Xanitizer free download

For this, the content of the license file has to be stored as a GitHub secret, e. After storing the content as a GitHub secret, the license can be referenced like this:. Xanitizer needs a compiled Java project, because Xanitizer does not only look at the source code, but it primarily analyzes the byte code.

As a static application security testing SAST tool, Xanitizer requires that all dependencies of analyzed artifacts can be successfully resolved. So you have to compile your project before running the security analysis, e. Xanitizer requires that all dependencies of artifacts being analyzed can be successfully resolved. To support this all used libraries have to be installed before running the security analysis, e. This action can be run on ubuntu-latest and windows-latest GitHub Actions runners.

An example workflow which runs a Xanitizer security analysis and then archives the findings list reports and uploads the findings into the GitHub code scanning alert section of your repository can be found here.

The basic configuration runs a security analysis with the Xanitizer default settings and exports a Xanitizer-Findings-List. In the basic configuration, Xanitizer exports a Xanitizer-Findings-List. To export and archive an overview report or to export and archive a findings list report in another format, you can use:. To improve the accuracy of the security analysis, the xanitizer-action can also be executed based on a Xanitizer configuration file containing project specific settings.

This configuration file can only be edited with the standalone version of Xanitizer not directly with the GitHub action. If this parameter is used, the corresponding parameter checkoutPath of this action xanitizer-action has to be set to the same value. Normally, Xanitizer will no break any build, unless the xanitizer-action is configured to do so.

See action. All output streams of the running Xanitizer installation will be redirected to the GitHub action logging framework. Furthermore, the status messages containing i.

Skip to content. Star 5. MIT License. Code Pull requests Actions Security Insights. Use this GitHub Action with your project Add this Action to an existing workflow or create a new one. Branches Tags.

To get more information about the Xanitizer licenses and how to obtain a license file, please consult Licensing and Pricing. To use this xanitizer-action in a GitHub workflow, some prerequisites have to be fullfilled. Xanitizer needs a license file to be executed. For this, the content of the license file has to be stored as a GitHub secret, e.

After storing the content as a GitHub secret, the license can be referenced like this:. Xanitizer needs a compiled Java project, because Xanitizer does not only look at the source code, but it primarily analyzes the byte code.

As a static application security testing SAST tool, Xanitizer requires that all dependencies of analyzed artifacts can be successfully resolved.

So you have to compile your project before running the security analysis, e. Xanitizer requires that all dependencies of artifacts being analyzed can be successfully resolved. To support this all used libraries have to be installed before running the security analysis, e. This action can be run on ubuntu-latest and windows-latest GitHub Actions runners.

An example workflow which runs a Xanitizer security analysis and then archives the findings list reports and uploads the findings into the GitHub code scanning alert section of your repository can be found here. The basic configuration runs a security analysis with the Xanitizer default settings and exports a Xanitizer-Findings-List.

In the basic configuration, Xanitizer exports a Xanitizer-Findings-List. To export and archive an overview report or to export and archive a findings list report in another format, you can use:. To improve the accuracy of the security analysis, the xanitizer-action can also be executed based on a Xanitizer configuration file containing project specific settings.

This configuration file can only be edited with the standalone version of Xanitizer not directly with the GitHub action. If this parameter is used, the corresponding parameter checkoutPath of this action xanitizer-action has to be set to the same value. Normally, Xanitizer will no break any build, unless the xanitizer-action is configured to do so.