update with latest benchmark version #1
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Update VeracodeReader.java
Corrected issue with CWE parsing
add getSonarVersion for requesting Sonarqube version
Also tweak BenchmarkScore to eliminate Java 13 API call ambiguity.
Ensure HdivReader understands both date formats (w/o date)
updates
added CheckmarxIASTReader.java for CxIAST parser
…project URL in comments at top as well to start pointing to new project location at OWASP.
Fix formatting in changed lines to match original file. Delete duplicate code added accidentally for parsing .faast files.
….java as more inline JavaScript was found that was being blocked.
values of parameter names as input to the server, to set the content-type of the request to application/x-www-form-urlencoded so the server side code can properly process the input and return a response. It was previously submitting a default content-type of test/plain, causing the response to be blank. This change is intended to address issue #120.
script and drop 2 legacy scripts. Add jquery.min file.
error handling to the scorecard generator.
info to the tools/ classes, and 2 other files.
…various source files and eliminate a few small Java warnings in some of these classes.
Refactor various constants related to the name of the test suite, name of test case classes, etc. to make it easier to expand, change these in the future (more still needs to be done with that). Fix PMDReader and update SonarQubeReader. Minor code cleanup here and there.
…encodings, missing closing tags, extra erroneous attributes, etc.
…st cases to use this new constant name. Update test case headers to point to new OWASP Benchmark project page on new OWASP site. Clean up a few code constructs in test cases that generated compiler code quality warnings.
make them properly configuraable where appropriate.
Update Contrast config flags and Contrast readme.txt
off by default that Benchmark needs.
new BurpJSONReader.
eliminate a few misc TODOs.
security specific areas of concern identified by SonarQube.
Update BenchmarkScore to identify whether the provided SARIF file belongs to CodeQL or LGTM
Add CodeQLReader as a parser for parsing CodeQL results
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
14 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.