Alternatives and similar repositories for sonar-findbugs

Users that are interested in sonar-findbugs are comparing it to the libraries listed below

• SonarSource / sonar-custom-rules-examples
  Shows how to bootstrap a project to write custom rules for PHP, Python, Cobol, RPG
  ☆241Updated 3 months ago
• dependency-check / dependency-check-sonar-plugin
  Integrates Dependency-Check reports into SonarQube
  ☆674Updated 3 weeks ago
• stevespringett / nist-data-mirror
  A simple Java command-line utility to mirror the CVE JSON data from NIST.
  ☆211Updated 3 years ago
• SonarSource / sonar-java
  SonarSource Static Analyzer for Java Code Quality and Security
  ☆1,182Updated this week
• checkstyle / sonar-checkstyle
  Support on Checkstyle in SonarQube. Officially transfered from https://github.com/SonarQubeCommunity/sonar-checkstyle
  ☆186Updated 4 months ago
• SonarSource / sonar-custom-plugin-example
  Shows how to write a SonarQube Server plugin
  ☆148Updated last week
• SonarSource / sonar-scanner-maven
  SonarQube Scanner for Maven
  ☆159Updated last week
• jborgers / sonar-pmd
  ☕️ PMD Plugin for SonarQube
  ☆283Updated last week
• SonarSource / sonar-scanner-java-library
  Common Java library used by many SonarScanners
  ☆119Updated this week
• mebigfatguy / fb-contrib
  a FindBugs/SpotBugs plugin for doing static code analysis for java code bases
  ☆165Updated this week
• pmckeown / dependency-track-maven-plugin
  Maven plugin that integrates with a Dependency Track server to submit dependency manifests and optionally fail execution when vulnerable …
  ☆72Updated last month
• jenkinsci / dependency-check-plugin
  Jenkins plugin for OWASP Dependency-Check. Inspects project components for known vulnerabilities (e.g. CVEs).
  ☆137Updated this week
• ESAPI / esapi-java-legacy
  ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library that makes it easier for progr…
  ☆640Updated 3 weeks ago
• CycloneDX / cyclonedx-maven-plugin
  Creates CycloneDX Software Bill of Materials (SBOM) from Maven projects
  ☆343Updated this week
• ESAPI / esapi-java
  ☆333Updated 2 years ago
• findbugsproject / findbugs
  The new home of the FindBugs project
  ☆774Updated last month
• SonarSource / sonar-scanner-jenkins
  SonarQube Scanner for Jenkins
  ☆184Updated this week
• SonarSource / sonarlint-intellij
  SonarLint for IntelliJ
  ☆628Updated this week
• OWASP / owasp-java-encoder
  The OWASP Java Encoder is a Java 1.5+ simple-to-use drop-in high-performance encoder class with no dependencies and little baggage. This …
  ☆524Updated this week
• donhui / sonar-mybatis
  MyBatis Plugin for SonarQube: Rules to check SQL statements in MyBatis Mapper XML files
  ☆77Updated last year
• amitdev / PMD-Intellij
  Plugin for doing static analysis in Intellij using PMD
  ☆74Updated last week
• nahsra / antisamy
  a library for performing fast, configurable cleansing of HTML coming from untrusted sources
  ☆198Updated last week
• SonarSource / sonar-scanner-cli
  Scanner CLI for SonarQube (Server, Cloud)
  ☆407Updated this week
• SonarSource / sonarlint-eclipse
  SonarLint for Eclipse
  ☆270Updated this week
• aramrami / OWASP-CSRFGuard
  OWASP CSRFGuard 3.1.0
  ☆163Updated 3 years ago
• gabrie-allaigre / sonar-auth-gitlab-plugin
  Use GitLab OAuth login in SonarQube login page
  ☆103Updated 3 years ago
• andrealbinop / Dockerfiles
  This repository contains all base Dockerfiles for Docker that I use, and are available at Docker registry.
  ☆68Updated 6 years ago
• snyk / snyk-maven-plugin
  Test and monitor your projects for vulnerabilities with Maven. This plugin is officially maintained by Snyk.
  ☆82Updated 3 weeks ago
• SonarSource / sonar-scanning-examples
  Shows how to use the Scanners
  ☆924Updated 2 months ago
• eclipse-steady / steady
  Analyses your Java applications for open-source dependencies with known vulnerabilities, using both static analysis and testing to determ…
  ☆542Updated last year