Skip to content
  • 2.0.0
  • d304ad5
  • Compare
    Choose a tag to compare
    Search for a tag
  • 2.0.0
  • d304ad5
  • Compare
    Choose a tag to compare
    Search for a tag

@normanwenzel normanwenzel released this Nov 2, 2018 · 10 commits to master since this release

  • Support for SonarQube 7.3
  • Integration into SonarQubes "Security Reports"
  • Added tags for OWASP Top 10 and SANS Top 25 categories
  • Moved plugin configuration into "External Analyzers" section
  • Added new option "Import All" to optionally create issues for Xanitizer findings detected by OWASP Dependency Check and SpotBugs as well as issues for findings without any detected code location to allow consistent numbers in SonarQube and Xanitizer itself.
  • Support of the new protocol check problem types introduced with Xanitizer 4.1.
  • Added several new rules for problem types introduced with Xanitizer 4.1.

Fixed Issues:
#8

Assets 3
  • 1.5.0
  • d20abcb
  • Compare
    Choose a tag to compare
    Search for a tag
  • 1.5.0
  • d20abcb
  • Compare
    Choose a tag to compare
    Search for a tag

@normanwenzel normanwenzel released this Dec 15, 2017 · 35 commits to master since this release

  • Added new problem type "Reflection Injection"
  • Adapted SonarQube API access to new version

Fixed Issues:
#6

Assets 3

@normanwenzel normanwenzel released this Sep 1, 2017 · 57 commits to master since this release

  • Improved robustness and logging.
  • Updated mapping of detected problem types

Fixed issues:

  • Xanitizer plugin Error Message #3
  • Xanitizer plugin Error:Fail to get the canonical path #5
Assets 3

@normanwenzel normanwenzel released this Sep 14, 2016 · 80 commits to master since this release

Added additional information for SonarQube Update Center to the pom file

Assets 3

@normanwenzel normanwenzel released this Aug 23, 2016 · 83 commits to master since this release

Reworked plugin some more:

  • Messages now say what to do
  • Only issues for findings that can be matched in the code are created
  • Secondary locations for taint sources / taint sinks
  • Removed Quality Profile
  • Improved detection of corresponding file
Assets 3

@normanwenzel normanwenzel released this Aug 5, 2016 · 89 commits to master since this release

Reworked plugin:

  • removed FindBugs and OWASP Dependency Check rules
  • single rule for each Xanitizer problem type
  • avoid NoSuchMethod error in newer versions of the Java plugin
  • added descriptions to rules
  • renamed configuration parameter and provide default value
  • reduced length of issue messages
  • many small improvements
Assets 3

@normanwenzel normanwenzel released this Jul 25, 2016 · 98 commits to master since this release

First release of the plugin as open source version.

  • Fixed some minor bugs
  • Added error messages
  • Do not run sensor when no Xanitizer rule is set active in the quality profile
Assets 3
You can’t perform that action at this time.