Skip to content
/ CogniCrypt-CI-Integration Public
forked from secure-software-engineering/CogniCrypt-CI-Integration

This repository contains code for a Jenkins adaptor for CogniCrypt which is based on warnings-ng-plugin https://github.com/jenkinsci/warnings-ng-plugin

License

MIT license
0 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

svenfeld/CogniCrypt-CI-Integration

BranchesTags
 
 

Repository files navigation

CogniCrypt for Build Environments

This repository hosts various plugins which integrate CogniCrypt Static Analysis into your build environments.

Contents

Currently this repository lists the following plugins:

  1. Maven build plugin - maven: Runs CogniCrypt analysis at the verify phase and reports any crypto API misuses. Reports can be written to console or into a SARIF (Static Analysis Results Interchange Format) file.
  2. Jenkins Next Generation Warnings plugin - jenkins-ng-warnings: As a post-build-action it takes a SARIF input and presents the findings.

Please see the individual folders for detailed information about building and installing.

Contributing

TODO

Limitations

Version 1.5-SNAPSHOT
  • Maven Plugin only works for JCA CrySL ruleset.

Credits

This work is part of the research project "AppSecure.nrw - Security-by-Design of Java-based Applications". The project is funded by the European Regional Development Fund (ERDF-0801379).

AppSecure.nrw Logo

EFRE Logo Ziel2NRW Logo

About

This repository contains code for a Jenkins adaptor for CogniCrypt which is based on warnings-ng-plugin https://github.com/jenkinsci/warnings-ng-plugin

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

1 tags

Packages

No packages published

Languages

  • Java 100.0%