Difference between revisions of "Project Information:template Yasca Project"

From OWASP
Jump to: navigation, search
(Fixed up some links.)
 
(8 intermediate revisions by 2 users not shown)
Line 1: Line 1:
 
{| style="width:100%" border="0" align="center"
 
{| style="width:100%" border="0" align="center"
  ! colspan="7" align="center" style="background:#4058A0; color:white"|<font color="white">'''PROJECT IDENTIFICATION'''  
+
  ! colspan="8" align="center" style="background:#4058A0; color:white"|<font color="white">'''PROJECT IDENTIFICATION'''  
 
  |-
 
  |-
 
  | style="width:15%; background:#7B8ABD" align="center"|'''Project Name'''
 
  | style="width:15%; background:#7B8ABD" align="center"|'''Project Name'''
  | colspan="6" style="width:85%; background:#cccccc" align="left"|<font color="black">'''OWASP Yasca Project'''   
+
  | colspan="7" style="width:85%; background:#cccccc" align="left"|<font color="black">'''OWASP Yasca Project'''   
 
  |-
 
  |-
 
  | style="width:15%; background:#7B8ABD" align="center"| '''Short Project Description'''  
 
  | style="width:15%; background:#7B8ABD" align="center"| '''Short Project Description'''  
  | colspan="6" style="width:85%; background:#cccccc" align="left"|  
+
  | colspan="7" style="width:85%; background:#cccccc" align="left"|  
* Yasca is a new static analysis tool designed to scan Java, C/C++, JavaScript, .NET, and other source code for security and code-quality issues. Yasca is easily extensible via a plugin-based architecture, so scanning PHP, Ruby, or other languages is as simple as coming up with rules or integrating external tools.<br>
+
* Yasca is an open source program which looks for security vulnerabilities, code-quality, performance, and conformance to best practices in program source code. It leverages external open source programs, such as [http://findbugs.sourceforge.net/ FindBugs], [http://pmd.sourceforge.net PMD], [http://artho.com/jlint JLint], [http://javascriptlint.com/ JavaScript Lint], [http://www.icosaedro.it/phplint/ PHPLint], [http://en.wikipedia.org/wiki/Cppcheck Cppcheck], [http://en.wikipedia.org/wiki/ClamAV ClamAV], [http://en.wikipedia.org/wiki/RATS RATS], and [http://pixybox.seclab.tuwien.ac.at/ Pixy] to scan specific file types, and also contains many custom scanners developed just for Yasca. It is a command-line tool that generates reports in HTML, CSV, XML, SQLite, and other formats. Yasca is easily extensible via a plugin-based architecture, so scanning any particular file is as simple as coming up with the rules or integrating external tools.<br/>
* Yasca includes plugins for the following open-source projects:
+
* Yasca also features a simple regular-expression plugin that allows new rules to be written in less than a minute.
** FindBugs (http://findbugs.sourceforge.net/)
+
 
** PMD (http://pmd.sourceforge.net/)
+
** Jlint / antiC (http://artho.com/jlint/)
+
* Yasca also features a simple regular-expression plugin that allows new rules to be written in less than a minute. It includes many custom rules created specifically for Yasca, and additional rule-packs will be released soon.
+
 
  |-
 
  |-
  | style="width:15%; background:#7B8ABD" align="center"|'''Email Contacts'''
+
  | style="width:15%; background:#7B8ABD" align="center"|'''Key Project Information'''
  | style="width:14%; background:#cccccc" align="center"|Project Leader<br>[mailto:michael.scovetta(at)gmail.com '''Michael V. Scovetta''']
+
  | style="width:12%; background:#cccccc" align="center"|Licensed under<br>[http://en.wikipedia.org/wiki/BSD_license BSD License]<br/>[http://en.wikipedia/org/wiki/GPL_license GPL License]
  | style="width:14%; background:#cccccc" align="center"|Project Contributors<br>[mailto:name(at)name '''Name''']
+
| style="width:12%; background:#cccccc" align="center"|Project Leader<br>[mailto:michael.scovetta(at)gmail.com '''Michael V. Scovetta''']
  | style="width:14%; background:#cccccc" align="center"|[https://lists.owasp.org/mailman/listinfo/owasp-yasca-project '''Mailing List/Subscribe''']<br>[mailto:owasp-yasca-project(at)lists.owasp.org '''Mailing List/Use''']
+
  | style="width:12%; background:#cccccc" align="center"|Project Contributors<br>[mailto:name(at)name '''Name''']
  | style="width:14%; background:#cccccc" align="center"|First Reviewer<br>[mailto:name(at)name '''Name''']
+
  | style="width:12%; background:#cccccc" align="center"|Mailing List<br>[https://lists.owasp.org/mailman/listinfo/owasp-yasca-project '''To Subscribe''']<br>[mailto:owasp-yasca-project(at)lists.owasp.org '''To Use''']
  | style="width:14%; background:#cccccc" align="center"|Second Reviewer<br>[mailto:name(at)name '''Name''']<br>
+
  | style="width:12%; background:#cccccc" align="center"|First Reviewer<br>[mailto:name(at)name '''Name''']
  | style="width:15%; background:#cccccc" align="center"|OWASP Board Member<br>(if applicable)<br>[mailto:name(at)name '''Name&Email''']
+
  | style="width:12%; background:#cccccc" align="center"|Second Reviewer<br>[mailto:name(at)name '''Name''']<br>
 +
  | style="width:12%; background:#cccccc" align="center"|OWASP Board Member<br>(if applicable)<br>[mailto:name(at)name '''Name&Email''']
 
  |}
 
  |}
 
{| style="width:100%" border="0" align="center"
 
{| style="width:100%" border="0" align="center"
Line 26: Line 24:
 
  |-
 
  |-
 
  | style="width:100%; background:#cccccc" align="center"|
 
  | style="width:100%; background:#cccccc" align="center"|
Yasca is hosted on SourceForge (http://sourceforge.net/projects/yasca) with additional information at http://yasca.org.
+
Yasca is hosted on [http://sourceforge.net/projects/yasca SourceForge] and has a main project website at [http://www.yasca.org/ yasca.org].
  
 
  |}
 
  |}
Line 33: Line 31:
 
  |-
 
  |-
 
  | style="width:100%; background:#cccccc" align="center"|
 
  | style="width:100%; background:#cccccc" align="center"|
* If any, add link.
+
* [[:Category:OWASP Orizon Project|OWASP Orizon Project]]<br>
 +
* [[:Category:OWASP Code Review_Project|OWASP Code Review_Project]]
 +
* [[:Category:OWASP Open Review Project|OWASP Open Review Project]]
 
  |}
 
  |}
 
{| style="width:100%" border="0" align="center"
 
{| style="width:100%" border="0" align="center"
Line 51: Line 51:
 
  |-
 
  |-
 
  | style="width:15%; background:#7B8ABD" align="center"|'''First Review'''  
 
  | style="width:15%; background:#7B8ABD" align="center"|'''First Review'''  
  | style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Not yet''' (To update)<br>---------<br>Which status has been reached?<br>'''Alpha Status''' - (To update)<br>---------<br>[[Project Information:template Yasca Project - First Review - Self Evaluation - A|See&Edit: First Review/SelfEvaluation (A)]]
+
  | style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Yes'''<br>---------<br>Which status has been reached?<br>'''Beta Status'''<br>---------<br>[[Project Information:template Yasca Project - First Review - Self Evaluation - A|See&Edit: First Review/SelfEvaluation (A)]]
 
  | style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Not yet''' (To update)<br>---------<br>Which status has been reached?<br>'''Alpha Status''' - (To update)<br>---------<br>[[Project Information:template Yasca Project - First Review - First Reviewer - B|See&Edit: First Review/1st Reviewer (B)]]
 
  | style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Not yet''' (To update)<br>---------<br>Which status has been reached?<br>'''Alpha Status''' - (To update)<br>---------<br>[[Project Information:template Yasca Project - First Review - First Reviewer - B|See&Edit: First Review/1st Reviewer (B)]]
 
  | style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Yes/No''' (To update)<br>---------<br>Which status has been reached?<br>'''Alpha Status''' - (To update)<br>---------<br>[[Project Information:template Yasca Project - First Review - Second Reviewer - C|See&Edit: First Review/2nd Reviewer (C)]]
 
  | style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Yes/No''' (To update)<br>---------<br>Which status has been reached?<br>'''Alpha Status''' - (To update)<br>---------<br>[[Project Information:template Yasca Project - First Review - Second Reviewer - C|See&Edit: First Review/2nd Reviewer (C)]]
Line 57: Line 57:
 
  |-
 
  |-
 
  |}
 
  |}
 
 
 
[[Category:OWASP Project]]
 

Latest revision as of 21:12, 18 May 2009

PROJECT IDENTIFICATION
Project Name OWASP Yasca Project
Short Project Description
  • Yasca is an open source program which looks for security vulnerabilities, code-quality, performance, and conformance to best practices in program source code. It leverages external open source programs, such as FindBugs, PMD, JLint, JavaScript Lint, PHPLint, Cppcheck, ClamAV, RATS, and Pixy to scan specific file types, and also contains many custom scanners developed just for Yasca. It is a command-line tool that generates reports in HTML, CSV, XML, SQLite, and other formats. Yasca is easily extensible via a plugin-based architecture, so scanning any particular file is as simple as coming up with the rules or integrating external tools.
  • Yasca also features a simple regular-expression plugin that allows new rules to be written in less than a minute.
Key Project Information Licensed under
BSD License
GPL License
Project Leader
Michael V. Scovetta
Project Contributors
Name
Mailing List
To Subscribe
To Use
First Reviewer
Name
Second Reviewer
Name
OWASP Board Member
(if applicable)
Name&Email
PROJECT MAIN LINKS

Yasca is hosted on SourceForge and has a main project website at yasca.org.

RELATED PROJECTS
SPONSORS & GUIDELINES
Sponsor name, if applicable Guidelines/Roadmap
ASSESSMENT AND REVIEW PROCESS
Review/Reviewer Author's Self Evaluation
(applicable for Alpha Quality & further)
First Reviewer
(applicable for Alpha Quality & further)
Second Reviewer
(applicable for Beta Quality & further)
OWASP Board Member
(applicable just for Release Quality)
First Review Objectives & Deliveries reached?
Yes
---------
Which status has been reached?
Beta Status
---------
See&Edit: First Review/SelfEvaluation (A)
Objectives & Deliveries reached?
Not yet (To update)
---------
Which status has been reached?
Alpha Status - (To update)
---------
See&Edit: First Review/1st Reviewer (B)
Objectives & Deliveries reached?
Yes/No (To update)
---------
Which status has been reached?
Alpha Status - (To update)
---------
See&Edit: First Review/2nd Reviewer (C)
Objectives & Deliveries reached?
Yes/No (To update)
---------
Which status has been reached?
Alpha Status - (To update)
---------
See/Edit: First Review/Board Member (D)