Alternatives and similar repositories for java-sarif:

Users that are interested in java-sarif are comparing it to the libraries listed below

• MysterAitch / JavaParser-AST-Inspector
  Using JavaParser (https://github.com/JavaParser/JavaParser), browse and navigate the Abstract Syntax Tree (AST) based on the code in your…
  ☆51Updated 3 weeks ago
• ASSERT-KTH / sorald
  Automatic repair system for static analysis warnings from SonarQube's SonarJava, TDSC 2022 http://arxiv.org/pdf/2103.12033
  ☆94Updated this week
• snyk / snyk-maven-plugin
  Test and monitor your projects for vulnerabilities with Maven. This plugin is officially maintained by Snyk.
  ☆81Updated last month
• JetBrains / qodana-sarif
  ☕️ Java library for working with SARIF files by Qodana team
  ☆16Updated 2 months ago
• apache / maven-dependency-analyzer
  Apache Maven Dependency Analyzer
  ☆41Updated 3 weeks ago
• openclover / clover
  This repository contains source code of OpenClover Core as well as its integrations: Clover-for-Ant, Clover-for-Eclipse and Clover-for-ID…
  ☆65Updated 6 months ago
• apache / maven-indexer
  Apache Maven Indexer
  ☆66Updated last month
• getappmap / appmap-java
  AppMap client agent for Java
  ☆84Updated last month
• stevespringett / vulndb-data-mirror
  A simple Java command-line utility to mirror the entire contents of VulnDB.
  ☆44Updated 5 months ago
• mebigfatguy / fb-contrib
  a FindBugs/SpotBugs plugin for doing static code analysis for java code bases
  ☆157Updated last month
• CycloneDX / cyclonedx-core-java
  CycloneDX SBOM Model and Utils for Creating and Validating BOMs
  ☆93Updated this week
• jenkinsci / script-security-plugin
  Allows Jenkins admins to control what in-process scripts can be run by users
  ☆69Updated this week
• victims / victims-enforcer-legacy
  A rule for the Maven enforcer plugin to check for vulnerable artifacts within a project.
  ☆40Updated 4 years ago
• javaparser / javasymbolsolver-maven-sample
  Sample project with basic Maven + JavaSymbolSolver set up
  ☆41Updated 2 weeks ago
• Stefku / intellij-reference-diagram
  This plugin for IntelliJ IDEA Ultimate provides a diagram showing a reference graph for methods in java classes
  ☆110Updated 3 years ago
• mojohaus / license-maven-plugin
  Maven plugin to download and collect license files from project dependencies.
  ☆111Updated last week
• seart-group / java-tree-sitter
  Java bindings for tree-sitter
  ☆42Updated last week
• eclipse-jbom / jbom
  ☆114Updated 3 weeks ago
• SonarSource / sslr
  SonarSource Language Recognizer
  ☆80Updated this week
• package-url / packageurl-java
  Java/JVM implementation of the package url spec
  ☆42Updated this week
• jeremylong / open-vulnerability-cli
  A cli that can be used to query various online vulnerability sources such as the NVD or GHSA. The CLI and docker images can be used to mi…
  ☆145Updated this week
• plume-oss / plume
  Plume is a code representation benchmarking library with options to extract the AST from Java bytecode and store the result in various gr…
  ☆74Updated 6 months ago
• metlos / jmh-maven-plugin
  A maven plugin capable or running the JMH benchmarks found in the test sources.
  ☆27Updated 4 years ago
• pmckeown / dependency-track-maven-plugin
  Maven plugin that integrates with a Dependency Track server to submit dependency manifests and optionally fail execution when vulnerable …
  ☆69Updated last month
• ShiftLeftSecurity / overflowdb
  ShiftLeft OverflowDB
  ☆121Updated 9 months ago
• JetBrains / spotbugs-intellij-plugin
  The SpotBugs Plugin for IntelliJ IDEA
  ☆78Updated 2 months ago
• getappmap / appmap-intellij-plugin
  ☆44Updated last week
• eclipse-eclemma / eclemma
  　Java Code Coverage for Eclipse IDE
  ☆65Updated last week
• spotbugs / spotbugs-maven-plugin
  Maven Mojo Plug-In to generate reports based on the SpotBugs Analyzer
  ☆87Updated last week
• Fraunhofer-AISEC / codyze
  Codyze is a static analyzer for Java, C, C++ based on code property graphs
  ☆87Updated 3 months ago