The Jenkins security team created a custom code scanner based on GitHub's CodeQL. It is capable of finding vulnerabilities common in Jenkins plugins. This page ...
This plug-in publishes Software Bill-of-Materials (SBOM) to Dependency-Track for continuous analysis. This plugin supports CycloneDX and SPDX SBOM formats.
Aug 3, 2020 · The status that indicates the quality gate. The name of the analysis tool used. A short message that indicates statistics of new and total ...
Feb 25, 2024 · Dependency-Check is a utility that identifies project dependencies and checks if there are any known, publicly disclosed, vulnerabilities.
GitHub Checks API for Jenkins Plugins. Project goal: Create a new plugin API so that plugins can publish GitHub checks status messages. Skills to study/improve: ...
Nov 6, 2023 · CodeSonar, CodeSecure's flagship static analysis software, identifies programming bugs that can result in system crashes, memory corruption, ...
Aug 9, 2023 · I've tried removing the file and re-configuring the plugin. After this /mnt/data/github-plugin-configuration.xml gets regenerated as expected.
Missing: /search | Show results with:/search
Adds the ability to perform security analysis with Fortify Static Code Analyzer, upload results to Software Security Center, show analysis results summary, ...
Mar 25, 2024 · Add the ability to scan your dependencies and get an insight on the vulnerabilities, compliance, maintainability, popularity and more.
Dec 6, 2023 · An overview about methods by which you can log stuff from a Jenkins job to a GitHub PR as “Checks”.
Accelerate incident investigation with automated insights from Dynatrace Security Advisor. Take advantage of unified...