This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

OWASP SonarQube Project

From OWASP

Revision as of 22:03, 7 August 2017 by VinodA (talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to: navigation, search

Main
FAQs
Acknowledgements
Project About

NOTE: If you are interested in contributing to open source static vulnerability analysis for Java, OWASP recommends you contribute to the Find Security Bugs Project run by Philippe Arteau. FindSecBugs is a FindBugs plugin. Philippe also runs the SonarQube FindBugs Plugin Project, which bundles both FindBugs and FindSecBugs into a plugin that can be used with SonarQube and in fact comes bundled with SonarQube by default. So, by contributing to the Find Security Bugs project, you are helping both the Find Bugs and SonarQube user communities at the same time.

The "News" is updated as soon as :

A check specification is created
A SonarQube analysers containing some stuff relating to this OWASP SonarQube project is released.

About SonarQube

SonarQube is an Open Source platform for managing code quality. This platform can be extended with Open Source or commercial plugins, see for instance the Java, JavaScript, PHP and C# plugins.

Licensing

OWASP SonarQube Project is free to use. It is licensed under the Apache 2.0 license, so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one.