sonar-cryptography
sonar-cryptography copied to clipboard
cbomkit
This repository contains a SonarQube Plugin that detects cryptographic assets in source code and generates CBOM.
Bumps `sonar.plugin.api.version` from 13.1.0.3124 to 13.2.0.3137. Updates `org.sonarsource.api.plugin:sonar-plugin-api` from 13.1.0.3124 to 13.2.0.3137 Release notes Sourced from org.sonarsource.api.plugin:sonar-plugin-api's releases. 13.2.0.3137 What's Changed PLUGINAPI-154 New issue status - IN_SANDBOX by @vikvorona in...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [org.apache.maven.plugins:maven-surefire-plugin](https://github.com/apache/maven-surefire) from 3.5.3 to 3.5.4. Release notes Sourced from org.apache.maven.plugins:maven-surefire-plugin's releases. 3.5.4 🚀 New features and improvements Name the shutdown hook (#3170) @cstamas Implement fail-fast behavior for JUnit Platform...
Bumps [com.google.guava:guava](https://github.com/google/guava) from 33.4.8-jre to 33.5.0-jre. Release notes Sourced from com.google.guava:guava's releases. 33.5.0 Maven <dependency> <groupId>com.google.guava</groupId> <artifactId>guava</artifactId> <version>33.5.0-jre</version> <!-- or, for Android: --> <version>33.5.0-android</version> </dependency> Jar files 33.5.0-jre.jar 33.5.0-android.jar Guava...
Bumps [org.bouncycastle:bcprov-jdk18on](https://github.com/bcgit/bc-java) from 1.81 to 1.82. Changelog Sourced from org.bouncycastle:bcprov-jdk18on's changelog. 2.1.1 Version Release: 1.82 Date: 2025, 17th September. ... (truncated) Commits See full diff in compare view [![Dependabot compatibility...
Bumps `sonar.python.version` from 5.9.0.25193 to 5.10.0.25429. Updates `org.sonarsource.python:sonar-python-plugin` from 5.9.0.25193 to 5.10.0.25429 Commits See full diff in compare view Updates `org.sonarsource.python:python-checks-testkit` from 5.9.0.25193 to 5.10.0.25429 Commits See full diff in...
When scanning `pkg:maven/com.google.guava/[email protected]` we get 12 findings all of which come from [Hashing.java](https://github.com/google/guava/blob/2214c63/guava/src/com/google/common/hash/Hashing.java). All findings refer to locations at the closing '*/' of javadoc comments. One such example is [Hashing.java#L364](https://github.com/google/guava/blob/2214c63/guava/src/com/google/common/hash/Hashing.java#L364-L364)....
We've integrated this plugin into our SonarQube setup and observed a noticeable increase in memory usage during analysis, which causing build failures. What is the recommended heap settings when using...
Once the plugin exits the alpha testing phase and reaches a stable release, it would be valuable to initiate the process of publishing it to the SonarQube Marketplace. Publishing the...
Hello, I have been conducting experiments with your plugin and would like to share some of my results. Thank you for the great work! ### Context: sonar-cryptography plugin version: 1.4.5...
Hello, I have been conducting experiments with your plugin and would like to share some of my results. Thank you for the great work! ### Context: sonar-cryptography plugin version: 1.4.5...