This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
OWASP SonarQube Project
- How to help ?
- Give us your expertise on some langage, or ability to test on some real project our quality profile, or more...
- Will you plan other langage ?
- Yes, contact us if you want to know more. And perhaps give us some feedback one some real projects....
Sponsors :
Advens ; French Experts on application security
SonarSource ; Founder and maintainer of SonarQube
Volunteers
SonarQube is developed by a worldwide team of volunteers. The primary contributors to date have been:
As of June 2014, the priorities are:
First deliver on Java langage :
- Deliver for the beginning of Q4 (October) 2014 a set of profile
directly mapping OWASP Top10 2013 with the standard rules of SonarQube.
- Deliver for the end of the year 2014 a set of profile mapping
PCI-DSS requirements with the standard rules of SonarQube.
- Deliver for 2015 profiles for mapping OWASP ASVS level (1,2,3,4).
- Deliver profile based on Cert Secure Coding and ISO 27034 ASC for 2015
We plan but not having any roadmap to setup and deliver to OWASP project the capacity yo scan their project with the profiles and rules.
Involvement in the development and promotion of SonarQube is actively encouraged! You do not have to be a security expert in order to contribute.
PROJECT INFO What does this OWASP project offer you? |
RELEASE(S) INFO What releases are available for this project? | |||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|