Contrast-Security-OSS / java-sarif
POJOs generated from the Static Analysis Results Interchange Format (SARIF) JSON schema.
☆22Updated 3 years ago
Alternatives and similar repositories for java-sarif:
Users that are interested in java-sarif are comparing it to the libraries listed below
- Using JavaParser (https://github.com/JavaParser/JavaParser), browse and navigate the Abstract Syntax Tree (AST) based on the code in your…☆51Updated last month
- Java/JVM implementation of the package url spec☆23Updated 7 months ago
- Test and monitor your projects for vulnerabilities with Maven. This plugin is officially maintained by Snyk.☆79Updated 5 months ago
- The SpotBugs Plugin for IntelliJ IDEA☆74Updated 4 months ago
- Automatic repair system for static analysis warnings from SonarQube's SonarJava, TDSC 2022 http://arxiv.org/pdf/2103.12033☆92Updated last week
- Plugin for doing static analysis in Intellij using PMD☆72Updated last month
- A rule for the Maven enforcer plugin to check for vulnerable artifacts within a project.☆40Updated 4 years ago
- AppMap client agent for Java☆82Updated 4 months ago
- Maven plugin to download and collect license files from project dependencies.☆109Updated this week
- Codyze is a static analyzer for Java, C, C++ based on code property graphs☆88Updated this week
- CycloneDX SBOM Model and Utils for Creating and Validating BOMs☆83Updated this week
- Analyse package dependency networks at the call graph level☆92Updated last year
- Universal dependency to build against jdk.tools (AKA tools.jar) in a portable way☆37Updated 8 years ago
- Apache Maven Indexer☆67Updated last week
- Apache Maven Dependency Analyzer☆41Updated this week
- a FindBugs/SpotBugs plugin for doing static code analysis for java code bases☆157Updated last month
- A library to read static analysis reports into a Java object model☆83Updated this week
- Plume is a code representation benchmarking library with options to extract the AST from Java bytecode and store the result in various gr…☆72Updated 3 months ago
- SonarSource Language Recognizer☆79Updated last week
- Gradle plugin that scans the dependencies of a Gradle project using Sonatype platforms: OSS Index and Lifecycle.☆77Updated 2 weeks ago
- Maven plugin to handle multi module projects for PiTest☆46Updated last year
- A suite of tools for analyzing compiled Java code.☆44Updated this week
- Sample project with basic Maven + JavaSymbolSolver set up☆39Updated last month
- This repository contains source code of OpenClover Core as well as its integrations: Clover-for-Ant, Clover-for-Eclipse and Clover-for-ID…☆66Updated 3 months ago
- An opinionated scaffolding framework that jumpstarts Java projects with an API-first design, secure defaults, and minimal dependencies☆62Updated this week
- A dynamic symbolic analysis tool for Java☆116Updated 5 years ago
- fast and effective way to access and analyze java bytecode☆23Updated this week
- Reproducible Central: rebuild instructions for artifacts published to (Maven) Central Repository☆106Updated this week
- Examples on how to use the Spoon Java source code transformation library☆85Updated 2 years ago
- A simple Java command-line utility to mirror the entire contents of VulnDB.☆44Updated last month