Contrast-Security-OSS / java-sarif

Related projects ⓘ

Alternatives and complementary repositories for java-sarif

• MysterAitch / JavaParser-AST-Inspector
  Using JavaParser (https://github.com/JavaParser/JavaParser), browse and navigate the Abstract Syntax Tree (AST) based on the code in your…
  ☆50Updated last month
• ASSERT-KTH / sorald
  Automatic repair system for static analysis warnings from SonarQube's SonarJava, TDSC 2022 http://arxiv.org/pdf/2103.12033
  ☆90Updated this week
• SpoonLabs / spoon-examples
  Examples on how to use the Spoon Java source code transformation library
  ☆85Updated 2 years ago
• apache / maven-dependency-analyzer
  Apache Maven Dependency Analyzer
  ☆40Updated 3 weeks ago
• JetBrains / spotbugs-intellij-plugin
  The SpotBugs Plugin for IntelliJ IDEA
  ☆72Updated 2 months ago
• apache / maven-indexer
  Apache Maven Indexer
  ☆67Updated this week
• snyk / snyk-maven-plugin
  Test and monitor your projects for vulnerabilities with Maven. This plugin is officially maintained by Snyk.
  ☆78Updated 3 months ago
• package-url / packageurl-java
  Java/JVM implementation of the package url spec
  ☆22Updated 5 months ago
• fasten-project / fasten
  Analyse package dependency networks at the call graph level
  ☆92Updated 11 months ago
• olivergondza / maven-jdk-tools-wrapper
  Universal dependency to build against jdk.tools (AKA tools.jar) in a portable way
  ☆37Updated 8 years ago
• Fraunhofer-AISEC / codyze
  Codyze is a static analyzer for Java, C, C++ based on code property graphs
  ☆87Updated last week
• getappmap / appmap-java
  AppMap client agent for Java
  ☆82Updated 2 months ago
• plume-oss / plume
  Plume is a code representation benchmarking library with options to extract the AST from Java bytecode and store the result in various gr…
  ☆70Updated last month
• SonarSource / sslr
  SonarSource Language Recognizer
  ☆78Updated 3 weeks ago
• brutusin / instrumentation
  An extensible java agent framework that instruments (modifies the bytecode at class loading time) programs running on the JVM, with the p…
  ☆47Updated 4 years ago
• CycloneDX / cyclonedx-core-java
  CycloneDX SBOM Model and Utils for Creating and Validating BOMs
  ☆81Updated this week
• mojohaus / license-maven-plugin
  Maven plugin to download and collect license files from project dependencies.
  ☆107Updated this week
• eclipse / jbom
  ☆111Updated 5 months ago
• jeantessier / dependency-finder
  A suite of tools for analyzing compiled Java code.
  ☆43Updated last week
• davidetaibi / sonarqube-anti-patterns-code-smells
  ☆22Updated 6 years ago
• STAMP-project / test-runner
  test driver to run JUnit tests isolated in a new JVM
  ☆16Updated 2 weeks ago
• STAMP-project / pitmp-maven-plugin
  Maven plugin to handle multi module projects for PiTest
  ☆46Updated last year
• ASSERT-KTH / deptrim
  DepTrim automatically specializes the software supply chain of dependencies in Maven projects https://arxiv.org/pdf/2302.08370
  ☆13Updated 2 weeks ago
• stevespringett / Alpine
  An opinionated scaffolding framework that jumpstarts Java projects with an API-first design, secure defaults, and minimal dependencies
  ☆62Updated this week
• seart-group / java-tree-sitter
  Java bindings for tree-sitter
  ☆31Updated this week
• ShiftLeftSecurity / overflowdb
  ShiftLeft OverflowDB
  ☆112Updated 4 months ago
• victims / victims-enforcer-legacy
  A rule for the Maven enforcer plugin to check for vulnerable artifacts within a project.
  ☆40Updated 4 years ago
• javacc21 / javacc21
  JavaCC
  ☆70Updated last year
• jspecify / jspecify-reference-checker
  The reference implementation for the JSpecify nullness specification (and later, its other specifications as well)
  ☆26Updated 2 months ago
• jvm-repo-rebuild / reproducible-central
  Reproducible Central: rebuild instructions for artifacts published to (Maven) Central Repository
  ☆104Updated this week