This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "OWASP SonarQube Project"

From OWASP

Jump to: navigation, search

Latest revision as of 23:20, 29 October 2018

Main
FAQs
Acknowledgements
Project About
Roadmap

The OWASP SonarQube project aims to provide open source SAST using the existing open source solutions. SonarQube is one of the world’s most popular continuous code quality tools and it's actively used by many developers and companies.

This project aims to enable more security functionalities to SonarQube and use it as an SAST. This project will use open source sonar plugins, rules, as well as other open source plugins especially FindSecBugs and its security rules. FindSecBugs enables the taint analysis.

Docker: https://hub.docker.com/r/owasp/sonarqube/

GitHub: https://github.com/OWASP/sonarqube

Licensing

OWASP SonarQube Project is free to use. It is licensed under the LGPL v3

Project Leader

Vinod Anandan

Email List

Repository

Here are the repositories for the open source plugins related to this project.

Classifications

How to help ?

Sponsors :

PROJECT INFO
What does this OWASP project offer you?

RELEASE(S) INFO
What releases are available for this project?

what	is this project?
Name: OWASP SonarQube Project
Purpose: The OWASP SonarQube project aims to provide open source SAST using the existing open source solutions. SonarQube is one of the world’s most popular continuous code quality tools and it's actively used by many developers and companies. This project aims to enable more security functionalities to SonarQube and use it as an SAST. This project will use open source sonar plugins, rules, as well as other open source plugins especially FindSecBugs and its security rules. FindSecBugs enables the taint analysis.
License: LGPL v3
who	is working on this project?
Project Leader(s): Vinod Anandan @
how	can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation:
Mailing list: [[email protected] Mailing List Archives]
Project Roadmap: Not Yet Created
Key Contacts
Contact Vinod Anandan @ to contribute to this project Contact Vinod Anandan @ to review or sponsor this project

current release
Not Yet Published
last reviewed release
Not Yet Reviewed

other releases

2019 Roadmap

Documentation

Retrieved from "https://wiki.owasp.org/index.php?title=OWASP_SonarQube_Project&oldid=244714"

Categories:

@@ Line 4: / Line 4: @@
 {| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-
-| valign="top"  style="border-right: 1px dotted gray;padding-right:25px;" |
+| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |
+The OWASP SonarQube project aims to provide open source SAST using the existing open source solutions. SonarQube is one of the world’s most popular continuous code quality tools and it's actively used by many developers and companies.
-The OWASP SonarQube project aims to provide open source SAST using the existing open source solutions. SonarQube is one of the world’s most popular Continuous Code Quality tools and it's actively used by many developers and companies.
+This project aims to enable more security functionalities to SonarQube and use it as an SAST. This project will use open source sonar plugins, rules, as well as other open source plugins especially FindSecBugs and its security rules. FindSecBugs enables the taint analysis.
+'''Docker:''' https://hub.docker.com/r/owasp/sonarqube/
-This project aims to enable more security functionalities to SonarQube and use it as an SAST. This project will use open source sonar plugins, rules, as well as other open source plugins especially FindSecBugs and its security rules. FindSecBugs enables the taint analysis.
+'''GitHub:''' https://github.com/OWASP/sonarqube
 ==Licensing==
-OWASP SonarQube Project is free to use. It is licensed under the [http://www.apache.org/licenses/LICENSE-2.0 Apache 2.0 license], so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one.
+OWASP SonarQube Project is free to use. It is licensed under the [http://www.gnu.org/licenses/lgpl-3.0.txt LGPL v3]
+| valign="top" style="padding-left:25px;width:200px;" |
-| valign="top"  style="padding-left:25px;width:200px;" |
 == Project Leader ==
@@ Line 31: / Line 33: @@
 * [https://github.com/SonarSource/sonarqube SonarQube]
 * [https://github.com/find-sec-bugs/find-sec-bugs FindSecBugs]
-* [https://github.com/SonarSource/sonar-java Java]
+* [https://github.com/spotbugs/sonar-findbugs SonarFindBugs]
-* [https://github.com/SonarCommunity/sonar-javascript JavaScript]
+* [https://github.com/VinodAnandan/sonar-pitest SonarPitest]
-* [https://github.com/SonarCommunity/sonar-php PHP]
+* [https://github.com/SonarSource/sonar-java SonarJava]
+* [https://github.com/SonarCommunity/sonar-javascript SonarJavaScript]
+* [https://github.com/SonarCommunity/sonar-php SonarPHP]
@@ Line 41: / Line 45: @@
     {| width="200" cellpadding="2"
     |-
-    | align="center" valign="top" width="50%" rowspan="2"| [[File:New projects.png|100px|link=https://www.owasp.org/index.php/OWASP_Project_Stages#tab=Incubator_Projects]]
+    | rowspan="2" align="center" valign="top" width="50%" | [[File:New projects.png|100px|link=https://www.owasp.org/index.php/OWASP_Project_Stages#tab=Incubator_Projects]]
-    | align="center" valign="top" width="50%"| [[File:Owasp-builders-small.png|link=]]
+    | align="center" valign="top" width="50%" | [[File:Owasp-builders-small.png|link=]]
     |-
-    | align="center" valign="top" width="50%"| [[File:Owasp-defenders-small.png|link=]]
+    | align="center" valign="top" width="50%" | [[File:Owasp-defenders-small.png|link=]]
     |-
-    | colspan="2" align="center"  | [[File:Cc-button-y-sa-small.png|link=http://creativecommons.org/licenses/by-sa/3.0/]]
+    | colspan="2" align="center" | [[File:Cc-button-y-sa-small.png|link=http://creativecommons.org/licenses/by-sa/3.0/]]
     |-
-    | colspan="2" align="center"  | [[File:Project_Type_Files_CODE.jpg|link=]]
+    | colspan="2" align="center" | [[File:Project_Type_Files_CODE.jpg|link=]]
     |}
@@ Line 65: / Line 69: @@
 =Project About=
+{{:Projects/OWASP_SonarQube_Page}}
+= Roadmap =
+== 2019 Roadmap ==
+* Documentation
 __NOTOC__ <headertabs />
-[[Category:OWASP Project]]  [[Category:OWASP_Builders]] [[Category:OWASP_Defenders]]  [[Category:OWASP_Document]]
+[[Category:OWASP Project]]
+[[Category:OWASP_Builders]]
+[[Category:OWASP_Defenders]]
+[[Category:OWASP_Document]]

Difference between revisions of "OWASP SonarQube Project"

Latest revision as of 23:20, 29 October 2018

Licensing

Project Leader

Email List

Repository

Classifications

Sponsors :

2019 Roadmap

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Reference

Tools