This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Project Information:template Yasca Project"

From OWASP
Jump to: navigation, search
m (Added BSD License)
m (Updated website.)
 
(3 intermediate revisions by 3 users not shown)
Line 1: Line 1:
 +
{|
 +
|-
 +
! width="700" align="center" | <br>
 +
! width="500" align="center" | <br>
 +
|-
 +
| align="right" | [[Image:OWASP Inactive Banner.jpg|800px| link=https://www.owasp.org/index.php/OWASP_Project_Stages#tab=Inactive_Projects]]
 +
| align="right" |
 +
 +
|}
 +
 
{| style="width:100%" border="0" align="center"
 
{| style="width:100%" border="0" align="center"
 
  ! colspan="8" align="center" style="background:#4058A0; color:white"|<font color="white">'''PROJECT IDENTIFICATION'''  
 
  ! colspan="8" align="center" style="background:#4058A0; color:white"|<font color="white">'''PROJECT IDENTIFICATION'''  
Line 7: Line 17:
 
  | style="width:15%; background:#7B8ABD" align="center"| '''Short Project Description'''  
 
  | style="width:15%; background:#7B8ABD" align="center"| '''Short Project Description'''  
 
  | colspan="7" style="width:85%; background:#cccccc" align="left"|  
 
  | colspan="7" style="width:85%; background:#cccccc" align="left"|  
* Yasca is a new static analysis tool designed to scan Java, C/C++, JavaScript, .NET, and other source code for security and code-quality issues. Yasca is easily extensible via a plugin-based architecture, so scanning PHP, Ruby, or other languages is as simple as coming up with rules or integrating external tools.<br>
+
* Yasca is an open source program which looks for security vulnerabilities, code-quality, performance, and conformance to best practices in program source code. It leverages external open source programs, such as [http://findbugs.sourceforge.net/ FindBugs], [http://pmd.sourceforge.net PMD], [http://artho.com/jlint JLint], [http://javascriptlint.com/ JavaScript Lint], [http://www.icosaedro.it/phplint/ PHPLint], [http://en.wikipedia.org/wiki/Cppcheck Cppcheck], [http://en.wikipedia.org/wiki/ClamAV ClamAV], [http://en.wikipedia.org/wiki/RATS RATS], and [http://pixybox.seclab.tuwien.ac.at/ Pixy] to scan specific file types, and also contains many custom scanners developed just for Yasca. It is a command-line tool that generates reports in HTML, CSV, XML, SQLite, and other formats. Yasca is easily extensible via a plugin-based architecture, so scanning any particular file is as simple as coming up with the rules or integrating external tools.<br/>
* Yasca includes plugins for the following open-source projects:
+
* Yasca also features a simple regular-expression plugin that allows new rules to be written in less than a minute.
** FindBugs (http://findbugs.sourceforge.net/)
+
 
** PMD (http://pmd.sourceforge.net/)
 
** Jlint / antiC (http://artho.com/jlint/)
 
* Yasca also features a simple regular-expression plugin that allows new rules to be written in less than a minute. It includes many custom rules created specifically for Yasca, and additional rule-packs will be released soon.
 
 
  |-
 
  |-
 
  | style="width:15%; background:#7B8ABD" align="center"|'''Key Project Information'''
 
  | style="width:15%; background:#7B8ABD" align="center"|'''Key Project Information'''
  | style="width:12%; background:#cccccc" align="center"|Licensed under<br>[http://en.wikipedia.org/wiki/BSD_license BSD License]
+
  | style="width:12%; background:#cccccc" align="center"|Licensed under<br>[http://en.wikipedia.org/wiki/BSD_license BSD License]<br/>[http://en.wikipedia/org/wiki/GPL_license GPL License]
 
  | style="width:12%; background:#cccccc" align="center"|Project Leader<br>[mailto:michael.scovetta(at)gmail.com '''Michael V. Scovetta''']
 
  | style="width:12%; background:#cccccc" align="center"|Project Leader<br>[mailto:michael.scovetta(at)gmail.com '''Michael V. Scovetta''']
 
  | style="width:12%; background:#cccccc" align="center"|Project Contributors<br>[mailto:name(at)name '''Name''']
 
  | style="width:12%; background:#cccccc" align="center"|Project Contributors<br>[mailto:name(at)name '''Name''']
Line 27: Line 34:
 
  |-
 
  |-
 
  | style="width:100%; background:#cccccc" align="center"|
 
  | style="width:100%; background:#cccccc" align="center"|
Yasca is hosted on SourceForge (http://sourceforge.net/projects/yasca) with additional information at http://yasca.org.
+
Yasca is hosted on [https://github.com/scovetta/yasca Github] and has a main project website at [http://scovetta.github.io/yasca/ scovetta.github.io/yasca].
  
 
  |}
 
  |}
Line 54: Line 61:
 
  |-
 
  |-
 
  | style="width:15%; background:#7B8ABD" align="center"|'''First Review'''  
 
  | style="width:15%; background:#7B8ABD" align="center"|'''First Review'''  
  | style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Not yet''' (To update)<br>---------<br>Which status has been reached?<br>'''Alpha Status''' - (To update)<br>---------<br>[[Project Information:template Yasca Project - First Review - Self Evaluation - A|See&Edit: First Review/SelfEvaluation (A)]]
+
  | style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Yes'''<br>---------<br>Which status has been reached?<br>'''Beta Status'''<br>---------<br>[[Project Information:template Yasca Project - First Review - Self Evaluation - A|See&Edit: First Review/SelfEvaluation (A)]]
 
  | style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Not yet''' (To update)<br>---------<br>Which status has been reached?<br>'''Alpha Status''' - (To update)<br>---------<br>[[Project Information:template Yasca Project - First Review - First Reviewer - B|See&Edit: First Review/1st Reviewer (B)]]
 
  | style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Not yet''' (To update)<br>---------<br>Which status has been reached?<br>'''Alpha Status''' - (To update)<br>---------<br>[[Project Information:template Yasca Project - First Review - First Reviewer - B|See&Edit: First Review/1st Reviewer (B)]]
 
  | style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Yes/No''' (To update)<br>---------<br>Which status has been reached?<br>'''Alpha Status''' - (To update)<br>---------<br>[[Project Information:template Yasca Project - First Review - Second Reviewer - C|See&Edit: First Review/2nd Reviewer (C)]]
 
  | style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Yes/No''' (To update)<br>---------<br>Which status has been reached?<br>'''Alpha Status''' - (To update)<br>---------<br>[[Project Information:template Yasca Project - First Review - Second Reviewer - C|See&Edit: First Review/2nd Reviewer (C)]]
Line 60: Line 67:
 
  |-
 
  |-
 
  |}
 
  |}
 
 
 
[[Category:OWASP Project]]
 

Latest revision as of 03:23, 15 July 2014



OWASP Inactive Banner.jpg
PROJECT IDENTIFICATION
Project Name OWASP Yasca Project
Short Project Description
  • Yasca is an open source program which looks for security vulnerabilities, code-quality, performance, and conformance to best practices in program source code. It leverages external open source programs, such as FindBugs, PMD, JLint, JavaScript Lint, PHPLint, Cppcheck, ClamAV, RATS, and Pixy to scan specific file types, and also contains many custom scanners developed just for Yasca. It is a command-line tool that generates reports in HTML, CSV, XML, SQLite, and other formats. Yasca is easily extensible via a plugin-based architecture, so scanning any particular file is as simple as coming up with the rules or integrating external tools.
  • Yasca also features a simple regular-expression plugin that allows new rules to be written in less than a minute.
Key Project Information Licensed under
BSD License
GPL License
Project Leader
Michael V. Scovetta
Project Contributors
Name
Mailing List
To Subscribe
To Use
First Reviewer
Name
Second Reviewer
Name
OWASP Board Member
(if applicable)
Name&Email
PROJECT MAIN LINKS

Yasca is hosted on Github and has a main project website at scovetta.github.io/yasca.

RELATED PROJECTS
SPONSORS & GUIDELINES
Sponsor name, if applicable Guidelines/Roadmap
ASSESSMENT AND REVIEW PROCESS
Review/Reviewer Author's Self Evaluation
(applicable for Alpha Quality & further)
First Reviewer
(applicable for Alpha Quality & further)
Second Reviewer
(applicable for Beta Quality & further)
OWASP Board Member
(applicable just for Release Quality)
First Review Objectives & Deliveries reached?
Yes
---------
Which status has been reached?
Beta Status
---------
See&Edit: First Review/SelfEvaluation (A)
Objectives & Deliveries reached?
Not yet (To update)
---------
Which status has been reached?
Alpha Status - (To update)
---------
See&Edit: First Review/1st Reviewer (B)
Objectives & Deliveries reached?
Yes/No (To update)
---------
Which status has been reached?
Alpha Status - (To update)
---------
See&Edit: First Review/2nd Reviewer (C)
Objectives & Deliveries reached?
Yes/No (To update)
---------
Which status has been reached?
Alpha Status - (To update)
---------
See/Edit: First Review/Board Member (D)