Hi again, > A better solution would be to have inline scanning that would alert you to > issues as your completing source code, IMO.
As I already wrote: SonarQube is open source, so you might be able to pick the security rules from their repo and implement you own for inline scanning. I did that for some rules already ( https://github.com/ChristianPervoelz/netbeans-java-hints), which might help you to create your own. There's also a bigger repo with even more examples how to implement rules: https://github.com/markiewb/nb-additional-hints Greetz -C Am Do., 18. März 2021 um 00:16 Uhr schrieb Steven Ingram < [email protected]>: > Dang. That would be much easier if their code was open source. At this > point I'll just have to stick with my Spring TS work around. > Are there open source security code scanners? Most of those fools want you > to pay for their junk. > With this particular IDE plugin scanner you have to select code or a file > less than a Meg to scan. > > A better solution would be to have inline scanning that would alert you to > issues as your completing source code, IMO. > > > Regards, > Steven > > > On Wed, Mar 17, 2021 at 4:19 PM Geertjan Wielenga > <[email protected]> wrote: > > > It will need to be recreated as a NetBeans plugin from scratch, probably > > the business logic could be reused, the UI, if any, would need to be > > rewritten in Swing. > > > > You rock too. :-) > > > > Thanks, > > > > Gj > > > > On Wed, Mar 17, 2021 at 8:58 PM Steven Ingram < > [email protected] > > > > > wrote: > > > > > Hey Y'all. I've been watching this list for a long time and I'm > hoping > > to > > > come back and actually get some work done. My day time gig has been > very > > > demanding lately. I have a question for you though. > > > > > > My employer has a contract with a security code scanning company and > that > > > company has released a plugin version of their scanner for all the best > > > IDEs (NOT). Of course Apache Netbeans is not in their support list > and I > > > loathe Eclipse and I've never wanted to pay for Jetbrains plus I've > been > > > using Netbeans for 16 years. > > > > > > My employer has noticed that I've not used the plugin (which they pay a > > > license to use) and I've bubbled straight to the top with not using my > > > license :) Geez. Anyhow I have the eclipse plugin on hand it's a jar > > > file. How difficult would it be to wire in a plugin made for Eclipse > > into > > > Netbeans? I understand this would be a costume build and I'm not > afraid > > > of that. > > > > > > Any thoughts or opinions? > > > At this point I've added the plugin to my Spring TS and used it there > to > > > appease the licensing gods that be. > > > > > > You all rock!!! > > > > > > > > > Steven Rex Ingram > > > 919-376-7363 > > > > > >
