Yasca

Yet Another Source Code Analyzer

Download .zip Download .tar.gz View on GitHub

Yasca v3.0.3

Yasca is an open source program which looks for security vulnerabilities, code-quality, performance, and conformance to best practices in program source code. It leverages external open source programs, such as FindBugs, PMD, JLint, JavaScript Lint, PHPLint, Cppcheck, ClamAV, Pixy, and RATS to scan specific file types, and also contains many custom scanners developed for Yasca.

Quick start

Versioning

For transparency and insight into our release cycle, and for striving to maintain backward compatibility, Yasca will be maintained under the Semantic Versioning guidelines as much as possible.

Releases will be numbered with the following format:

<major>.<minor>.<patch>

And constructed with the following guidelines:

  • Breaking backward compatibility bumps the major (and resets the minor and patch)
  • New additions without breaking backward compatibility bumps the minor (and resets the patch)
  • Bug fixes and misc changes bumps the patch

For more information on SemVer, please visit http://semver.org/.

File Archives

File Description
Yasca v3.x
yasca-3.0.4.zipYasca v3.0.4 (Coming Soon)
Yasca v2.x
yasca-core-2.21.zipYasca v2.2 (Core Files)
yasca-2.2-clamav.zipYasca v2.2 (ClamAV Plugin)
yasca-2.2-cppcheck.zipYasca v2.2 (CppCheck Plugin)
yasca-2.2-findbugs-plugin.zipYasca v2.2 (FindBugs Yasca Plugin)
yasca-2.2-findbugs.zipYasca v2.2 (FindBugs PLugin)
yasca-2.2-fxcop.zipYasca v2.2 (FxCop Plugin)
yasca-2.2-javascriptlint.zipYasca v2.2 (JavaScript Lint Plugin)
yasca-2.2-jlint.zipYasca v22 (J-Lint Plugin)
yasca-2.2-phplint.zipYasca v2.2 (PHP-Lint Plugin)
yasca-2.2-pixy.zipYasca v2.2 (Pixy Plugin)
yasca-2.2-pmd.zipYasca v2.2 (PMD Plugin)
yasca-2.2-rats.zipYasca v2.2 (RATS Plugin)
yasca-core-2.2.zipYasca v2.2 (Core Files) - Deprecated
yasca-2.1.zipYasca v2.1 (Core Files)
yasca-2.1-clamav.zipYasca v2.1 (ClamAV Plugin)
yasca-2.1-cppcheck.zipYasca v2.1 (CppCheck Plugin)
yasca-2.1-findbugs-plugin.zipYasca v2.1 (FindBugs Yasca Plugin)
yasca-2.1-findbugs.zipYasca v2.1 (FindBugs Plugin)
yasca-2.1-fxcop.zipYasca v2.1 (FxCop Plugin)
yasca-2.1-javascriptlint.zipYasca v2.1 (JavaScript Lint Plugin)
yasca-2.1-jlint.zipYasca v2.1 (J-Lint Plugin)
yasca-2.1-phplint.zipYasca v2.1 (PHP-Lint Plugin)
yasca-2.1-pixy.zipYasca v2.1 (Pixy Plugin)
yasca-2.1-pmd.zipYasca v2.1 (PMD Plugin)
yasca-2.1-rats.zipYasca v2.1 (RATS Plugin)
yasca-core-2.01.zipYasca v2.01 (Core Files)
Yasca v1.x
yasca-1.3.tar.gzYasca v1.3
yasca-1.3.zipYasca v1.3
yasca-1.2.tar.gzYasca v1.2
yasca-1.2.zipYasca v1.2
yasca-1.1.tar.gzYasca v1.1
yasca-1.1.zipYasca v1.1

Bug tracker

Have a bug or a feature request? Please open a new issue. Before opening any issue, please search for existing issues and read the Issue Guidelines, written by Nicolas Gallagher.

Community

Keep track of development and community news.

Thanks!

Authors

Michael Scovetta

Cory Carson

  • cory.carson [at] boeing.com

Copyright and license

Copyright (c) 2007-2013 Michael V. Scovetta michael.scovetta@gmail.com.

All rights reserved.

Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:

  • Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.

  • Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

This license applies ONLY to source code written for the Yasca project. Third-party components such as FindBugs, PMD, and others have been included for convenience but are licensed separately.