Maven support is here!
Last November, we announced that in addition to Node.js support, we were adding support for Ruby. And now it’s time to expand yet again. Today we’re excited to announce Snyk’s support for Java and other Maven supporting languages!
Keeping Java projects secure, seamlessly
We’re shipping Java support for both the CLI and the GitHub integration. Testing your GitHub repos for vulnerable Maven dependencies is as easy as clicking a button. Snyk will find any Java repositories you’re using and check each dependency against our open-source vulnerability database, which currently includes over 730 curated Maven vulnerabilities.
If a vulnerability is found (like the recent high-severity arbitrary code execution vulnerability in Struts), Snyk will alert you so that you can take the appropriate action to keep your application secure.
As with Ruby and Node.js, Snyk can also continuously monitor your repositories to make sure that if a new vulnerability is discovered sometime after your latest scan, you’ll be alerted right away.
Alternatively, you can use the CLI to incorporate Snyk into Jenkins, Travis or whatever your build tool of choice happens to be.
As always, Snyk is free for open source
Snyk’s Java integration is free for Open Source projects. We’re committed to helping to make Open Source development more secure. No matter how many projects you have, you can and should test your repos and click “Watch all” for the orgs in question.
You can celebrate your newfound security—and let others know you think security matters—by adding a GitHub badge.
Just getting started
We’ve been hearing from a lot of our users that they want Java support, and we’re excited to be adding it!
Right now, Maven is supported out of the box. You can secure your Gradle projects as well with the help of a little workaround. In the future, we’ll be making improvements there so that the Gradle experience is just as smooth.
If you’re using Java (or other languages using Maven, such as Clojure), please give the new Java features a try. If you have any feedback, good or bad, or specific requests for features that would be helpful for you, let us know. And keep your eyes on this space. We’re working on adding support for both Python and .net, with more to follow. If you’re interested in signing up for beta access for any languages, let us know. We love being able to get user feedback as we build to make Snyk as awesome as possible.
Serverless Security implications—from infra to OWASP
April 19, 2017By its very nature, Serverless (FaaS) addresses some of today's biggest security concerns but it doesn't fix it all. This post outlines the top areas where Serverless helps or hinders our security efforts, offering advice on how to address concerns and thoughts on what's to come next.
Continuously secure all apps with unlimited Snyk projects
April 05, 2017To do security well, you have to do it continuously, and here at Snyk we want to make that easy. That's why we changed our pricing, removing our project limit and letting you protect all your apps with a few small clicks!
Subscribe to The Secure Developer Podcast
A podcast about security for developers, covering tools and best practices.
Interested in web security?
Subscribe to our newsletter: