Mar 25, 2024 · Add the ability to scan your dependencies and get an insight on the vulnerabilities, compliance, maintainability, popularity and more.

Feb 23, 2024 · This library provides a Java API to read, aggregate, filter, and query static analysis reports. It is used by my Jenkins' warnings plug-in ...

Feb 25, 2024 · Dependency-Check is a utility that identifies project dependencies and checks if there are any known, publicly disclosed, vulnerabilities.

Mar 2, 2020 · Findsecbugs for Developers ... Spotbugs is a utility used in Jenkins and many other Java projects to detect common Java coding mistakes and bugs.

The Jenkins security team created a custom code scanner based on GitHub's CodeQL. It is capable of finding vulnerabilities common in Jenkins plugins. This page ...

Apr 12, 2023 · Dependency-Track is an intelligent Software Supply Chain Component Analysis platform that allows organizations to identify and reduce risk from ...

Klocwork Analysis Plug-in. View this plugin on ... Java build specification based on the information in your maven ... Security · Contributing. Project. Structure ...

This plugin provides a deep integration between Jenkins and Maven. It adds support for automatic triggers between projects depending on SNAPSHOTs as well as ...

fortifyRemoteAnalysis : Upload a project for remote Fortify SCA analysis ; fortifyGradle; fortifyGradle ; fortifyMSBuild; fortifyMSBuild ; fortifyMaven

Sep 7, 2021 · Maven plugin bundles commons-httpclient library vulnerable to man-in-the-middle attacks · Sensitive values in module build logs not masked.