Skip to main content

Maven support is here!

Written by:

April 18, 2017

0 mins read

Last November, we announced that in addition to Node.js support, we were adding support for Ruby. And now it’s time to expand yet again. Today we’re excited to announce Snyk’s support for Java and other Maven supporting languages!

Keeping Java projects secure, seamlessly

We’re shipping Java support for both the CLI and the GitHub integration. Testing your GitHub repos for vulnerable Maven dependencies is as easy as clicking a button. Snyk will find any Java repositories you’re using and check each dependency against our open-source vulnerability database, which currently includes over 730 curated Maven vulnerabilities.

maven-github

If a vulnerability is found (like the recent high-severity arbitrary code execution vulnerability in Struts), Snyk will alert you so that you can take the appropriate action to keep your application secure.

As with Ruby and Node.js, Snyk can also continuously monitor your repositories to make sure that if a new vulnerability is discovered sometime after your latest scan, you’ll be alerted right away.

Alternatively, you can use the CLI to incorporate Snyk into Jenkins, Travis or whatever your build tool of choice happens to be.

As always, Snyk is free for open source

Snyk’s Java integration is free for Open Source projects. We’re committed to helping to make Open Source development more secure. No matter how many projects you have, you can and should test your repos and click “Watch all” for the orgs in question.

You can celebrate your newfound security—and let others know you think security matters—by adding a GitHub badge.

Just getting started

We’ve been hearing from a lot of our users that they want Java support, and we’re excited to be adding it!

Right now, Maven is supported out of the box. You can secure your Gradle projects as well with the help of a little workaround. In the future, we’ll be making improvements there so that the Gradle experience is just as smooth.

If you’re using Java (or other languages using Maven, such as Clojure), please give the new Java features a try. If you have any feedback, good or bad, or specific requests for features that would be helpful for you, let us know. And keep your eyes on this space. We’re working on adding support for both Python and .net, with more to follow. If you’re interested in signing up for beta access for any languages, let us know. We love being able to get user feedback as we build to make Snyk as awesome as possible.

State of Open Source Security Report

Snyk analyzed responses from over 500 organizations and anonymized data collected from Snyk product usage to shed light on the current security posture of OS software and trends.