages#tab=Inactive_Projects]]
+| align="right" |
+|}
 {| style="width:100%" border="0" align="center"
   ! colspan="8" align="center" style="background:#4058A0; color:white"|<font color="white">'''PROJECT IDENTIFICATION'''
@@ Line 7: / Line 17: @@
   | style="width:15%; background:#7B8ABD" align="center"| '''Short Project Description'''
   | colspan="7" style="width:85%; background:#cccccc" align="left"|
-* Yasca is a new static analysis tool designed to scan Java, C/C++, JavaScript, .NET, and other source code for security and code-quality issues. Yasca is easily extensible via a plugin-based architecture, so scanning PHP, Ruby, or other languages is as simple as coming up with rules or integrating external tools.<br>
+* Yasca is an open source program which looks for security vulnerabilities, code-quality, performance, and conformance to best practices in program source code. It leverages external open source programs, such as [http://findbugs.sourceforge.net/ FindBugs], [http://pmd.sourceforge.net PMD], [http://artho.com/jlint JLint], [http://javascriptlint.com/ JavaScript Lint], [http://www.icosaedro.it/phplint/ PHPLint], [http://en.wikipedia.org/wiki/Cppcheck Cppcheck], [http://en.wikipedia.org/wiki/ClamAV ClamAV], [http://en.wikipedia.org/wiki/RATS RATS], and [http://pixybox.seclab.tuwien.ac.at/ Pixy] to scan specific file types, and also contains many custom scanners developed just for Yasca. It is a command-line tool that generates reports in HTML, CSV, XML, SQLite, and other formats. Yasca is easily extensible via a plugin-based architecture, so scanning any particular file is as simple as coming up with the rules or integrating external tools.<br/>
-* Yasca includes plugins for the following open-source projects:
+* Yasca also features a simple regular-expression plugin that allows new rules to be written in less than a minute.
-** FindBugs (http://findbugs.sourceforge.net/)
-** PMD (http://pmd.sourceforge.net/)
-** Jlint / antiC (http://artho.com/jlint/)
-* Yasca also features a simple regular-expression plugin that allows new rules to be written in less than a minute. It includes many custom rules created specifically for Yasca, and additional rule-packs will be released soon.
   |-
   | style="width:15%; background:#7B8ABD" align="center"|'''Key Project Information'''
-  | style="width:12%; background:#cccccc" align="center"|Licensed under<br>[http://en.wikipedia.org/wiki/BSD_license BSD License]
+  | style="width:12%; background:#cccccc" align="center"|Licensed under<br>[http://en.wikipedia.org/wiki/BSD_license BSD License]<br/>[http://en.wikipedia/org/wiki/GPL_license GPL License]
   | style="width:12%; background:#cccccc" align="center"|Project Leader<br>[mailto:michael.scovetta(at)gmail.com '''Michael V. Scovetta''']
   | style="width:12%; background:#cccccc" align="center"|Project Contributors<br>[mailto:name(at)name '''Name''']
@@ Line 27: / Line 34: @@
   |-
   | style="width:100%; background:#cccccc" align="center"|
-Yasca is hosted on SourceForge (http://sourceforge.net/projects/yasca) with additional information at http://yasca.org.
+Yasca is hosted on [https://github.com/scovetta/yasca Github] and has a main project website at [http://scovetta.github.io/yasca/ scovetta.github.io/yasca].
   |}
@@ Line 54: / Line 61: @@
   |-
   | style="width:15%; background:#7B8ABD" align="center"|'''First Review'''
-  | style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Not yet''' (To update)<br>---------<br>Which status has been reached?<br>'''Alpha Status''' - (To update)<br>---------<br>[[Project Information:template Yasca Project - First Review - Self Evaluation - A|See&Edit: First Review/SelfEvaluation (A)]]
+  | style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Yes'''<br>---------<br>Which status has been reached?<br>'''Beta Status'''<br>---------<br>[[Project Information:template Yasca Project - First Review - Self Evaluation - A|See&Edit: First Review/SelfEvaluation (A)]]
   | style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Not yet''' (To update)<br>---------<br>Which status has been reached?<br>'''Alpha Status''' - (To update)<br>---------<br>[[Project Information:template Yasca Project - First Review - First Reviewer - B|See&Edit: First Review/1st Reviewer (B)]]
   | style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Yes/No''' (To update)<br>---------<br>Which status has been reached?<br>'''Alpha Status''' - (To update)<br>---------<br>[[Project Information:template Yasca Project - First Review - Second Reviewer - C|See&Edit: First Review/2nd Reviewer (C)]]
@@ Line 60: / Line 67: @@
   |-
   |}
-[[Category:OWASP Project]]

Difference between revisions of "Project Information:template Yasca Project"

Latest revision as of 03:23, 15 July 2014

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Reference

Tools