This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
OWASP SonarQube Project
- What is the difference with OWASP Top10 plugins for Sonar ?
- This plugins is a commercial (or could be a community) plugins. We give you the ability with our profile, just to install Sonar and the standard plugins (open-source). MoreOver, we will develops other addons-plugins in the next months.
- How to help ?
- Give us your expertise on some langage, or ability to test on some real project our quality profile, or more...
- Will you plan other langage ?
- Yes, contact us if you want to know more. And perhaps give us some feedback one some real projects....
Sponsors :
Advens ; French Experts on application security
SonarSource ; Founder and maintainer of SonarQube
Volunteers
SonarQube is developed by a worldwide team of volunteers. The primary contributors to date have been:
As of June 2014, the priorities are:
First deliver on Java langage :
- Deliver for the beginning of Q4 (October) 2014 tag existing FindBugs and SonarQube rules that apply to the OWASP Top10 2013. Tag name: "owasp-top10".
- Deliver tags mapping Cert Secure Coding and ISO 27034 ASC for the end of 2014
- Deliver for 2015 rule tags mapping PCI-DSS requirements with the standard rules of SonarQube.
- Deliver for 2015 rule tags mapping OWASP ASVS level (1,2,3,4).
Involvement in the development and promotion of SonarQube is actively encouraged! You do not have to be a security expert in order to contribute.
PROJECT INFO What does this OWASP project offer you? |
RELEASE(S) INFO What releases are available for this project? | |||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|