rulesets.GDS.SecureCoding.xml Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of pmd-gds Show documentation
Show all versions of pmd-gds Show documentation
Custom ruleset for the open source static analysis tool PMD. The ruleset contains rules intended to identify security violations that map to the 2013 OWASP Top 10
The newest version!
<?xml version="1.0" encoding="UTF-8"?>
<ruleset name="GDS Secure Coding Ruleset"
xmlns="http://pmd.sourceforge.net/ruleset/2.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://pmd.sourceforge.net/ruleset/2.0.0 https://pmd.sourceforge.io/ruleset_2_0_0.xsd">
<description>
This file is part of the GDS PMD Secure Coding Ruleset.
This file should be used to enable/disable specific rulesets under rulesets/GDS/OWASP and rulesets/GDS/CWE
Each referenced ruleset listed below is intended to match up with the OWASP TOP 10.
</description>
<!-- refer to the ruleset file for descriptions of the rules -->
<rule ref="rulesets/GDS/CWE/cwe-0089-sql-injection.xml"/>
<rule ref="rulesets/GDS/CWE/cwe-0079-cross-site-scripting.xml"/>
<!-- May require additional configuration -->
<!-- <rule ref="rulesets/GDS/CWE/cwe-0285-improper-authorization.xml"/> -->
<rule ref="rulesets/GDS/CWE/cwe-0327-weak-cryptographic-algorithms.xml"/>
<rule ref="rulesets/GDS/CWE/cwe-0601-open-redirect.xml"/>
<rule ref="rulesets/GDS/CWE/cwe-0113-http-response-splitting.xml" />
</ruleset> © 2015 - 2025 Weber Informatics LLC | Privacy Policy