Added by Olivier Gaudin, last edited by Olivier Gaudin on Sep 28, 2009  (view change)

Labels:

Enter labels to add to this page:
Wait Image 
Looking for a label? Just start typing.
Name
Security Rules
Authors
SonarSource
Jira
http://jira.codehaus.org/browse/SONARPLUGINS/component/14110
Most Recent Version
0.1
License
LGPL v3
Sources
http://svn.codehaus.org/sonar-plugins/trunk/security-rules/
Download
sonar-security-rules-plugin-0.1.jar

Compatibility with Sonar

Plugin versions
1.10+
0.1

Description / Features

This plugin enables to define and monitor a group of rules. The violations on those rules get reported in the new widget. The plugin is called Security Rules Plugin as it embedds the list of security rules as the default set of rules.

The set of rules can be redefined by going to configuration -> settings -> Security rules. The format is pluginName:ruleKey, pluginName2:ruleKey2...

Usage & Installation

1. Copy the jar into /extensions/plugins/ directory
2. Restart Sonar Web server
3. Launch a new quality analysis and the metrics will be fed

Known limitations

The plugin enables to quickly identify files that are impacted by a security break, but when in the file there is no mechanism to highlight the security violations.

Changelog

Comments  (Hide Comments)

I added the sonar-security-rules-plugin-0.1.jar to my extensions/plugins directory.  When I restarted my webserver, I did not see the Security Rules Plugin under Configuration -> Settings.  I am using Sonar 1.9.2 on Apache Tomcat 6.0.14.

Posted by Tim Andersen at Sep 30, 2009 12:57

Hi Tim, this Security Rules plugin is only compatible with Sonar 1.10 and upcoming Sonar 1.11.

Posted by Freddy Mallet at Sep 30, 2009 13:44