Contrast-Security-OSS / java-sarif
POJOs generated from the Static Analysis Results Interchange Format (SARIF) JSON schema.
☆21Updated 3 years ago
Related projects ⓘ
Alternatives and complementary repositories for java-sarif
- Using JavaParser (https://github.com/JavaParser/JavaParser), browse and navigate the Abstract Syntax Tree (AST) based on the code in your…☆50Updated last month
- Automatic repair system for static analysis warnings from SonarQube's SonarJava, TDSC 2022 http://arxiv.org/pdf/2103.12033☆90Updated this week
- Examples on how to use the Spoon Java source code transformation library☆85Updated 2 years ago
- Apache Maven Dependency Analyzer☆40Updated 3 weeks ago
- The SpotBugs Plugin for IntelliJ IDEA☆72Updated 2 months ago
- Apache Maven Indexer☆67Updated this week
- Test and monitor your projects for vulnerabilities with Maven. This plugin is officially maintained by Snyk.☆78Updated 3 months ago
- Java/JVM implementation of the package url spec☆22Updated 5 months ago
- Analyse package dependency networks at the call graph level☆92Updated 11 months ago
- Universal dependency to build against jdk.tools (AKA tools.jar) in a portable way☆37Updated 8 years ago
- Codyze is a static analyzer for Java, C, C++ based on code property graphs☆87Updated last week
- AppMap client agent for Java☆82Updated 2 months ago
- Plume is a code representation benchmarking library with options to extract the AST from Java bytecode and store the result in various gr…☆70Updated last month
- SonarSource Language Recognizer☆78Updated 3 weeks ago
- An extensible java agent framework that instruments (modifies the bytecode at class loading time) programs running on the JVM, with the p…☆47Updated 4 years ago
- CycloneDX SBOM Model and Utils for Creating and Validating BOMs☆81Updated this week
- Maven plugin to download and collect license files from project dependencies.☆107Updated this week
- ☆111Updated 5 months ago
- A suite of tools for analyzing compiled Java code.☆43Updated last week
- ☆22Updated 6 years ago
- test driver to run JUnit tests isolated in a new JVM☆16Updated 2 weeks ago
- Maven plugin to handle multi module projects for PiTest☆46Updated last year
- DepTrim automatically specializes the software supply chain of dependencies in Maven projects https://arxiv.org/pdf/2302.08370☆13Updated 2 weeks ago
- An opinionated scaffolding framework that jumpstarts Java projects with an API-first design, secure defaults, and minimal dependencies☆62Updated this week
- Java bindings for tree-sitter☆31Updated this week
- ShiftLeft OverflowDB☆112Updated 4 months ago
- A rule for the Maven enforcer plugin to check for vulnerable artifacts within a project.☆40Updated 4 years ago
- JavaCC☆70Updated last year
- The reference implementation for the JSpecify nullness specification (and later, its other specifications as well)☆26Updated 2 months ago
- Reproducible Central: rebuild instructions for artifacts published to (Maven) Central Repository☆104Updated this week