codyze
codyze copied to clipboard
Fraunhofer-AISEC
Codyze is a static analyzer for Java, C, C++ based on code property graphs
Test Code: `package WeakEncryption.InadequateRSAPadding; import javax.crypto.Cipher; public class CWE780_WeakEncryption_InadequateRSAPadding_01 { public void bad() throws Exception { /* POTENTIAL FLAW: Not OAEP */ Cipher.getInstance("RSA"); } public void good() throws Exception {...
**Problem:** Programms may use hardcoded/static passwords, IVs or salts for cryptographic operations. For example, devices may ship with a default password that is coded into the software/firmware. These information often...
[](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [org.eclipse.lsp4j:org.eclipse.lsp4j](https://togithub.com/eclipse/lsp4j) | `0.16.0` -> `0.17.0` | [](https://docs.renovatebot.com/merge-confidence/)...
![renovate[bot] avatar](https://avatars.githubusercontent.com/in/2740?v=4 "renovate[bot] avatar"){kind=avatar}
This issue lists Renovate updates and detected dependencies. Read the [Dependency Dashboard](https://docs.renovatebot.com/key-concepts/dashboard/) docs to learn more. ## Open These updates have all been created already. Click a checkbox below to...
[](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [de.fraunhofer.aisec:cpg-analysis](https://togithub.com/Fraunhofer-AISEC/cpg) | `4.6.3` -> `5.0.0` | [](https://docs.renovatebot.com/merge-confidence/)...
Some of our dependencies are assembled directly from their GitHub project. We use JitPack to provide a Maven repo. However, the URL is not recognized by Renovate resulting in warnings....
We're preparing for archiving Codyze v2. This removes unused parts from the build script and cleans it up.
Reduce the linkage of external content on our project's website. - [x] Fonts by MkDocs - [x] Included Fontawesome on landing page - [x] Youtube video about Codyze - [x]...
This PR extends the SARIF output returned after the analysis. Different properties are added to the `Executor` interface which are used to describe the executor in more detail for the...
Semi-recent restructurings in the project repository broke the `upgrade` workflow that checks the build on different OS with different Java versions. This PR fixes the workflow and removes the masking...
Metadata
Owner
Metadata
Codyze is a static analyzer for Java, C, C++ based on code property graphs