[Owasp-board] REQUEST FOR COMMENTS/FW: New Static Analysis Tool - "Yasca"

Seba seba at owasp.org
Fri Oct 24 02:35:13 UTC 2008


Look for synergies with the Orizon / Source code review projects?
regards

Seba

On Thu, Oct 23, 2008 at 5:50 PM, Dave Wichers <dave.wichers at owasp.org>wrote:

>  I don't have any objections. Do we have any other code analysis tools
> that compete with this? I think we do, and so we should try to get them to
> coordinate / work together.
>
>
>
> In fact, anytime we have multiple tools in the same category, we should try
> to get them to work together.
>
>
>
> -Dave
>
>
>
> *From:* owasp-board-bounces at lists.owasp.org [mailto:
> owasp-board-bounces at lists.owasp.org] *On Behalf Of *Paulo Coimbra
> *Sent:* Thursday, October 23, 2008 11:45 AM
> *To:* 'OWASP Foundation Board List'
> *Subject:* [Owasp-board] REQUEST FOR COMMENTS/FW: New Static Analysis Tool
> - "Yasca"
>
>
>
> Board,
>
>
>
> I am ready to set up this project. Any objections and/or instructions?
>
>
>
> Thanks,
>
>
>
> Paulo Coimbra,
>
> OWASP Project Manager <https://www.owasp.org/index.php/Main_Page>
>
>
>
> *From:* Michael V. Scovetta [mailto:michael.scovetta at gmail.com] *On Behalf
> Of *Michael V. Scovetta
> *Sent:* segunda-feira, 20 de Outubro de 2008 22:01
> *To:* paulo.coimbra at owasp.org
> *Cc:* 'Michael.scovetta at gmail.com'
> *Subject:* New Static Analysis Tool - "Yasca"
>
>
>
> Hi Paulo,
>
>
>
> I've written a new static analysis tool and would like to include it among
> the other OWASP projects. I've been involved with OWASP/NYC and plan to
> submit a presentation for upcoming conferences. Here is my quick
> introduction to Yasca. A PPT will be coming out soon.
>
>
>
> ---
>
>
>
> Yasca is a new static analysis tool designed to scan Java, C/C++,
> JavaScript, .NET, and other source code for security and code-quality
> issues. Yasca is easily extensible via a plugin-based architecture, so
> scanning PHP, Ruby, or other languages is as simple as coming up with rules
> or integrating external tools.
>
>
>
> Yasca includes plugins for the following open-source projects:
>
>      * FindBugs (http://findbugs.sourceforge.net/)
>
>      * PMD (http://pmd.sourceforge.net/)
>
>      * Jlint / antiC (http://artho.com/jlint/)
>
>
>
> Yasca also features a simple regular-expression plugin that allows new
> rules to be written in less than a minute. It includes many custom rules
> created specifically for Yasca, and additional rule-packs will be released
> soon.
>
>
>
> Yasca is hosted on SourceForge (http://sourceforge.net/projects/yasca)
> with additional information at http://yasca.org.
>
>
>
> Thank you,
>
>
>
> Mike Scovetta
>
>
>
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20081024/7d735655/attachment-0002.html>


More information about the Owasp-board mailing list