SWAMP Supports CodeSonar and Web Scripting Languages!
Today, the SWAMP released several new and exciting updates which are now available on mir-swamp.org!
- GrammaTech’s CodeSonar static analysis tool has been added to assess C/C++ packages. Users must request access, agree to the EULA, and receive permission before using this tool in the SWAMP.
- We added 9 new assessment tools for web scripting languages:
- CSS Lint (for CSS)
- HTML Tidy (for HTML and XML)
- PHPMD (for PHP)
- XML Lint (for XML)
- We added several new sample curated packages for the web scripting languages on the Resources tab under Packages.
- We added new versions and/or updates for the following assessment tools: Bandit, Flake8, Pylint, checkstyle, OWASP Dependency Check, error-prone, FindBugs, PMD.
- When adding a new package or adding a new version to an existing package, users have the option to select an archive file from the Local File System or enter an external URL and a checkout argument (branch, tag, or commit) for a Remote Git Repository.
- Improved error reporting for assessment failures. Assessments that complete with a status of “finished with errors – retry” can be re-run and should complete successfully.
- Updated the “Status.out and Debugging SWAMP Failures” document on the Help page to assist with debugging failed assessments. Failed assessments now show the contents of the status.out file at the top of the Failed Assessment Report (by clicking the “! Error” button in the Results column).
- Added a Compatibility tab to the Package Version view to show platform compatibility information for curated packages.
- The names of the statuses shown on the Results page have been updated to better indicate what is happening as assessment jobs are processed.
Let us know if you have any questions at firstname.lastname@example.org.